acsalmeida Posted December 14, 2013 ID:764353 Share Posted December 14, 2013 OS: Upadted Windows 7 Pro (x64) Annoying Yahoo search engine in all browsers, What I've already done (all browsers):1. I did a research and tried a lot of tips, but none worked so far.2. I already tried to change the searching engine and initial web page inside the option of the browsers, there is no extensions or plugins associated with "Yahoo" or "search engine".3. I searched for "spigot" on my computer but it didn't return any results although the search field shows http://br.search.yahoo.com/?type=800236&fr=spigot-yhp-ff4. I can't see eithher "Search Settings", "Yahoo", "Baidu" or "YouTube Downloader Toolbar" in my windows control panel (Start>Control Panel>Programs/Programs and Features).5. On the processes tab of my windows task manager I don't see any files called searchsettigs.exe.6. Fact: When I delete the file "prefs.js and folder "searchplugins" (yahoo_ff.xml) from C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default and open the Firefox, everything is normal, but if I close and reopen, Yahoo is back to the search field. Thank you very much in advance Link to post Share on other sites More sharing options...
MrCharlie Posted December 14, 2013 ID:764355 Share Posted December 14, 2013 Welcome to the forum, please try this procedure: Lets clean out any adware/spyware now: (this will require a reboot so save all your work) Please download AdwCleaner by Xplode and save to your Desktop. Make sure you click on download buttons that look similar to this, not "sponsored ad links": Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As AdministratorClick on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.When it's done you'll see: Pending: Please uncheck elements you don't want removed.Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.Look over the log especially under Files/Folders for any program you want to save.If there's a program you may want to save, just uncheck it from AdwCleaner.If you're not sure, post the log for review. (all items found are adware/spyware/foistware)If you're ready to clean it all up.....click the Clean button.After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A copy of that logfile will also be saved in the C:\AdwCleaner folder.Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\QuarantineTo restore an item that has been deleted:Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.Then.................. Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal. Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report. Make sure that everything is checked, and click Remove Selected. Please let me know how computer is running now, MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764382 Share Posted December 14, 2013 # AdwCleaner v3.015 - Report created 14/12/2013 at 12:31:54# Updated 10/12/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : ACSA - ACSA-PC# Running from : C:\Users\ACSA\Desktop\adwcleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v25.0.1 (pt-BR) [ File : C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [880 octets] - [14/12/2013 12:30:09]AdwCleaner[s0].txt - [802 octets] - [14/12/2013 12:31:54] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [861 octets] ########## =================================================================================== Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Versão da Base de Dados: v2013.12.14.03 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476ACSA :: ACSA-PC [administrador] 14/12/2013 12:38:32mbam-log-2013-12-14 (12-38-32).txt Tipo de Verificação: Verificação Rápida Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUMOpções de verificação desativadas: P2PObjetos escaneados: 228768Tempo decorrido: 7 minuto(s), 34 segundo(s) Processos de Memória Detectados: 0(Não foram detectados ítens maliciosos) Módulos de Memória Detectados: 0(Não foram detectados ítens maliciosos) Chaves de Registro Detectadas: 0(Não foram detectados ítens maliciosos) Valores de Registro Detectadas: 0(Não foram detectados ítens maliciosos) Itens de Dados no Registro Detectadas: 0(Não foram detectados ítens maliciosos) Pastas Detectadas: 0(Não foram detectados ítens maliciosos) Arquivos Detectados: 0(Não foram detectados ítens maliciosos) (fim) =================================================================================== Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764386 Share Posted December 14, 2013 The search engine Yahoo is still there Link to post Share on other sites More sharing options...
MrCharlie Posted December 14, 2013 ID:764388 Share Posted December 14, 2013 Run this scan: Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764459 Share Posted December 14, 2013 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.8 (11.05.2013:1)OS: Windows 7 Professional x64Ran by ACSA on 14/12/2013 at 13:36:40,27~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 14/12/2013 at 13:59:01,73End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764466 Share Posted December 14, 2013 MrCharlie, on "Checking Module" A bad module has been detected and asked me to reboot now ou later, I rebooted.The Yahoo still there I run the program again, the same bad module again and asked me to reboot, but this time I didn't. the program finish the scan and the result is above.The Yahoo still there Link to post Share on other sites More sharing options...
MrCharlie Posted December 14, 2013 ID:764468 Share Posted December 14, 2013 OK.....run this scan and post the logs.... Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?) Please make sure you click download buttons that look similar to this, not "sponsored ad links": Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764488 Share Posted December 14, 2013 Here we go...FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01Ran by ACSA (administrator) on ACSA-PC on 14-12-2013 17:53:38Running from C:\Users\ACSA\DesktopWindows 7 Professional Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe() C:\Program Files\Macrium\Reflect\ReflectService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe(Dropbox, Inc.) C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-10-05] (Realtek Semiconductor)HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-10-05] (Realtek Semiconductor)HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1612504 2013-11-11] (COMODO)HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)HKCU\...\Run: [FMCore.exe] - C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe [9440256 2012-12-11] (Celartem, Inc., doing business as Extensis.)HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)HKCU\...\Run: [Google Update] - C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-14] (Google Inc.)HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1HKCU\...\Policies\Explorer: [] HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a8726356-a695-4a0f-a368-9e52a6bc90b3.exe [180184 2013-11-23] (AVAST Software)HKLM-x32\...\Run: [tvncontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-12-13] (Comodo Security Solutions, Inc.)HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.com/?type=800236&fr=spigot-yhp-ieHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE89D256EDC92CD01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-brURLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No FileStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyE0A0Fzz0AtAzztD0DtA0EtN0D0Tzu0StByDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1155018486SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}SearchScopes: HKCU - DefaultScope {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cabDPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} http://marahu.dvrdns.org:3130/webrec.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 187.22.0.61 187.22.0.66Tcpip\..\Interfaces\{A014895A-EA50-48E7-B92D-4BA595890AA7}: [NameServer]187.22.0.61,187.22.0.66 FireFox:========FF ProfilePath: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.defaultFF SelectedSearchEngine: GoogleFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: gastecnologia.com.br/sf/abn - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)FF SearchPlugin: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xmlFF Extension: Ads Removal - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\adsremoval@adsremoval.netFF Extension: Advanced SystemCare Surfing Protection - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\ascsurfingprotection@iobit.comFF Extension: support - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\support@real-hide-ip.com.xpiFF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FFFF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpiFF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi Chrome: =======CHR DefaultSearchKeyword: yahoo.com searchCHR DefaultSearchProvider: YahooCHR DefaultSearchURL: http://br.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=800236&p={searchTerms}CHR DefaultNewTabURL: CHR Extension: (Google Drive) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1CHR Extension: (Google Wallet) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1CHR Extension: (Gmail) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crxCHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crxCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-12-13] (Comodo Security Solutions, Inc.)R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-19] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO)R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2013-11-11] ()R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2013-10-05] (DTS)R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [409144 2013-08-19] (GAS Tecnologia)R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-12-13] (Comodo Security Solutions, Inc.)R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-01] ()R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) ==================== Drivers (Whitelisted) ==================== S3 AIDA64Driver; No ImagePathR1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows ® Win 7 DDK provider)R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [709144 2013-11-14] (COMODO)R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48872 2013-09-24] (COMODO)S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-15] (DT Soft Ltd)S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-07] ()R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-09-24] (COMODO)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-14 17:53 - 2013-12-14 17:53 - 00034299 _____ C:\Users\ACSA\Desktop\FRST.txt2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST2013-12-14 17:51 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Desktop\FRST64.exe2013-12-14 16:39 - 2013-12-14 16:39 - 00000000 ____H C:\ProgramData\cm-lock2013-12-14 13:12 - 2013-12-14 13:12 - 01034531 _____ (Thisisu) C:\Users\ACSA\Desktop\JRT.exe2013-12-14 12:30 - 2013-12-14 12:31 - 00000000 ____D C:\AdwCleaner2013-12-14 11:57 - 2013-12-14 11:58 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe2013-12-14 11:32 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip2013-12-14 09:50 - 2013-12-14 16:38 - 00000840 _____ C:\Windows\setupact.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log2013-12-14 09:18 - 2013-12-14 09:28 - 00000000 ____D C:\ProgramData\HitmanPro2013-12-14 09:18 - 2013-12-14 09:19 - 00000000 ____D C:\Program Files\HitmanPro2013-12-14 09:16 - 2013-12-14 09:17 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe2013-12-13 11:14 - 2013-12-14 11:35 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip2013-12-13 10:23 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Desktop\adwcleaner.exe2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt2013-12-12 16:38 - 2013-12-12 16:39 - 00000000 ___SD C:\ComboFix2013-12-12 16:35 - 2013-12-12 17:55 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz2013-12-12 16:04 - 2013-12-14 11:58 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2013-12-12 00:18 - 2013-12-12 00:19 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe2013-12-11 21:40 - 2013-12-14 16:44 - 00373793 _____ C:\Windows\WindowsUpdate.log2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg2013-12-10 21:53 - 2013-05-10 03:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2013-12-10 21:53 - 2013-05-10 03:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2013-12-10 21:53 - 2013-05-10 02:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2013-12-10 21:53 - 2013-05-10 02:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2013-12-10 21:52 - 2013-11-26 09:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-12-10 21:52 - 2013-11-26 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-12-10 21:52 - 2013-11-26 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-12-10 21:52 - 2013-11-26 08:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-12-10 21:52 - 2013-11-26 07:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-12-10 21:52 - 2013-11-26 07:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-12-10 21:52 - 2013-11-26 07:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-12-10 21:52 - 2013-11-26 07:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-12-10 21:52 - 2013-11-26 07:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-12-10 21:52 - 2013-11-26 07:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-12-10 21:52 - 2013-11-26 07:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-12-10 21:52 - 2013-11-26 07:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-12-10 21:52 - 2013-11-26 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-12-10 21:52 - 2013-11-26 07:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-12-10 21:52 - 2013-11-26 06:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-12-10 21:52 - 2013-11-26 06:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-12-10 21:52 - 2013-11-26 06:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-12-10 21:52 - 2013-11-26 06:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-12-10 21:52 - 2013-11-26 06:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-12-10 21:52 - 2013-11-26 06:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-12-10 21:52 - 2013-11-26 06:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-12-10 21:52 - 2013-11-26 06:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-12-10 21:52 - 2013-11-26 05:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-12-10 21:52 - 2013-11-26 05:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-12-10 21:52 - 2013-11-26 05:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-12-10 21:52 - 2013-11-26 05:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-12-10 21:52 - 2013-11-26 04:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-12-10 21:52 - 2013-11-26 04:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-12-10 21:52 - 2013-11-26 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-12-10 21:52 - 2013-11-26 04:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-12-10 21:52 - 2013-11-26 04:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-12-10 21:49 - 2013-11-23 16:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2013-12-10 21:49 - 2013-11-23 15:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2013-12-10 21:49 - 2013-10-30 00:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll2013-12-10 21:49 - 2013-10-30 00:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll2013-12-10 21:49 - 2013-10-29 23:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-12-10 21:49 - 2013-10-19 00:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2013-12-10 21:49 - 2013-10-18 23:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll2013-12-10 21:48 - 2013-11-12 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-12-10 21:48 - 2013-11-12 00:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2013-12-10 21:48 - 2013-10-12 00:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2013-12-10 21:48 - 2013-10-12 00:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2013-12-10 21:48 - 2013-10-12 00:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx2013-12-10 21:48 - 2013-10-12 00:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll2013-12-10 21:48 - 2013-10-11 23:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2013-12-10 21:48 - 2013-10-11 23:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2013-12-10 21:48 - 2013-10-11 23:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe2013-12-10 21:48 - 2013-10-11 23:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe2013-12-10 21:48 - 2013-10-04 00:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2013-12-10 21:48 - 2013-10-03 23:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-12-10 18:24 - 2013-12-10 18:27 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT2013-12-10 11:55 - 2013-12-10 11:42 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe2013-12-10 11:45 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe2013-12-10 11:30 - 2013-12-10 11:31 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe2013-12-07 19:12 - 2013-12-08 07:44 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations2013-12-07 19:08 - 2013-12-07 19:09 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip2013-12-07 09:51 - 2013-06-06 18:41 - 00489392 _____ (Ask Partner Network) C:\Users\ACSA\Documents\APNSetup1.exe2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP2013-12-07 08:56 - 2013-12-07 08:55 - 04034166 ____R (Friends in War) C:\Users\ACSA\Desktop\Real Hide IP v4.2.9.6 (1-click run)(registered).exe2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)2013-12-07 08:51 - 2013-12-07 08:51 - 00923784 _____ (CNET Download.com) C:\Users\ACSA\Downloads\cbsidlm-cbsi145-Real_Hide_IP-ORG-10907662.exe2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt2013-12-04 10:10 - 2013-12-04 11:00 - 25095200 _____ (IObit ) C:\Users\ACSA\Downloads\imf-setup.exe2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-12-04 08:10 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH2013-12-04 08:04 - 2013-12-04 08:28 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe2013-12-03 00:03 - 2013-10-30 15:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2013-12-03 00:03 - 2013-10-30 15:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs2013-12-01 08:21 - 2013-12-10 09:11 - 00000000 ____D C:\Users\Public\Documents\Lightworks2013-12-01 08:21 - 2013-12-01 08:30 - 00000000 ____D C:\Program Files (x86)\Lightworks2013-12-01 08:14 - 2013-12-01 08:16 - 154323168 _____ (Online Media Technologies Ltd. ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe2013-11-29 23:26 - 2013-12-01 07:35 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit2013-11-29 20:38 - 2013-12-02 15:42 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis52013-11-29 20:30 - 2013-12-02 10:57 - 00000000 ____D C:\ProgramData\Abvent2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent2013-11-29 20:08 - 2013-11-29 20:37 - 00000000 ____D C:\Program Files\Artlantis Studio 52013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA2013-11-26 18:43 - 2013-11-26 18:43 - 00001165 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}2013-11-23 20:36 - 2013-12-07 08:57 - 00003266 _____ C:\Windows\system32\Drivers\fvstore.dat2013-11-23 20:34 - 2013-11-23 20:36 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win642013-11-23 18:23 - 2013-11-23 19:18 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip2013-11-21 10:40 - 2013-11-21 10:41 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia ) C:\Users\ACSA\Downloads\gbplugin2.exe2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip2013-11-20 13:23 - 2013-11-11 13:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2013-11-20 13:23 - 2013-11-11 13:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2013-11-20 13:23 - 2013-11-11 13:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin2013-11-20 13:23 - 2013-11-11 13:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2013-11-20 13:23 - 2013-11-11 13:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2013-11-20 13:23 - 2013-11-11 13:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2013-11-20 13:21 - 2013-11-14 09:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-11-20 13:21 - 2013-11-14 09:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-11-20 13:21 - 2013-11-14 09:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-11-20 13:21 - 2013-11-14 09:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-11-20 13:21 - 2013-11-14 09:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2013-11-20 13:21 - 2013-11-14 09:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-11-20 13:21 - 2013-11-14 09:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-11-20 13:21 - 2013-11-14 09:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-11-20 13:21 - 2013-11-14 09:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-11-20 13:21 - 2013-11-14 09:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2013-11-20 13:21 - 2013-11-14 09:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb2013-11-19 13:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey.htm2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey_files2013-11-18 13:08 - 2013-11-18 13:09 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe2013-11-16 11:44 - 2013-11-16 11:45 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip2013-11-16 10:57 - 2013-11-16 10:58 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp42013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI2013-11-15 08:02 - 2013-11-15 08:03 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls2013-11-14 08:52 - 2013-11-14 08:53 - 28436064 _____ (ofcdesk, llc ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764490 Share Posted December 14, 2013 ==================== One Month Modified Files and Folders ======= 2013-12-14 17:53 - 2013-12-14 17:53 - 00034299 _____ C:\Users\ACSA\Desktop\FRST.txt2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST2013-12-14 17:50 - 2013-12-14 17:51 - 01927796 _____ (Farbar) C:\Users\ACSA\Desktop\FRST64.exe2013-12-14 17:50 - 2013-12-14 11:32 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe2013-12-14 17:49 - 2012-09-14 23:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-12-14 17:48 - 2012-09-15 01:02 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job2013-12-14 16:47 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-12-14 16:47 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-12-14 16:44 - 2013-12-11 21:40 - 00373793 _____ C:\Windows\WindowsUpdate.log2013-12-14 16:44 - 2009-07-14 03:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI2013-12-14 16:42 - 2012-09-16 09:16 - 00000000 ____D C:\Program Files (x86)\Steam2013-12-14 16:41 - 2013-01-09 07:37 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Dropbox2013-12-14 16:39 - 2013-12-14 16:39 - 00000000 ____H C:\ProgramData\cm-lock2013-12-14 16:39 - 2012-09-17 16:23 - 00000010 _____ C:\Users\ACSA\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D302013-12-14 16:39 - 2012-09-17 16:23 - 00000010 _____ C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C962013-12-14 16:38 - 2013-12-14 09:50 - 00000840 _____ C:\Windows\setupact.log2013-12-14 16:38 - 2013-10-05 10:03 - 00000282 _____ C:\Windows\Tasks\Driver Booster Update.job2013-12-14 16:38 - 2012-09-14 23:41 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-12-14 16:38 - 2012-09-14 23:03 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini2013-12-14 16:37 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-12-14 14:52 - 2012-09-14 23:40 - 00000000 ____D C:\Program Files (x86)\Google2013-12-14 13:36 - 2013-08-02 14:37 - 03891200 ___SH C:\Users\ACSA\Downloads\Thumbs.db2013-12-14 13:12 - 2013-12-14 13:12 - 01034531 _____ (Thisisu) C:\Users\ACSA\Desktop\JRT.exe2013-12-14 12:31 - 2013-12-14 12:30 - 00000000 ____D C:\AdwCleaner2013-12-14 11:58 - 2013-12-14 11:57 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe2013-12-14 11:58 - 2013-12-12 16:04 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt2013-12-14 11:35 - 2013-12-13 11:14 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe2013-12-14 10:24 - 2012-10-16 09:48 - 00019968 ___SH C:\Users\ACSA\Thumbs.db2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log2013-12-14 09:47 - 2013-03-10 10:53 - 00000000 ____D C:\ProgramData\GAS Tecnologia2013-12-14 09:44 - 2012-09-15 07:03 - 00000000 ____D C:\Users\ACSA\AppData\Local\CrashDumps2013-12-14 09:28 - 2013-12-14 09:18 - 00000000 ____D C:\ProgramData\HitmanPro2013-12-14 09:19 - 2013-12-14 09:18 - 00000000 ____D C:\Program Files\HitmanPro2013-12-14 09:17 - 2013-12-14 09:16 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe2013-12-14 09:15 - 2012-09-15 01:02 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job2013-12-13 21:58 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe2013-12-13 15:52 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex02013-12-13 15:47 - 2012-09-15 01:02 - 00000000 ____D C:\Program Files (x86)\Origin2013-12-13 14:58 - 2012-09-15 00:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe2013-12-13 11:30 - 2013-07-26 16:02 - 00000000 ____D C:\Users\ACSA\AppData\Local\Deployment2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip2013-12-13 10:47 - 2013-01-12 07:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-12-13 10:30 - 2012-09-15 18:56 - 00000000 ____D C:\ProgramData\GbPlugin2013-12-13 10:22 - 2013-12-13 10:23 - 01226802 _____ C:\Users\ACSA\Desktop\adwcleaner.exe2013-12-13 10:22 - 2013-12-10 11:45 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt2013-12-12 17:55 - 2013-12-12 16:35 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz2013-12-12 16:39 - 2013-12-12 16:38 - 00000000 ___SD C:\ComboFix2013-12-12 12:56 - 2013-10-02 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Battlefield 42013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2013-12-12 00:19 - 2013-12-12 00:18 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg2013-12-11 19:33 - 2013-06-25 10:23 - 00000000 ____D C:\Users\ACSA\Documents\BIMx2013-12-11 19:33 - 2012-09-15 21:55 - 00000000 ____D C:\Users\ACSA\Graphisoft2013-12-11 19:33 - 2012-09-15 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Corel2013-12-11 19:03 - 2013-09-22 09:09 - 00000000 _____ C:\Windows\Path.idx2013-12-11 19:02 - 2013-09-22 09:09 - 00867360 _____ C:\Windows\PE_Rom.dll2013-12-10 22:41 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache2013-12-10 22:15 - 2009-07-14 02:45 - 05162600 _____ C:\Windows\system32\FNTCACHE.DAT2013-12-10 21:52 - 2013-07-30 10:19 - 00000000 ____D C:\Windows\system32\MRT2013-12-10 21:49 - 2012-09-14 23:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-12-10 18:56 - 2013-11-05 11:36 - 00000000 ____D C:\Qoobox(1)2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-12-10 18:27 - 2013-12-10 18:24 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi2013-12-10 17:00 - 2013-06-17 16:27 - 00000497 _____ C:\Users\ACSA\Downloads\QUEM INCOMODA.txt2013-12-10 12:55 - 2013-05-18 16:54 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Skype2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT2013-12-10 11:42 - 2013-12-10 11:55 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe2013-12-10 11:31 - 2013-12-10 11:30 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe2013-12-10 09:11 - 2013-12-01 08:21 - 00000000 ____D C:\Users\Public\Documents\Lightworks2013-12-10 09:09 - 2012-12-03 14:05 - 00000029 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak2013-12-10 09:09 - 2009-07-14 00:34 - 00480308 _____ C:\Windows\system32\Drivers\etc\hosts_PTBackup.bak2013-12-10 08:39 - 2013-04-10 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe2013-12-09 07:34 - 2013-09-04 09:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird2013-12-08 07:44 - 2013-12-07 19:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations2013-12-07 19:09 - 2013-12-07 19:08 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP2013-12-07 08:57 - 2013-11-23 20:36 - 00003266 _____ C:\Windows\system32\Drivers\fvstore.dat2013-12-07 08:55 - 2013-12-07 08:56 - 04034166 ____R (Friends in War) C:\Users\ACSA\Desktop\Real Hide IP v4.2.9.6 (1-click run)(registered).exe2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)2013-12-07 08:51 - 2013-12-07 08:51 - 00923784 _____ (CNET Download.com) C:\Users\ACSA\Downloads\cbsidlm-cbsi145-Real_Hide_IP-ORG-10907662.exe2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt2013-12-05 08:39 - 2012-09-18 10:11 - 00001456 _____ C:\Users\ACSA\AppData\Local\Adobe Save for Web 13.0 Prefs2013-12-04 11:00 - 2013-12-04 10:10 - 25095200 _____ (IObit ) C:\Users\ACSA\Downloads\imf-setup.exe2013-12-04 08:28 - 2013-12-04 08:04 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-12-04 08:11 - 2013-12-04 08:10 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH2013-12-04 08:10 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe2013-12-03 08:44 - 2012-09-14 23:41 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-12-03 08:44 - 2012-09-14 23:41 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-12-03 00:09 - 2013-11-13 12:59 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA Corporation2013-12-03 00:09 - 2013-10-02 21:13 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA2013-12-03 00:04 - 2013-10-04 09:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2013-12-03 00:04 - 2012-09-14 23:09 - 00000000 ____D C:\ProgramData\NVIDIA2013-12-03 00:03 - 2012-12-18 13:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2013-12-03 00:03 - 2012-09-14 23:06 - 00000000 ____D C:\Program Files\NVIDIA Corporation2013-12-02 15:42 - 2013-11-29 20:38 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis52013-12-02 10:57 - 2013-11-29 20:30 - 00000000 ____D C:\ProgramData\Abvent2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software2013-12-01 13:41 - 2012-09-15 22:54 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar2013-12-01 10:07 - 2012-09-14 23:18 - 00766336 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK2013-12-01 08:30 - 2013-12-01 08:21 - 00000000 ____D C:\Program Files (x86)\Lightworks2013-12-01 08:30 - 2012-09-14 22:34 - 00000000 ____D C:\Users\ACSA2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs2013-12-01 08:16 - 2013-12-01 08:14 - 154323168 _____ (Online Media Technologies Ltd. ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe2013-12-01 07:45 - 2013-07-10 17:03 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys2013-12-01 07:45 - 2013-07-10 17:03 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys2013-12-01 07:45 - 2013-01-12 07:44 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2013-12-01 07:45 - 2013-01-12 07:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2013-12-01 07:45 - 2013-01-12 07:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys2013-12-01 07:43 - 2012-09-15 01:02 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA2013-12-01 07:43 - 2012-09-15 01:02 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core2013-12-01 07:35 - 2013-11-29 23:26 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu2013-12-01 07:30 - 2013-01-12 07:44 - 00000000 ____D C:\ProgramData\AVAST Software2013-12-01 07:29 - 2013-01-12 07:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt2013-11-30 06:46 - 2013-08-20 11:29 - 00000000 ____D C:\Users\ACSA\Downloads\20 Historic Black and White Photos Colorized2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit2013-11-29 20:37 - 2013-11-29 20:08 - 00000000 ____D C:\Program Files\Artlantis Studio 52013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent2013-11-29 14:56 - 2013-10-28 18:17 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2013-11-29 14:56 - 2013-10-28 18:17 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2013-11-29 09:16 - 2012-09-15 00:22 - 00000000 ____D C:\Users\ACSA\AppData\Local\Adobe2013-11-26 18:55 - 2012-09-15 03:22 - 00000000 ____D C:\Windows\Panther2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA2013-11-26 18:43 - 2013-11-26 18:43 - 00001165 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\IObit2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\ProgramData\IObit2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\Program Files (x86)\IObit2013-11-26 09:54 - 2013-12-10 21:52 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-11-26 08:19 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-11-26 08:18 - 2013-12-10 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-11-26 08:11 - 2013-12-10 21:52 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-11-26 07:48 - 2013-12-10 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-11-26 07:46 - 2013-12-10 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-11-26 07:41 - 2013-12-10 21:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-11-26 07:29 - 2013-12-10 21:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-11-26 07:27 - 2013-12-10 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-11-26 07:23 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-11-26 07:21 - 2013-12-10 21:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-11-26 07:18 - 2013-12-10 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-11-26 07:18 - 2013-12-10 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-11-26 07:16 - 2013-12-10 21:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-11-26 06:57 - 2013-12-10 21:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-11-26 06:38 - 2013-12-10 21:52 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-11-26 06:38 - 2013-12-10 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-11-26 06:35 - 2013-12-10 21:52 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-11-26 06:32 - 2013-12-10 21:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-11-26 06:28 - 2013-12-10 21:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-11-26 06:16 - 2013-12-10 21:52 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-11-26 06:02 - 2013-12-10 21:52 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-11-26 05:48 - 2013-12-10 21:52 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-11-26 05:32 - 2013-12-10 21:52 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-11-26 05:26 - 2013-12-10 21:52 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-11-26 05:07 - 2013-12-10 21:52 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-11-26 04:40 - 2013-12-10 21:52 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-11-26 04:34 - 2013-12-10 21:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-11-26 04:34 - 2013-12-10 21:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-11-26 04:33 - 2013-12-10 21:52 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-11-26 04:27 - 2013-12-10 21:52 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-11-23 20:36 - 2013-11-23 20:34 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win642013-11-23 19:18 - 2013-11-23 18:23 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip2013-11-23 16:26 - 2013-12-10 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2013-11-23 15:47 - 2013-12-10 21:49 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2013-11-21 10:41 - 2013-11-21 10:40 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia ) C:\Users\ACSA\Downloads\gbplugin2.exe2013-11-21 08:51 - 2013-10-28 15:51 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\NVIDIA2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip2013-11-19 15:20 - 2012-09-14 22:34 - 00001417 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-19 15:15 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-19 13:11 - 2012-09-14 23:18 - 00001945 _____ C:\Windows\epplauncher.mif2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files\Microsoft Security Client2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client2013-11-19 08:21 - 2010-11-21 01:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey.htm2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey_files2013-11-18 13:09 - 2013-11-18 13:08 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe2013-11-16 11:45 - 2013-11-16 11:44 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip2013-11-16 10:58 - 2013-11-16 10:57 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp42013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI2013-11-15 08:03 - 2013-11-15 08:02 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls2013-11-14 09:55 - 2013-11-20 13:21 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-11-14 09:55 - 2013-11-20 13:21 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-11-14 09:55 - 2013-11-20 13:21 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-11-14 09:55 - 2013-11-20 13:21 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-11-14 09:55 - 2013-11-20 13:21 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2013-11-14 09:55 - 2013-11-20 13:21 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-11-14 09:55 - 2013-11-20 13:21 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-11-14 09:55 - 2013-11-20 13:21 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-11-14 09:55 - 2013-11-20 13:21 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-11-14 09:55 - 2013-11-20 13:21 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-11-14 09:55 - 2013-11-20 13:21 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-11-14 09:55 - 2013-11-20 13:21 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-11-14 09:55 - 2013-11-20 13:21 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-11-14 09:55 - 2013-11-20 13:21 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-11-14 09:55 - 2013-11-20 13:21 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2013-11-14 09:55 - 2013-11-20 13:21 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00023754 _____ C:\Windows\system32\nvinfo.pb2013-11-14 09:38 - 2013-09-24 12:54 - 00709144 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys2013-11-14 09:38 - 2013-09-24 12:53 - 00043216 _____ (COMODO) C:\Windows\system32\cmdcsr.dll2013-11-14 08:53 - 2013-11-14 08:52 - 28436064 _____ (ofcdesk, llc ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe Some content of TEMP:====================C:\Users\ACSA\AppData\Local\Temp\ntdll_dump.dllC:\Users\ACSA\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-10 13:48 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764492 Share Posted December 14, 2013 Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01Ran by ACSA at 2013-12-14 17:54:32Running from C:\Users\ACSA\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} ==================== Installed Programs ====================== Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.1)Adobe AIR (x32 Version: 3.1.0.4880)Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)Adobe Help Manager (x32 Version: 4.0.244)Adobe Illustrator CS6 (x32 Version: 16.0)Adobe InDesign CS6 (x32 Version: 8.0)Adobe Photoshop CC (x32 Version: 14.0)Adobe Photoshop CS5.1 (x32 Version: 12.1)Advanced SystemCare 7 (x32 Version: 7.0.6)AI Suite II (x32 Version: 1.01.14)Akamai NetSession Interface (HKCU)AmpliTube 3 version 3.9.0 (Version: 3.9.0)Apple Mobile Device Support (Version: 6.1.0.13)Apple Software Update (x32 Version: 2.1.3.127)ArchiCAD 16 INT (Version: 16.0)ArchiCAD 17 (x32)ArchiCAD 17 INT (Version: 17.0)ArchiCAD 17 USA (Version: 17.0)Artlantis Studio 5.0.2.3 (64 bit) (Version: 5.0.2.3)ASIO4ALL (x32 Version: 2.11 Beta1)ASUS PC Diagnostics (x32 Version: 1.1.2)AutoCAD 2014 Language Pack - English (Version: 19.1.18.0)AutoCAD Architecture 2012 - English (Version: 6.7.49.0)AutoCAD Architecture 2012 Language Pack - English (Version: 18.2.51.0)Autodesk 360 (Version: 4.0.27.1)Autodesk App Manager (x32 Version: 1.1.0)Autodesk AutoCAD 2014 - English (Version: 19.1.18.0)Autodesk Content Service (x32 Version: 3.1.3.0)Autodesk Content Service Language Pack (x32 Version: 3.1.3.0)Autodesk Featured Apps (x32 Version: 1.1.0)Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)Autodesk Material Library 2012 (x32 Version: 2.5.0.8)Autodesk Material Library 2014 (x32 Version: 4.0.19.0)Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8)Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0)Autodesk ReCap (Version: 1.0.43.13)Autodesk ReCap Language Pack-English (Version: 1.0.43.13)avast! Free Antivirus (x32 Version: 9.0.2008)AVS Video ReMaker 4.1.3.149 (x32 Version: 4.1.3.149)Battlefield 4™ (x32 Version: 1.0.0.1)Battlelog Web Plugins (x32 Version: 2.3.2)Bluetooth Win7 Suite (64) (Version: 7.2.0.40)Bonjour (Version: 3.0.0.10)CameraHelperMsi (x32 Version: 13.51.815.0)CCleaner (Version: 4.01)CodeMeter Runtime Kit v5.00a (Version: 5.00.1062.501)Comodo Dragon (x32 Version: 30.0.0.0)COMODO Firewall (Version: 6.3.32439.2937)Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)Corel Graphics - Windows Shell Extension (Version: 16.0.707)Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707)CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.0.0.707)CorelDRAW Graphics Suite X6 (x64) (Version: 16.0)CrystalDiskInfo 5.0.5 (x32 Version: 5.0.5)D3DX10 (x32 Version: 15.4.2368.0902)DAEMON Tools Lite (x32 Version: 4.45.4.0316)Driver Booster (x32 Version: 1.0)Dropbox (HKCU Version: 2.0.22)Easy CD-DA Extractor 16 (x32 Version: 16.0.8)EPSON Printer SoftwareerLT (x32 Version: 1.20.138.34)ESN Sonar (x32 Version: 0.70.4)Extensis Suitcase Fusion 4 (x32 Version: 15.0.5)EZ Vinyl/Tape Converter by Ion Audio 11.5.0 (x32 Version: 11.5.0)EZXDfh (x32 Version: 1.0)EZXMetalMachine (x32 Version: 1.0.0)FARO LS 1.1.406.58 (x32 Version: 4.6.58.2)FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630)FL Studio 11 (x32)FlowStone FL 3.0 (x32)Galeria de Fotos (x32 Version: 16.4.3508.0205)GeekBuddy (Version: 4.10.79)GeForce Experience NvStream Client Components (Version: 1.6.28)Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64)Google Chrome (HKCU Version: 31.0.1650.63)Google Earth (x32 Version: 7.1.2.2041)Google Talk Plugin (x32 Version: 4.9.1.16010)Google Toolbar for Internet Explorer (x32 Version: 1.0.0)Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320)Google Update Helper (x32 Version: 1.3.22.3)HD Tune 2.55 (x32)HiJackThis (x32 Version: 1.0.0)HitmanPro 3.7 (Version: 3.7.8.208)IL Download Manager (x32)IL Shared Libraries (x32)Intel® Management Engine Components (x32 Version: 7.0.0.1144)Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)Intel® Rapid Storage Technology (x32 Version: 10.1.0.1008)Intel® Watchdog Timer Driver (Intel® WDT) (x32)Intelbras (x32)IObit Malware Fighter (x32 Version: 2.2)IObit Uninstaller (x32 Version: 3.0.4.1082)IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (x32 Version: 1.0)iTunes (Version: 11.0.4.4)Java 7 Update 45 (x32 Version: 7.0.450)Java Auto Updater (x32 Version: 2.1.9.8)Java 6 Update 32 (x32 Version: 6.0.320)Java 7 Update 5 (64-bit) (Version: 7.0.50)JDiskReport 1.4.0 (x32 Version: 1.4.0 (2012-01-20 11:38:43))JMicron JMB36X Driver (x32 Version: 1.17.58.2)jv16 PowerTools 2012 (x32 Version: )Kaspersky Security Scan (x32 Version: 12.0.1.340)KORG AudioGate (x32 Version: 2.3.3)LibreOffice 3.6 (x32 Version: 3.6.1.2)Lightworks (x32 Version: 11.1.1.0)Logitech Gaming Software 5.10 (Version: 5.10.127)Logitech SetPoint 6.32 (Version: 6.32.20)Logitech Webcam Software (x32 Version: 2.51)LWS Facebook (x32 Version: 13.50.854.0)LWS Gallery (x32 Version: 13.51.827.0)LWS Help_main (x32 Version: 13.51.828.0)LWS Launcher (x32 Version: 13.51.828.0)LWS Pictures And Video (x32 Version: 13.51.815.0)LWS Twitter (x32 Version: 13.30.1346.0)LWS Webcam Software (x32 Version: 13.51.815.0)LWS WLM Plugin (x32 Version: 1.30.1201.0)LWS YouTube Plugin (x32 Version: 13.31.1038.0)Macrium Reflect Free Edition (Version: 5.0.5154)Malwarebytes Anti-Malware versão 1.75.0.1300 (x32 Version: 1.75.0.1300)marvell 91xx driver (x32 Version: 1.0.0.1051)Media Player Codec Pack 4.2.9 (x32 Version: 4.2.9)Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319)Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319)Microsoft .NET Framework 4.5 (Version: 4.5.50709)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Security Client (Version: 4.4.0304.0)Microsoft Security Essentials (Version: 4.4.304.0)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729)Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729)Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)MiniTool Partition Wizard Home Edition 7.6.1 (x32)Módulo de Proteção Banco Santander 3.4.3.1 (x32 Version: Módulo de Proteção Banco Santander (Brasil) S.A.)Movie Maker (x32 Version: 16.4.3508.0205)Mozilla Firefox 25.0.1 (x86 pt-BR) (x32 Version: 25.0.1)Mozilla Maintenance Service (x32 Version: 24.0.1)Mozilla Thunderbird 24.0.1 (x86 pt-BR) (x32 Version: 24.0.1)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT110 (x32 Version: 16.4.1108.0727)MSVCRT110_amd64 (Version: 16.4.1109.0912)Native Instruments Controller Editor (Version: 1.3.5.667)Native Instruments Controller Editor (x32)Native Instruments Guitar Rig 5 (Version: 5.0.2.2476)Native Instruments Guitar Rig 5 (x32)Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)Native Instruments Guitar Rig Mobile I/O (x32)Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)Native Instruments Guitar Rig Session I/O (x32)Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)Native Instruments Rig Kontrol 3 (x32)Native Instruments Service Center (Version: 2.3.0.853)Native Instruments Service Center (x32)Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)Nero Blu-ray Player (x32 Version: 12.0.17700)Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000)Nero Core Components (x32 Version: 11.0.18100)Nero Kwik Media (x32 Version: 1.18.18900)Nero Kwik Media (x32 Version: 12.0.01300)Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000)Nero Kwik Themes Basic (x32 Version: 12.0.11500)Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)Nero Update (x32 Version: 11.0.11800.31.0)n-Track Studio 7 (x32)NVIDIA Control Panel 331.82 (Version: 331.82)NVIDIA GeForce Experience 1.8 (Version: 1.8)NVIDIA Graphics Driver 331.82 (Version: 331.82)NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)NVIDIA Install Application (Version: 2.1002.142.992)NVIDIA LED Visualizer 1.0 (Version: 1.0)NVIDIA Network Service (Version: 1.0)NVIDIA PhysX (x32 Version: 9.13.0725)NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)NVIDIA Update 10.10.5 (Version: 10.10.5)NVIDIA Update Core (Version: 10.10.5)NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)ofcdesk Tigre 2014 for AutoCAD (Version: 6.0.0.2)Origin (x32 Version: 9.0.11.77)Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (Version: 4.0.30319)Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (Version: 4.0.30319)PDF Settings CC (x32 Version: 12.0)PDF Settings CS5 (x32 Version: 10.0)PDF Settings CS6 (x32 Version: 11.0)PerformanceTest v8.0 (Version: 8.0.1024.0)Photo Common (x32 Version: 16.4.3508.0205)Photo Gallery (x32 Version: 16.4.3508.0205)Prerequisite installer (x32 Version: 12.0.0002)PunkBuster Services (x32 Version: 0.993)QuickTime (x32 Version: 7.74.80.86)Rapture 1.2.2 (x32 Version: 18.0)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914)Receitanet (x32 Version: 1.03)Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)RidNacs 2.0.3 (x32)SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)SHIELD Streaming (Version: 1.6.75)SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0)Skype Click to Call (x32 Version: 6.13.13771)Skype™ 6.3 (x32 Version: 6.3.107)Smart Defrag 2 (x32 Version: 2.9)SolveigMM AVI Trimmer (x32 Version: 2.1.1307.29)Sophos Virus Removal Tool (x32 Version: 2.4)SpyHunter (Version: 4.16.5.4290)Steam (x32 Version: 1.0.0.0)StuffIt Expander 2011 (Version: 15.0.7.2518)Suporte para Aplicativos Apple (x32 Version: 2.3.4)Surfing Protection (x32 Version: 1.0)UltraISO Premium V9.33 (x32)Unigine Valley Benchmark version 1.0 (x32 Version: 1.0)Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)WD Drive Utilities (x32 Version: 1.0.3.3)WD Security (x32 Version: 1.0.3.3)WD SmartWare (Version: 1.6.4.7)WibuKey Setup (WibuKey Remove) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup))Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)Windows Live Communications Platform (x32 Version: 16.4.3508.0205)Windows Live Essentials (x32 Version: 16.4.3508.0205)Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)Windows Live Installer (x32 Version: 16.4.3508.0205)Windows Live Photo Common (x32 Version: 16.4.3508.0205)Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)Windows Live SOXE (x32 Version: 16.4.3508.0205)Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)Windows Live UX Platform (x32 Version: 16.4.3508.0205)Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)WinRAR 4.20 (64-bit) (Version: 4.20.0)World of Tanks (x32) Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764496 Share Posted December 14, 2013 ==================== Restore Points ========================= 10-12-2013 20:28:16 Installed HiJackThis10-12-2013 20:39:21 Installed Sophos Virus Removal Tool.10-12-2013 23:49:19 Windows Update12-12-2013 18:28:35 Windows Update ==================== Hosts content: ========================== 2009-07-14 00:34 - 2013-12-10 09:09 - 00480370 ___RA C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost127.0.0.1 www.winaproduct.com127.0.0.1 www.winadiscount.com #[Dr.Web.Adware.Xbarre]127.0.0.1 www.stickylogic.com127.0.0.1 rt.udmserve.net127.0.0.1 adunit.namiflow.com127.0.0.1 ads.namiflow.com127.0.0.1 c7.zxxds.net127.0.0.1 c1.zxxds.net #[g1.panthercdn.com]127.0.0.1 www.zedo.com #[Adware.RaxSearch]127.0.0.1 yads.zedo.com127.0.0.1 xads.zedo.com127.0.0.1 ss7.zedo.com127.0.0.1 ss2.zedo.com127.0.0.1 ss1.zedo.com127.0.0.1 simg.zedo.com127.0.0.1 r1.zedo.com127.0.0.1 l8.zedo.com127.0.0.1 l6.zedo.com #[a515.g.akamai.net]127.0.0.1 l5.zedo.com127.0.0.1 l4.zedo.com127.0.0.1 l3.zedo.com127.0.0.1 l2.zedo.com127.0.0.1 l1.zedo.com #[a1101.g.akamai.net]127.0.0.1 h.zedo.com127.0.0.1 gw.zedo.com127.0.0.1 g.zedo.com #[zedo.live365.com]127.0.0.1 freeze.zedo.com127.0.0.1 d8.zedo.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: {135B7439-0B24-477A-B7C9-B9FF3648E6E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-01] (AVAST Software)Task: {13933E39-CAE9-42DF-A1A0-EA5D31A39EA4} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2010-10-12] (ASUSTeK Computer Inc.)Task: {343A66D2-B656-4372-B671-0827802EB372} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-09-08] (IObit)Task: {5977B48F-4841-4841-A014-37E3725FF600} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)Task: {64C4E980-2D1A-4038-A0B1-570C36817B4C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)Task: {86193A09-879A-4CB9-946A-530DC5CCEF27} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)Task: {86686411-B99C-4BAD-BB32-E7517730765D} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)Task: {8A2D1A34-64B5-4B24-80A7-451F2109559C} - System32\Tasks\ASC7_SkipUac_ACSA => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-14] (IObit)Task: {9168CFD9-D7F7-43E8-BC02-245CB87E400F} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-11-20] (COMODO)Task: {9A9D5D7E-A12C-4DBD-8721-E44D5017E894} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {9E150ECC-E803-4967-B7D6-CB3ED1C8E667} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {A4E43EB6-0E57-47E6-8F9E-32BDCA5370B6} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)Task: {A528B670-2365-40AC-8500-C232C4CD4FA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {AD3289ED-6233-4FDF-A6BC-C0C7F9E542E9} - System32\Tasks\{579ACB44-8AFF-4AAA-A322-4550C6AD120B} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/pt/abandoninstall?source=lightinstaller&page=tsMainTask: {BAC5E8CC-4CA2-4CC3-861E-C297AF10D1D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {C119E16F-9D7B-457C-935E-7D4963885974} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.)Task: {C8B872E9-45E6-4376-9D8E-3FB3AE892C2E} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)Task: {E0C07C03-9C9F-4EBB-89FD-8572F76E2ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {EC2F3FEC-01B5-4B45-BE50-E669FD892F09} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-09-08] (IObit)Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-26 18:43 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll2013-12-13 10:47 - 2013-12-13 06:58 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121300\algo.dll2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2013-09-22 08:55 - 2013-12-14 16:37 - 00024064 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll2013-09-22 08:55 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll2013-02-09 13:23 - 2013-09-11 19:06 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll2012-12-11 12:52 - 2012-12-11 12:52 - 01007616 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libxml2.2.6.24.dll2012-12-11 12:52 - 2012-12-11 12:52 - 00901120 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\iconv-1.9.2.dll2012-12-11 12:52 - 2012-12-11 12:52 - 00007168 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libcharset.dll2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll2013-03-13 18:48 - 2013-03-13 18:48 - 24978944 _____ () C:\Users\ACSA\AppData\Roaming\Dropbox\bin\libcef.dll2013-12-01 07:45 - 2013-12-01 07:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2013-07-26 12:47 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl2013-07-26 12:47 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl2013-07-26 12:47 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl2013-07-26 12:47 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll2013-12-04 13:01 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll2013-02-09 13:20 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll2013-02-09 13:20 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll2013-09-22 08:56 - 2010-11-16 11:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll2013-09-22 08:56 - 2010-07-30 12:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll2013-09-22 08:56 - 2010-07-15 21:04 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll2013-09-22 08:56 - 2010-07-15 21:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll2013-09-22 08:56 - 2010-07-15 21:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll2013-09-22 08:58 - 2009-05-21 11:14 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll2013-09-22 08:58 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll2013-08-15 04:33 - 2013-08-15 04:33 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93ef72cbcec2a4b14fe06bb029d98d3a\IsdiInterop.ni.dll2012-09-14 22:45 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll2013-09-22 08:55 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll2013-09-22 08:55 - 2010-12-02 18:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll2013-09-22 08:55 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll2013-09-22 08:56 - 2010-10-15 18:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll2013-09-22 08:55 - 2010-11-19 11:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll2013-09-22 08:56 - 2010-12-30 23:15 - 01656320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll2013-09-22 08:57 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll2013-09-22 08:57 - 2010-12-03 17:12 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll2013-09-22 08:55 - 2010-09-27 21:51 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll2013-09-22 08:55 - 2010-09-27 21:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll2013-09-22 08:55 - 2010-11-19 11:55 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll2013-09-22 08:55 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll2013-09-22 08:55 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll2013-12-05 11:50 - 2013-12-04 00:47 - 00702416 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll2013-12-05 11:50 - 2013-12-04 00:47 - 00099792 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll2013-12-05 11:50 - 2013-12-04 00:48 - 04055504 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll2013-12-05 11:50 - 2013-12-04 00:48 - 00399312 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll2013-12-05 11:50 - 2013-12-04 00:47 - 01619408 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll2013-12-05 11:50 - 2013-12-04 00:48 - 13586896 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows\System32:82A93AA7_Abn.gbpAlternateDataStreams: C:\Users\ACSA\Cookies:mwzswpu5eJKHwIy6QklIGOYWQtv6AlternateDataStreams: C:\Users\ACSA\Local Settings:t8G6tbQRuEHRJYDyzvvuGmAlternateDataStreams: C:\Users\ACSA\AppData\Local:t8G6tbQRuEHRJYDyzvvuGmAlternateDataStreams: C:\Users\ACSA\AppData\Local\7D3pn4Otqu:MPmoYbYFSazOUSCOwa1KqnbAlternateDataStreams: C:\Users\ACSA\AppData\Local\Application Data:t8G6tbQRuEHRJYDyzvvuGmAlternateDataStreams: C:\Users\ACSA\AppData\Local\Temp:0NEkqv9XiqGAvWUqf7wT ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Faulty Device Manager Devices ============= Name: ASUS BluetoothDescription: ASUS BluetoothClass Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}Manufacturer: Atheros CommunicationsService: BTHUSBProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (12/14/2013 04:36:54 PM) (Source: volmgr) (User: )Description: Crash dump initialization failed! Error: (12/14/2013 04:20:35 PM) (Source: volmgr) (User: )Description: Crash dump initialization failed! Error: (12/14/2013 04:21:23 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 16:19:59 on 14/12/2013 was unexpected. Microsoft Office Sessions:=========================Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors:=================================== Date: 2013-12-14 17:25:42.260 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 17:15:55.439 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 16:51:41.166 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 16:41:36.765 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 16:36:09.963 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 16:23:07.779 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 16:17:15.375 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 13:35:01.448 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 13:28:09.484 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 13:22:00.309 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 39%Total physical RAM: 8167.14 MBAvailable physical RAM: 4954.02 MBTotal Pagefile: 16332.46 MBAvailable Pagefile: 12208.91 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:341.7 GB) (Free:154.45 GB) NTFSDrive d: () (Fixed) (Total:78.13 GB) (Free:25.82 GB) NTFSDrive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1641.89 GB) NTFSDrive f: () (Fixed) (Total:39.06 GB) (Free:17.5 GB) NTFSDrive g: () (Fixed) (Total:39.06 GB) (Free:30.06 GB) NTFSDrive h: () (Fixed) (Total:141.83 GB) (Free:31.44 GB) NTFSDrive k: () (Fixed) (Total:488.28 GB) (Free:441.51 GB) NTFSDrive l: () (Fixed) (Total:556.64 GB) (Free:164.21 GB) NTFSDrive n: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: CE5477BD)Partition 1: (Active) - (Size=78 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=220 GB) - (Type=OF Extended) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 9C491C32)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=342 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=488 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=557 GB) - (Type=07 NTFS) ========================================================Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
MrCharlie Posted December 14, 2013 ID:764498 Share Posted December 14, 2013 AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} It's not a good idea to have all of these programs on the system.Having two anti-virus programs running on a system only causes poor performance, conflicts and spotty protection.http://br.search.yah...&type=800236&p={searchTerms}CHR DefaultNewTabURL: First make sure you have the latest version of Chrome:Open up Chrome > Click on the 3 bars in the upper right hand cornerClick on About Google ChromeIf there's an update available it will automatically updateNext:Go to Tools > Clear Browser DataPut a check next to all of these:Clear browsing historyClear download historyDelete cookies and other site and plug-in dataEmpty the cacheClick "Clear Browsing Data"-------------------------------Next:Click the Chrome menu on the browser toolbar.Select Settings.In the "Search" section, click Manage search engines.Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default.Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.-------------------------------------Click the Chrome menu .Select Settings.In the "On startup" section, select Open a specific page or set of pages.Click Set pages. (in blue to the right)Remove any unfamiliar pages.-----------------------Click the Chrome menu .Select Settings.In the "Appearance" section, if the "Show Home button" checkbox is selected, see if the page listed below is the home page you’d like to use.If the page isn't the home page you'd like to use, click Change and select your preferred page.-------------------------The link better explains resetting Chrome: (it's towards the bottom.....don't download anything from that site)http://www.techsupportall.com/how-to-remove-dosearch-com-from-internet-explorer-chrome-firefox/+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++Carefully check you browsers shortcuts:Right-click your browser’s shortcut. Choose Properties. Go to Shortcut tab and navigate to Target line. There should be only your browser’s directory in the Targetline: (Delete anything else)Internet Explorer – C:Program Files Internet Explorer iexplore.exeMozilla Firefox –C:Program FilesMozilla Firefoxfirefox.exeGoogle Chrome – C:Program FilesGoogleChromeApplicationchrome.exe~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Let me know.....MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764525 Share Posted December 14, 2013 MrCharlie, thank you for your advice about the multiple anti-virus, I wll fix it this Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2013 01Ran by ACSA at 2013-12-14 19:02:17 Run:1Running from C:\Users\ACSA\Desktop\FRSTBoot Mode: Normal============================================== Content of fixlist:*****************HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yah...r=spigot-yhp-ieURLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No FileSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://br.search.yah...&type=800236&p={searchTerms}SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yah...&type=800236&p={searchTerms}FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xmlFF SearchPlugin: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xmlCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ***************** HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => Value deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{78CA4453-2964-48D0-9F7D-E7E79C53B942} => Key deleted successfully.HKCR\CLSID\{78CA4453-2964-48D0-9F7D-E7E79C53B942} => Key not found.C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml => Moved successfully.C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml => Moved successfully.C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xml => Moved successfully.HKLM\SOFTWARE\Policies\Google => Key deleted successfully. ==== End of Fixlog ==== Link to post Share on other sites More sharing options...
MrCharlie Posted December 14, 2013 ID:764546 Share Posted December 14, 2013 How is it?? MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764558 Share Posted December 14, 2013 I uninstalled IObit, Comodo, rebooted, but the Yahoo search engine is still there (IE, Firefox and Chrome) Link to post Share on other sites More sharing options...
MrCharlie Posted December 14, 2013 ID:764569 Share Posted December 14, 2013 Re-scan with FRST and post the new log. MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 14, 2013 Author ID:764589 Share Posted December 14, 2013 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01Ran by ACSA (administrator) on ACSA-PC on 14-12-2013 21:33:48Running from C:\Users\ACSA\Desktop\FRSTWindows 7 Professional Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\Windows\SysWOW64\PnkBstrA.exe(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe() C:\Program Files\Macrium\Reflect\ReflectService.exe(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Dropbox, Inc.) C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe(Microsoft Corporation) C:\Windows\System32\taskmgr.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-10-05] (Realtek Semiconductor)HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-10-05] (Realtek Semiconductor)HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exeHKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)HKCU\...\Run: [FMCore.exe] - C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe [9440256 2012-12-11] (Celartem, Inc., doing business as Extensis.)HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)HKCU\...\Run: [Google Update] - C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-14] (Google Inc.)HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1HKCU\...\Policies\Explorer: [] HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a8726356-a695-4a0f-a368-9e52a6bc90b3.exe [180184 2013-11-23] (AVAST Software)HKLM-x32\...\Run: [tvncontrol] - "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slaveHKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.com/?type=402027&fr=spigot-yhp-ieHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE89D256EDC92CD01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-brStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - DefaultScope {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cabDPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} http://marahu.dvrdns.org:3130/webrec.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 187.22.0.61 187.22.0.66Tcpip\..\Interfaces\{A014895A-EA50-48E7-B92D-4BA595890AA7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1Tcpip\..\Interfaces\{C87D9D7B-D12F-42F4-B4C5-1659882566C7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox:========FF ProfilePath: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.defaultFF DefaultSearchEngine: Yahoo!FF SelectedSearchEngine: Yahoo!FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: gastecnologia.com.br/sf/abn - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)FF SearchPlugin: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xmlFF Extension: Advanced SystemCare Surfing Protection - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\ascsurfingprotection@iobit.comFF Extension: Slick Savings - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\savingsslider@mybrowserbar.comFF Extension: Start Page - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}FF Extension: support - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\support@real-hide-ip.com.xpiFF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FFFF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpiFF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi Chrome: =======CHR DefaultSearchKeyword: yahoo.com searchCHR DefaultSearchProvider: YahooCHR DefaultSearchURL: http://br.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=800236&p={searchTerms}CHR DefaultNewTabURL: CHR Extension: (Google Drive) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Google Wallet) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1CHR Extension: (Gmail) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crxCHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.2.crxCHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crxCHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\ACSA\AppData\Local\Slick Savings\coupons.crxCHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crxCHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2013-10-05] (DTS)R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [409144 2013-08-19] (GAS Tecnologia)R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-01] ()R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) ==================== Drivers (Whitelisted) ==================== S3 AIDA64Driver; No ImagePathR1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-15] (DT Soft Ltd)R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-14 21:32 - 2013-12-14 21:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\ACSA\Downloads\HijackThis.exe2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Users\ACSA\AppData\Local\Slick Savings2013-12-14 20:31 - 2013-12-14 20:31 - 13086648 _____ (IObit ) C:\Users\ACSA\Downloads\driverbooster-cnet-setup.exe2013-12-14 19:26 - 2013-12-14 19:26 - 00000000 ____H C:\ProgramData\cm-lock2013-12-14 19:00 - 2013-12-14 21:33 - 00000000 ____D C:\Users\ACSA\Desktop\FRST2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST2013-12-14 12:30 - 2013-12-14 12:31 - 00000000 ____D C:\AdwCleaner2013-12-14 11:57 - 2013-12-14 11:58 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe2013-12-14 11:32 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip2013-12-14 09:50 - 2013-12-14 19:25 - 00001008 _____ C:\Windows\setupact.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log2013-12-14 09:18 - 2013-12-14 09:28 - 00000000 ____D C:\ProgramData\HitmanPro2013-12-14 09:18 - 2013-12-14 09:19 - 00000000 ____D C:\Program Files\HitmanPro2013-12-14 09:16 - 2013-12-14 09:17 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe2013-12-13 11:14 - 2013-12-14 11:35 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt2013-12-12 16:38 - 2013-12-12 16:39 - 00000000 ___SD C:\ComboFix2013-12-12 16:35 - 2013-12-12 17:55 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz2013-12-12 16:04 - 2013-12-14 11:58 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2013-12-12 00:18 - 2013-12-12 00:19 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe2013-12-11 21:40 - 2013-12-14 20:44 - 00396879 _____ C:\Windows\WindowsUpdate.log2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg2013-12-10 21:53 - 2013-05-10 03:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2013-12-10 21:53 - 2013-05-10 03:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2013-12-10 21:53 - 2013-05-10 02:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2013-12-10 21:53 - 2013-05-10 02:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2013-12-10 21:52 - 2013-11-26 09:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-12-10 21:52 - 2013-11-26 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-12-10 21:52 - 2013-11-26 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-12-10 21:52 - 2013-11-26 08:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-12-10 21:52 - 2013-11-26 07:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-12-10 21:52 - 2013-11-26 07:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-12-10 21:52 - 2013-11-26 07:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-12-10 21:52 - 2013-11-26 07:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-12-10 21:52 - 2013-11-26 07:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-12-10 21:52 - 2013-11-26 07:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-12-10 21:52 - 2013-11-26 07:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-12-10 21:52 - 2013-11-26 07:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-12-10 21:52 - 2013-11-26 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-12-10 21:52 - 2013-11-26 07:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-12-10 21:52 - 2013-11-26 06:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-12-10 21:52 - 2013-11-26 06:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-12-10 21:52 - 2013-11-26 06:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-12-10 21:52 - 2013-11-26 06:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-12-10 21:52 - 2013-11-26 06:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-12-10 21:52 - 2013-11-26 06:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-12-10 21:52 - 2013-11-26 06:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-12-10 21:52 - 2013-11-26 06:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-12-10 21:52 - 2013-11-26 05:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-12-10 21:52 - 2013-11-26 05:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-12-10 21:52 - 2013-11-26 05:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-12-10 21:52 - 2013-11-26 05:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-12-10 21:52 - 2013-11-26 04:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-12-10 21:52 - 2013-11-26 04:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-12-10 21:52 - 2013-11-26 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-12-10 21:52 - 2013-11-26 04:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-12-10 21:52 - 2013-11-26 04:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-12-10 21:49 - 2013-11-23 16:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2013-12-10 21:49 - 2013-11-23 15:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2013-12-10 21:49 - 2013-10-30 00:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll2013-12-10 21:49 - 2013-10-30 00:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll2013-12-10 21:49 - 2013-10-29 23:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-12-10 21:49 - 2013-10-19 00:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2013-12-10 21:49 - 2013-10-18 23:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll2013-12-10 21:48 - 2013-11-12 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-12-10 21:48 - 2013-11-12 00:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2013-12-10 21:48 - 2013-10-12 00:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2013-12-10 21:48 - 2013-10-12 00:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2013-12-10 21:48 - 2013-10-12 00:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx2013-12-10 21:48 - 2013-10-12 00:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll2013-12-10 21:48 - 2013-10-11 23:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2013-12-10 21:48 - 2013-10-11 23:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2013-12-10 21:48 - 2013-10-11 23:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe2013-12-10 21:48 - 2013-10-11 23:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe2013-12-10 21:48 - 2013-10-04 00:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2013-12-10 21:48 - 2013-10-03 23:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-12-10 18:24 - 2013-12-10 18:27 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT2013-12-10 11:55 - 2013-12-10 11:42 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe2013-12-10 11:45 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe2013-12-10 11:30 - 2013-12-10 11:31 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe2013-12-07 19:12 - 2013-12-08 07:44 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations2013-12-07 19:08 - 2013-12-07 19:09 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip2013-12-07 09:51 - 2013-06-06 18:41 - 00489392 _____ (Ask Partner Network) C:\Users\ACSA\Documents\APNSetup1.exe2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt2013-12-04 10:10 - 2013-12-04 11:00 - 25095200 _____ (IObit ) C:\Users\ACSA\Downloads\imf-setup.exe2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-12-04 08:10 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH2013-12-04 08:04 - 2013-12-04 08:28 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe2013-12-03 00:03 - 2013-10-30 15:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2013-12-03 00:03 - 2013-10-30 15:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs2013-12-01 08:21 - 2013-12-10 09:11 - 00000000 ____D C:\Users\Public\Documents\Lightworks2013-12-01 08:21 - 2013-12-01 08:30 - 00000000 ____D C:\Program Files (x86)\Lightworks2013-12-01 08:14 - 2013-12-01 08:16 - 154323168 _____ (Online Media Technologies Ltd. ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe2013-11-29 23:26 - 2013-12-01 07:35 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit2013-11-29 20:38 - 2013-12-02 15:42 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis52013-11-29 20:30 - 2013-12-02 10:57 - 00000000 ____D C:\ProgramData\Abvent2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent2013-11-29 20:08 - 2013-11-29 20:37 - 00000000 ____D C:\Program Files\Artlantis Studio 52013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}2013-11-23 20:34 - 2013-11-23 20:36 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win642013-11-23 18:23 - 2013-11-23 19:18 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip2013-11-21 10:40 - 2013-11-21 10:41 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia ) C:\Users\ACSA\Downloads\gbplugin2.exe2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip2013-11-20 13:23 - 2013-11-11 13:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2013-11-20 13:23 - 2013-11-11 13:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2013-11-20 13:23 - 2013-11-11 13:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin2013-11-20 13:23 - 2013-11-11 13:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2013-11-20 13:23 - 2013-11-11 13:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2013-11-20 13:23 - 2013-11-11 13:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2013-11-20 13:21 - 2013-11-14 09:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-11-20 13:21 - 2013-11-14 09:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-11-20 13:21 - 2013-11-14 09:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-11-20 13:21 - 2013-11-14 09:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-11-20 13:21 - 2013-11-14 09:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2013-11-20 13:21 - 2013-11-14 09:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-11-20 13:21 - 2013-11-14 09:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-11-20 13:21 - 2013-11-14 09:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-11-20 13:21 - 2013-11-14 09:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-11-20 13:21 - 2013-11-14 09:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2013-11-20 13:21 - 2013-11-14 09:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb2013-11-19 13:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey.htm2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey_files2013-11-18 13:08 - 2013-11-18 13:09 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe2013-11-16 11:44 - 2013-11-16 11:45 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip2013-11-16 10:57 - 2013-11-16 10:58 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp42013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI2013-11-15 08:02 - 2013-11-15 08:03 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls2013-11-14 08:52 - 2013-11-14 08:53 - 28436064 _____ (ofcdesk, llc ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe Link to post Share on other sites More sharing options...
acsalmeida Posted December 15, 2013 Author ID:764590 Share Posted December 15, 2013 ==================== One Month Modified Files and Folders ======= 2013-12-14 21:33 - 2013-12-14 21:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\ACSA\Downloads\HijackThis.exe2013-12-14 21:33 - 2013-12-14 19:00 - 00000000 ____D C:\Users\ACSA\Desktop\FRST2013-12-14 20:49 - 2012-09-14 23:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-12-14 20:48 - 2012-09-15 01:02 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job2013-12-14 20:44 - 2013-12-11 21:40 - 00396879 _____ C:\Windows\WindowsUpdate.log2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Users\ACSA\AppData\Local\Slick Savings2013-12-14 20:32 - 2012-11-14 09:53 - 00000000 ____D C:\ProgramData\IObit2013-12-14 20:31 - 2013-12-14 20:31 - 13086648 _____ (IObit ) C:\Users\ACSA\Downloads\driverbooster-cnet-setup.exe2013-12-14 20:29 - 2012-11-14 09:53 - 00000000 ____D C:\Program Files (x86)\IObit2013-12-14 20:27 - 2013-10-09 17:36 - 00000000 ____D C:\Program Files (x86)\Comodo2013-12-14 20:19 - 2012-09-16 09:16 - 00000000 ____D C:\Program Files (x86)\Steam2013-12-14 20:18 - 2013-10-05 10:03 - 00000282 _____ C:\Windows\Tasks\Driver Booster Update.job2013-12-14 19:35 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-12-14 19:35 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-12-14 19:32 - 2009-07-14 03:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI2013-12-14 19:29 - 2013-01-09 07:37 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Dropbox2013-12-14 19:27 - 2013-10-09 17:36 - 00000000 ____D C:\ProgramData\COMODO2013-12-14 19:27 - 2012-09-17 16:23 - 00000010 _____ C:\Users\ACSA\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D302013-12-14 19:27 - 2012-09-17 16:23 - 00000010 _____ C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C962013-12-14 19:27 - 2012-09-14 23:03 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini2013-12-14 19:26 - 2013-12-14 19:26 - 00000000 ____H C:\ProgramData\cm-lock2013-12-14 19:26 - 2012-09-14 23:41 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-12-14 19:25 - 2013-12-14 09:50 - 00001008 _____ C:\Windows\setupact.log2013-12-14 19:25 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-12-14 19:24 - 2013-06-10 16:08 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys2013-12-14 19:24 - 2013-06-10 16:08 - 00010266 _____ C:\Windows\SysWOW64\Drivers\ndisrd.cat2013-12-14 19:24 - 2013-06-10 16:08 - 00001402 _____ C:\Windows\SysWOW64\Drivers\gas.cer2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST2013-12-14 17:50 - 2013-12-14 11:32 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe2013-12-14 14:52 - 2012-09-14 23:40 - 00000000 ____D C:\Program Files (x86)\Google2013-12-14 13:36 - 2013-08-02 14:37 - 03891200 ___SH C:\Users\ACSA\Downloads\Thumbs.db2013-12-14 12:31 - 2013-12-14 12:30 - 00000000 ____D C:\AdwCleaner2013-12-14 11:58 - 2013-12-14 11:57 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe2013-12-14 11:58 - 2013-12-12 16:04 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt2013-12-14 11:35 - 2013-12-13 11:14 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe2013-12-14 10:24 - 2012-10-16 09:48 - 00019968 ___SH C:\Users\ACSA\Thumbs.db2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log2013-12-14 09:47 - 2013-03-10 10:53 - 00000000 ____D C:\ProgramData\GAS Tecnologia2013-12-14 09:44 - 2012-09-15 07:03 - 00000000 ____D C:\Users\ACSA\AppData\Local\CrashDumps2013-12-14 09:28 - 2013-12-14 09:18 - 00000000 ____D C:\ProgramData\HitmanPro2013-12-14 09:19 - 2013-12-14 09:18 - 00000000 ____D C:\Program Files\HitmanPro2013-12-14 09:17 - 2013-12-14 09:16 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe2013-12-14 09:15 - 2012-09-15 01:02 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job2013-12-13 21:58 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe2013-12-13 15:52 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex02013-12-13 15:47 - 2012-09-15 01:02 - 00000000 ____D C:\Program Files (x86)\Origin2013-12-13 14:58 - 2012-09-15 00:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe2013-12-13 11:30 - 2013-07-26 16:02 - 00000000 ____D C:\Users\ACSA\AppData\Local\Deployment2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip2013-12-13 10:47 - 2013-01-12 07:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-12-13 10:30 - 2012-09-15 18:56 - 00000000 ____D C:\ProgramData\GbPlugin2013-12-13 10:22 - 2013-12-10 11:45 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt2013-12-12 17:55 - 2013-12-12 16:35 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz2013-12-12 16:39 - 2013-12-12 16:38 - 00000000 ___SD C:\ComboFix2013-12-12 12:56 - 2013-10-02 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Battlefield 42013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2013-12-12 00:19 - 2013-12-12 00:18 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg2013-12-11 19:33 - 2013-06-25 10:23 - 00000000 ____D C:\Users\ACSA\Documents\BIMx2013-12-11 19:33 - 2012-09-15 21:55 - 00000000 ____D C:\Users\ACSA\Graphisoft2013-12-11 19:33 - 2012-09-15 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Corel2013-12-11 19:03 - 2013-09-22 09:09 - 00000000 _____ C:\Windows\Path.idx2013-12-11 19:02 - 2013-09-22 09:09 - 00867360 _____ C:\Windows\PE_Rom.dll2013-12-10 22:41 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache2013-12-10 22:15 - 2009-07-14 02:45 - 05162600 _____ C:\Windows\system32\FNTCACHE.DAT2013-12-10 21:52 - 2013-07-30 10:19 - 00000000 ____D C:\Windows\system32\MRT2013-12-10 21:49 - 2012-09-14 23:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-12-10 18:56 - 2013-11-05 11:36 - 00000000 ____D C:\Qoobox(1)2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-12-10 18:27 - 2013-12-10 18:24 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi2013-12-10 17:00 - 2013-06-17 16:27 - 00000497 _____ C:\Users\ACSA\Downloads\QUEM INCOMODA.txt2013-12-10 12:55 - 2013-05-18 16:54 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Skype2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT2013-12-10 11:42 - 2013-12-10 11:55 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe2013-12-10 11:31 - 2013-12-10 11:30 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe2013-12-10 09:11 - 2013-12-01 08:21 - 00000000 ____D C:\Users\Public\Documents\Lightworks2013-12-10 09:09 - 2012-12-03 14:05 - 00000029 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak2013-12-10 09:09 - 2009-07-14 00:34 - 00480308 _____ C:\Windows\system32\Drivers\etc\hosts_PTBackup.bak2013-12-10 08:39 - 2013-04-10 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe2013-12-09 07:34 - 2013-09-04 09:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird2013-12-08 07:44 - 2013-12-07 19:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations2013-12-07 19:09 - 2013-12-07 19:08 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt2013-12-05 08:39 - 2012-09-18 10:11 - 00001456 _____ C:\Users\ACSA\AppData\Local\Adobe Save for Web 13.0 Prefs2013-12-04 11:00 - 2013-12-04 10:10 - 25095200 _____ (IObit ) C:\Users\ACSA\Downloads\imf-setup.exe2013-12-04 08:28 - 2013-12-04 08:04 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-12-04 08:11 - 2013-12-04 08:10 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH2013-12-04 08:10 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe2013-12-03 08:44 - 2012-09-14 23:41 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-12-03 08:44 - 2012-09-14 23:41 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-12-03 00:09 - 2013-11-13 12:59 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA Corporation2013-12-03 00:09 - 2013-10-02 21:13 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA2013-12-03 00:04 - 2013-10-04 09:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2013-12-03 00:04 - 2012-09-14 23:09 - 00000000 ____D C:\ProgramData\NVIDIA2013-12-03 00:03 - 2012-12-18 13:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2013-12-03 00:03 - 2012-09-14 23:06 - 00000000 ____D C:\Program Files\NVIDIA Corporation2013-12-02 15:42 - 2013-11-29 20:38 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis52013-12-02 10:57 - 2013-11-29 20:30 - 00000000 ____D C:\ProgramData\Abvent2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software2013-12-01 13:41 - 2012-09-15 22:54 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar2013-12-01 10:07 - 2012-09-14 23:18 - 00766336 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK2013-12-01 08:30 - 2013-12-01 08:21 - 00000000 ____D C:\Program Files (x86)\Lightworks2013-12-01 08:30 - 2012-09-14 22:34 - 00000000 ____D C:\Users\ACSA2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs2013-12-01 08:16 - 2013-12-01 08:14 - 154323168 _____ (Online Media Technologies Ltd. ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe2013-12-01 07:45 - 2013-07-10 17:03 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys2013-12-01 07:45 - 2013-07-10 17:03 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys2013-12-01 07:45 - 2013-01-12 07:44 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2013-12-01 07:45 - 2013-01-12 07:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2013-12-01 07:45 - 2013-01-12 07:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2013-12-01 07:45 - 2013-01-12 07:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys2013-12-01 07:43 - 2012-09-15 01:02 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA2013-12-01 07:43 - 2012-09-15 01:02 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core2013-12-01 07:35 - 2013-11-29 23:26 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu2013-12-01 07:30 - 2013-01-12 07:44 - 00000000 ____D C:\ProgramData\AVAST Software2013-12-01 07:29 - 2013-01-12 07:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt2013-11-30 06:46 - 2013-08-20 11:29 - 00000000 ____D C:\Users\ACSA\Downloads\20 Historic Black and White Photos Colorized2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit2013-11-29 20:37 - 2013-11-29 20:08 - 00000000 ____D C:\Program Files\Artlantis Studio 52013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent2013-11-29 14:56 - 2013-10-28 18:17 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2013-11-29 14:56 - 2013-10-28 18:17 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2013-11-29 09:16 - 2012-09-15 00:22 - 00000000 ____D C:\Users\ACSA\AppData\Local\Adobe2013-11-26 18:55 - 2012-09-15 03:22 - 00000000 ____D C:\Windows\Panther2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\IObit2013-11-26 09:54 - 2013-12-10 21:52 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-11-26 08:19 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-11-26 08:18 - 2013-12-10 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-11-26 08:11 - 2013-12-10 21:52 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-11-26 07:48 - 2013-12-10 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-11-26 07:46 - 2013-12-10 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-11-26 07:41 - 2013-12-10 21:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-11-26 07:29 - 2013-12-10 21:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-11-26 07:27 - 2013-12-10 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-11-26 07:23 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-11-26 07:21 - 2013-12-10 21:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-11-26 07:18 - 2013-12-10 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-11-26 07:18 - 2013-12-10 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-11-26 07:16 - 2013-12-10 21:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-11-26 06:57 - 2013-12-10 21:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-11-26 06:38 - 2013-12-10 21:52 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-11-26 06:38 - 2013-12-10 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-11-26 06:35 - 2013-12-10 21:52 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-11-26 06:32 - 2013-12-10 21:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-11-26 06:28 - 2013-12-10 21:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-11-26 06:16 - 2013-12-10 21:52 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-11-26 06:02 - 2013-12-10 21:52 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-11-26 05:48 - 2013-12-10 21:52 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-11-26 05:32 - 2013-12-10 21:52 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-11-26 05:26 - 2013-12-10 21:52 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-11-26 05:07 - 2013-12-10 21:52 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-11-26 04:40 - 2013-12-10 21:52 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-11-26 04:34 - 2013-12-10 21:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-11-26 04:34 - 2013-12-10 21:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-11-26 04:33 - 2013-12-10 21:52 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-11-26 04:27 - 2013-12-10 21:52 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-11-23 20:36 - 2013-11-23 20:34 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win642013-11-23 19:18 - 2013-11-23 18:23 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip2013-11-23 16:26 - 2013-12-10 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2013-11-23 15:47 - 2013-12-10 21:49 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2013-11-21 10:41 - 2013-11-21 10:40 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia ) C:\Users\ACSA\Downloads\gbplugin2.exe2013-11-21 08:51 - 2013-10-28 15:51 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\NVIDIA2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip2013-11-19 15:20 - 2012-09-14 22:34 - 00001417 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-19 15:15 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-19 13:11 - 2012-09-14 23:18 - 00001945 _____ C:\Windows\epplauncher.mif2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files\Microsoft Security Client2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client2013-11-19 08:21 - 2010-11-21 01:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey.htm2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey_files2013-11-18 13:09 - 2013-11-18 13:08 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe2013-11-16 11:45 - 2013-11-16 11:44 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip2013-11-16 10:58 - 2013-11-16 10:57 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp42013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI2013-11-15 08:03 - 2013-11-15 08:02 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls2013-11-14 09:55 - 2013-11-20 13:21 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-11-14 09:55 - 2013-11-20 13:21 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-11-14 09:55 - 2013-11-20 13:21 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-11-14 09:55 - 2013-11-20 13:21 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-11-14 09:55 - 2013-11-20 13:21 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2013-11-14 09:55 - 2013-11-20 13:21 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-11-14 09:55 - 2013-11-20 13:21 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-11-14 09:55 - 2013-11-20 13:21 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-11-14 09:55 - 2013-11-20 13:21 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-11-14 09:55 - 2013-11-20 13:21 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-11-14 09:55 - 2013-11-20 13:21 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-11-14 09:55 - 2013-11-20 13:21 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-11-14 09:55 - 2013-11-20 13:21 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-11-14 09:55 - 2013-11-20 13:21 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-11-14 09:55 - 2013-11-20 13:21 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2013-11-14 09:55 - 2013-11-20 13:21 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2013-11-14 09:55 - 2013-11-20 13:21 - 00023754 _____ C:\Windows\system32\nvinfo.pb2013-11-14 09:38 - 2013-09-24 12:53 - 00043216 _____ (COMODO) C:\Windows\system32\cmdcsr.dll2013-11-14 08:53 - 2013-11-14 08:52 - 28436064 _____ (ofcdesk, llc ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe Some content of TEMP:====================C:\Users\ACSA\AppData\Local\Temp\ntdll_dump.dllC:\Users\ACSA\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-10 13:48 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
acsalmeida Posted December 15, 2013 Author ID:764595 Share Posted December 15, 2013 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01Ran by ACSA at 2013-12-14 21:34:10Running from C:\Users\ACSA\Desktop\FRSTBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.1)Adobe AIR (x32 Version: 3.1.0.4880)Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)Adobe Help Manager (x32 Version: 4.0.244)Adobe Illustrator CS6 (x32 Version: 16.0)Adobe InDesign CS6 (x32 Version: 8.0)Adobe Photoshop CC (x32 Version: 14.0)Adobe Photoshop CS5.1 (x32 Version: 12.1)Advanced SystemCare 7 (x32 Version: 7.0.6)AI Suite II (x32 Version: 1.01.14)Akamai NetSession Interface (HKCU)AmpliTube 3 version 3.9.0 (Version: 3.9.0)Apple Mobile Device Support (Version: 6.1.0.13)Apple Software Update (x32 Version: 2.1.3.127)ArchiCAD 16 INT (Version: 16.0)ArchiCAD 17 (x32)ArchiCAD 17 INT (Version: 17.0)ArchiCAD 17 USA (Version: 17.0)Artlantis Studio 5.0.2.3 (64 bit) (Version: 5.0.2.3)ASIO4ALL (x32 Version: 2.11 Beta1)ASUS PC Diagnostics (x32 Version: 1.1.2)AutoCAD 2014 Language Pack - English (Version: 19.1.18.0)AutoCAD Architecture 2012 - English (Version: 6.7.49.0)AutoCAD Architecture 2012 Language Pack - English (Version: 18.2.51.0)Autodesk 360 (Version: 4.0.27.1)Autodesk App Manager (x32 Version: 1.1.0)Autodesk AutoCAD 2014 - English (Version: 19.1.18.0)Autodesk Content Service (x32 Version: 3.1.3.0)Autodesk Content Service Language Pack (x32 Version: 3.1.3.0)Autodesk Featured Apps (x32 Version: 1.1.0)Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)Autodesk Material Library 2012 (x32 Version: 2.5.0.8)Autodesk Material Library 2014 (x32 Version: 4.0.19.0)Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8)Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0)Autodesk ReCap (Version: 1.0.43.13)Autodesk ReCap Language Pack-English (Version: 1.0.43.13)avast! Free Antivirus (x32 Version: 9.0.2008)AVS Video ReMaker 4.1.3.149 (x32 Version: 4.1.3.149)Battlefield 4™ (x32 Version: 1.0.0.1)Battlelog Web Plugins (x32 Version: 2.3.2)Bluetooth Win7 Suite (64) (Version: 7.2.0.40)Bonjour (Version: 3.0.0.10)CameraHelperMsi (x32 Version: 13.51.815.0)CCleaner (Version: 4.01)CodeMeter Runtime Kit v5.00a (Version: 5.00.1062.501)Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)Corel Graphics - Windows Shell Extension (Version: 16.0.707)Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707)CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0)CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.0.0.707)CorelDRAW Graphics Suite X6 (x64) (Version: 16.0)CrystalDiskInfo 5.0.5 (x32 Version: 5.0.5)D3DX10 (x32 Version: 15.4.2368.0902)DAEMON Tools Lite (x32 Version: 4.45.4.0316)Driver Booster (x32 Version: 1.0)Dropbox (HKCU Version: 2.0.22)Easy CD-DA Extractor 16 (x32 Version: 16.0.8)EPSON Printer SoftwareerLT (x32 Version: 1.20.138.34)ESN Sonar (x32 Version: 0.70.4)Extensis Suitcase Fusion 4 (x32 Version: 15.0.5)EZ Vinyl/Tape Converter by Ion Audio 11.5.0 (x32 Version: 11.5.0)EZXDfh (x32 Version: 1.0)EZXMetalMachine (x32 Version: 1.0.0)FARO LS 1.1.406.58 (x32 Version: 4.6.58.2)FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630)FL Studio 11 (x32)FlowStone FL 3.0 (x32)Galeria de Fotos (x32 Version: 16.4.3508.0205)GeForce Experience NvStream Client Components (Version: 1.6.28)Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64)Google Chrome (HKCU Version: 31.0.1650.63)Google Earth (x32 Version: 7.1.2.2041)Google Talk Plugin (x32 Version: 4.9.1.16010)Google Toolbar for Internet Explorer (x32 Version: 1.0.0)Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320)Google Update Helper (x32 Version: 1.3.22.3)HD Tune 2.55 (x32)HiJackThis (x32 Version: 1.0.0)HitmanPro 3.7 (Version: 3.7.8.208)IL Download Manager (x32)IL Shared Libraries (x32)Intel® Management Engine Components (x32 Version: 7.0.0.1144)Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)Intel® Rapid Storage Technology (x32 Version: 10.1.0.1008)Intel® Watchdog Timer Driver (Intel® WDT) (x32)Intelbras (x32)IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (x32 Version: 1.0)iTunes (Version: 11.0.4.4)Java 7 Update 45 (x32 Version: 7.0.450)Java Auto Updater (x32 Version: 2.1.9.8)Java 6 Update 32 (x32 Version: 6.0.320)Java 7 Update 5 (64-bit) (Version: 7.0.50)JDiskReport 1.4.0 (x32 Version: 1.4.0 (2012-01-20 11:38:43))JMicron JMB36X Driver (x32 Version: 1.17.58.2)jv16 PowerTools 2012 (x32 Version: )Kaspersky Security Scan (x32 Version: 12.0.1.340)KORG AudioGate (x32 Version: 2.3.3)LibreOffice 3.6 (x32 Version: 3.6.1.2)Lightworks (x32 Version: 11.1.1.0)Logitech Gaming Software 5.10 (Version: 5.10.127)Logitech SetPoint 6.32 (Version: 6.32.20)Logitech Webcam Software (x32 Version: 2.51)LWS Facebook (x32 Version: 13.50.854.0)LWS Gallery (x32 Version: 13.51.827.0)LWS Help_main (x32 Version: 13.51.828.0)LWS Launcher (x32 Version: 13.51.828.0)LWS Pictures And Video (x32 Version: 13.51.815.0)LWS Twitter (x32 Version: 13.30.1346.0)LWS Webcam Software (x32 Version: 13.51.815.0)LWS WLM Plugin (x32 Version: 1.30.1201.0)LWS YouTube Plugin (x32 Version: 13.31.1038.0)Macrium Reflect Free Edition (Version: 5.0.5154)Malwarebytes Anti-Malware versão 1.75.0.1300 (x32 Version: 1.75.0.1300)marvell 91xx driver (x32 Version: 1.0.0.1051)Media Player Codec Pack 4.2.9 (x32 Version: 4.2.9)Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319)Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319)Microsoft .NET Framework 4.5 (Version: 4.5.50709)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Security Client (Version: 4.4.0304.0)Microsoft Security Essentials (Version: 4.4.304.0)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729)Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729)Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)MiniTool Partition Wizard Home Edition 7.6.1 (x32)Módulo de Proteção Banco Santander 3.4.3.1 (x32 Version: Módulo de Proteção Banco Santander (Brasil) S.A.)Movie Maker (x32 Version: 16.4.3508.0205)Mozilla Firefox 25.0.1 (x86 pt-BR) (x32 Version: 25.0.1)Mozilla Maintenance Service (x32 Version: 24.0.1)Mozilla Thunderbird 24.0.1 (x86 pt-BR) (x32 Version: 24.0.1)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT110 (x32 Version: 16.4.1108.0727)MSVCRT110_amd64 (Version: 16.4.1109.0912)Native Instruments Controller Editor (Version: 1.3.5.667)Native Instruments Controller Editor (x32)Native Instruments Guitar Rig 5 (Version: 5.0.2.2476)Native Instruments Guitar Rig 5 (x32)Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)Native Instruments Guitar Rig Mobile I/O (x32)Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)Native Instruments Guitar Rig Session I/O (x32)Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)Native Instruments Rig Kontrol 3 (x32)Native Instruments Service Center (Version: 2.3.0.853)Native Instruments Service Center (x32)Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)Nero Blu-ray Player (x32 Version: 12.0.17700)Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000)Nero Core Components (x32 Version: 11.0.18100)Nero Kwik Media (x32 Version: 1.18.18900)Nero Kwik Media (x32 Version: 12.0.01300)Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000)Nero Kwik Themes Basic (x32 Version: 12.0.11500)Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)Nero Update (x32 Version: 11.0.11800.31.0)n-Track Studio 7 (x32)NVIDIA Control Panel 331.82 (Version: 331.82)NVIDIA GeForce Experience 1.8 (Version: 1.8)NVIDIA Graphics Driver 331.82 (Version: 331.82)NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)NVIDIA Install Application (Version: 2.1002.142.992)NVIDIA LED Visualizer 1.0 (Version: 1.0)NVIDIA Network Service (Version: 1.0)NVIDIA PhysX (x32 Version: 9.13.0725)NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)NVIDIA Update 10.10.5 (Version: 10.10.5)NVIDIA Update Core (Version: 10.10.5)NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)ofcdesk Tigre 2014 for AutoCAD (Version: 6.0.0.2)Origin (x32 Version: 9.0.11.77)Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (Version: 4.0.30319)Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (Version: 4.0.30319)PDF Settings CC (x32 Version: 12.0)PDF Settings CS5 (x32 Version: 10.0)PDF Settings CS6 (x32 Version: 11.0)PerformanceTest v8.0 (Version: 8.0.1024.0)Photo Common (x32 Version: 16.4.3508.0205)Photo Gallery (x32 Version: 16.4.3508.0205)Prerequisite installer (x32 Version: 12.0.0002)PunkBuster Services (x32 Version: 0.993)QuickTime (x32 Version: 7.74.80.86)Rapture 1.2.2 (x32 Version: 18.0)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914)Receitanet (x32 Version: 1.03)Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)RidNacs 2.0.3 (x32)SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)SHIELD Streaming (Version: 1.6.75)SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0)Skype Click to Call (x32 Version: 6.13.13771)Skype™ 6.3 (x32 Version: 6.3.107)Smart Defrag 2 (x32 Version: 2.9)SolveigMM AVI Trimmer (x32 Version: 2.1.1307.29)Sophos Virus Removal Tool (x32 Version: 2.4)SpyHunter (Version: 4.16.5.4290)Steam (x32 Version: 1.0.0.0)StuffIt Expander 2011 (Version: 15.0.7.2518)Suporte para Aplicativos Apple (x32 Version: 2.3.4)Surfing Protection (x32 Version: 1.0)UltraISO Premium V9.33 (x32)Unigine Valley Benchmark version 1.0 (x32 Version: 1.0)Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)WD Drive Utilities (x32 Version: 1.0.3.3)WD Security (x32 Version: 1.0.3.3)WD SmartWare (Version: 1.6.4.7)WibuKey Setup (WibuKey Remove) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup))Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)Windows Live Communications Platform (x32 Version: 16.4.3508.0205)Windows Live Essentials (x32 Version: 16.4.3508.0205)Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)Windows Live Installer (x32 Version: 16.4.3508.0205)Windows Live Photo Common (x32 Version: 16.4.3508.0205)Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)Windows Live SOXE (x32 Version: 16.4.3508.0205)Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)Windows Live UX Platform (x32 Version: 16.4.3508.0205)Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)WinRAR 4.20 (64-bit) (Version: 4.20.0)World of Tanks (x32) Link to post Share on other sites More sharing options...
acsalmeida Posted December 15, 2013 Author ID:764597 Share Posted December 15, 2013 ==================== Restore Points ========================= 10-12-2013 20:28:16 Installed HiJackThis10-12-2013 20:39:21 Installed Sophos Virus Removal Tool.10-12-2013 23:49:19 Windows Update12-12-2013 18:28:35 Windows Update14-12-2013 22:25:38 Removed GeekBuddy.14-12-2013 22:34:05 Removed IObit Apps Toolbar v8.4. ==================== Hosts content: ========================== 2009-07-14 00:34 - 2013-12-10 09:09 - 00480370 ____N C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost127.0.0.1 www.winaproduct.com127.0.0.1 www.winadiscount.com #[Dr.Web.Adware.Xbarre]127.0.0.1 www.stickylogic.com127.0.0.1 rt.udmserve.net127.0.0.1 adunit.namiflow.com127.0.0.1 ads.namiflow.com127.0.0.1 c7.zxxds.net127.0.0.1 c1.zxxds.net #[g1.panthercdn.com]127.0.0.1 www.zedo.com #[Adware.RaxSearch]127.0.0.1 yads.zedo.com127.0.0.1 xads.zedo.com127.0.0.1 ss7.zedo.com127.0.0.1 ss2.zedo.com127.0.0.1 ss1.zedo.com127.0.0.1 simg.zedo.com127.0.0.1 r1.zedo.com127.0.0.1 l8.zedo.com127.0.0.1 l6.zedo.com #[a515.g.akamai.net]127.0.0.1 l5.zedo.com127.0.0.1 l4.zedo.com127.0.0.1 l3.zedo.com127.0.0.1 l2.zedo.com127.0.0.1 l1.zedo.com #[a1101.g.akamai.net]127.0.0.1 h.zedo.com127.0.0.1 gw.zedo.com127.0.0.1 g.zedo.com #[zedo.live365.com]127.0.0.1 freeze.zedo.com127.0.0.1 d8.zedo.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: {135B7439-0B24-477A-B7C9-B9FF3648E6E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-01] (AVAST Software)Task: {13933E39-CAE9-42DF-A1A0-EA5D31A39EA4} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2010-10-12] (ASUSTeK Computer Inc.)Task: {343A66D2-B656-4372-B671-0827802EB372} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-04] (IObit)Task: {5977B48F-4841-4841-A014-37E3725FF600} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)Task: {86193A09-879A-4CB9-946A-530DC5CCEF27} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)Task: {86686411-B99C-4BAD-BB32-E7517730765D} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)Task: {8A2D1A34-64B5-4B24-80A7-451F2109559C} - System32\Tasks\ASC7_SkipUac_ACSA => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-14] (IObit)Task: {9A9D5D7E-A12C-4DBD-8721-E44D5017E894} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {9E150ECC-E803-4967-B7D6-CB3ED1C8E667} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {A4E43EB6-0E57-47E6-8F9E-32BDCA5370B6} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)Task: {A528B670-2365-40AC-8500-C232C4CD4FA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {AD3289ED-6233-4FDF-A6BC-C0C7F9E542E9} - System32\Tasks\{579ACB44-8AFF-4AAA-A322-4550C6AD120B} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/pt/abandoninstall?source=lightinstaller&page=tsMainTask: {BAC5E8CC-4CA2-4CC3-861E-C297AF10D1D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {C119E16F-9D7B-457C-935E-7D4963885974} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.)Task: {C8B872E9-45E6-4376-9D8E-3FB3AE892C2E} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)Task: {E0C07C03-9C9F-4EBB-89FD-8572F76E2ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)Task: {EC2F3FEC-01B5-4B45-BE50-E669FD892F09} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-11-08] (IObit)Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-26 18:43 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll2013-12-14 19:26 - 2013-12-14 10:26 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121400\algo.dll2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2013-09-22 08:55 - 2013-12-14 19:25 - 00024064 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll2013-09-22 08:55 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll2013-02-09 13:23 - 2013-09-11 19:06 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll2012-12-11 12:52 - 2012-12-11 12:52 - 01007616 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libxml2.2.6.24.dll2012-12-11 12:52 - 2012-12-11 12:52 - 00901120 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\iconv-1.9.2.dll2012-12-11 12:52 - 2012-12-11 12:52 - 00007168 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libcharset.dll2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll2013-12-01 07:45 - 2013-12-01 07:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2013-03-13 18:48 - 2013-03-13 18:48 - 24978944 _____ () C:\Users\ACSA\AppData\Roaming\Dropbox\bin\libcef.dll2013-09-22 08:56 - 2010-11-16 11:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll2013-09-22 08:56 - 2010-07-30 12:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll2013-09-22 08:56 - 2010-07-15 21:04 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll2013-09-22 08:56 - 2010-07-15 21:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll2013-09-22 08:56 - 2010-07-15 21:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll2013-09-22 08:58 - 2009-05-21 11:14 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll2013-09-22 08:58 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll2013-08-15 04:33 - 2013-08-15 04:33 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93ef72cbcec2a4b14fe06bb029d98d3a\IsdiInterop.ni.dll2012-09-14 22:45 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll2013-09-22 08:55 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll2013-09-22 08:55 - 2010-12-02 18:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll2013-09-22 08:55 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll2013-09-22 08:56 - 2010-10-15 18:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll2013-09-22 08:55 - 2010-11-19 11:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll2013-09-22 08:56 - 2010-12-30 23:15 - 01656320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll2013-09-22 08:57 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll2013-09-22 08:57 - 2010-12-03 17:12 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll2013-09-22 08:55 - 2010-09-27 21:51 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll2013-09-22 08:55 - 2010-09-27 21:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll2013-09-22 08:55 - 2010-11-19 11:55 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll2013-09-22 08:55 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll2013-09-22 08:55 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll2013-10-05 10:03 - 2013-08-02 17:07 - 00348992 _____ () C:\Program Files (x86)\IObit\Driver Booster\madExcept_.bpl2013-10-05 10:03 - 2013-08-02 17:07 - 00183616 _____ () C:\Program Files (x86)\IObit\Driver Booster\madBasic_.bpl2013-10-05 10:03 - 2013-08-02 17:07 - 00051008 _____ () C:\Program Files (x86)\IObit\Driver Booster\madDisAsm_.bpl2013-10-05 10:03 - 2012-02-16 10:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Driver Booster\sqlite3.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows\System32:82A93AA7_Abn.gbpAlternateDataStreams: C:\Users\ACSA\Cookies:mwzswpu5eJKHwIy6QklIGOYWQtv6AlternateDataStreams: C:\Users\ACSA\Local Settings:t8G6tbQRuEHRJYDyzvvuGmAlternateDataStreams: C:\Users\ACSA\AppData\Local:t8G6tbQRuEHRJYDyzvvuGmAlternateDataStreams: C:\Users\ACSA\AppData\Local\7D3pn4Otqu:MPmoYbYFSazOUSCOwa1KqnbAlternateDataStreams: C:\Users\ACSA\AppData\Local\Application Data:t8G6tbQRuEHRJYDyzvvuGmAlternateDataStreams: C:\Users\ACSA\AppData\Local\Temp:0NEkqv9XiqGAvWUqf7wT ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Faulty Device Manager Devices ============= Name: ASUS BluetoothDescription: ASUS BluetoothClass Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}Manufacturer: Atheros CommunicationsService: BTHUSBProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (12/14/2013 07:26:14 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (12/14/2013 07:27:51 PM) (Source: DCOM) (User: )Description: {C288AC5A-D846-4696-8028-2DF6F508D0D9} Error: (12/14/2013 07:24:17 PM) (Source: volmgr) (User: )Description: Crash dump initialization failed! Error: (12/14/2013 04:36:54 PM) (Source: volmgr) (User: )Description: Crash dump initialization failed! Error: (12/14/2013 04:20:35 PM) (Source: volmgr) (User: )Description: Crash dump initialization failed! Error: (12/14/2013 04:21:23 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 16:19:59 on 14/12/2013 was unexpected. Microsoft Office Sessions:=========================Error: (12/14/2013 07:26:14 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors:=================================== Date: 2013-12-14 21:20:48.098 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 21:01:06.075 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 20:21:47.474 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 19:26:50.372 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 19:09:34.324 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 19:01:17.483 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 18:19:19.387 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 17:25:42.260 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 17:15:55.439 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2013-12-14 16:51:41.166 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 33%Total physical RAM: 8167.14 MBAvailable physical RAM: 5422.02 MBTotal Pagefile: 16332.46 MBAvailable Pagefile: 13235.13 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:341.7 GB) (Free:154.07 GB) NTFSDrive d: () (Fixed) (Total:78.13 GB) (Free:25.82 GB) NTFSDrive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1641.89 GB) NTFSDrive f: () (Fixed) (Total:39.06 GB) (Free:17.5 GB) NTFSDrive g: () (Fixed) (Total:39.06 GB) (Free:30.06 GB) NTFSDrive h: () (Fixed) (Total:141.83 GB) (Free:31.44 GB) NTFSDrive k: () (Fixed) (Total:488.28 GB) (Free:441.51 GB) NTFSDrive l: () (Fixed) (Total:556.64 GB) (Free:164.21 GB) NTFSDrive n: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
MrCharlie Posted December 15, 2013 ID:764603 Share Posted December 15, 2013 OK....... Download the attached fixlist.txt to the same folder as FRST. Run FRST.exe and click Fix only once and wait The tool will create a log (Fixlog.txt) in the folder, please post it to your reply. Then...... You have to manually reset Chrome as before: CHR DefaultSearchKeyword: yahoo.com search CHR DefaultSearchProvider: Yahoo CHR DefaultSearchURL: http://br.search.yah...&type=800236&p={searchTerms} CHR DefaultNewTabURL: Let me know....MrC Link to post Share on other sites More sharing options...
acsalmeida Posted December 15, 2013 Author ID:764633 Share Posted December 15, 2013 MrC thanks for your effort, but I still can not get rid of the Yahoo search... Link to post Share on other sites More sharing options...
acsalmeida Posted December 15, 2013 Author ID:764694 Share Posted December 15, 2013 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01Ran by ACSA (administrator) on ACSA-PC on 15-12-2013 00:42:33Running from C:\Users\ACSA\Desktop\FRSTWindows 7 Professional Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe() C:\Windows\SysWOW64\PnkBstrA.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe() C:\Program Files\Macrium\Reflect\ReflectService.exe(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe(Dropbox, Inc.) C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-10-05] (Realtek Semiconductor)HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-10-05] (Realtek Semiconductor)HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exeHKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)HKCU\...\Run: [FMCore.exe] - C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe [9440256 2012-12-11] (Celartem, Inc., doing business as Extensis.)HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)HKCU\...\Run: [Google Update] - C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-14] (Google Inc.)HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1HKCU\...\Policies\Explorer: [] HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a8726356-a695-4a0f-a368-9e52a6bc90b3.exe [180184 2013-11-23] (AVAST Software)HKLM-x32\...\Run: [tvncontrol] - "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slaveHKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-brHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.com/?type=402027&fr=spigot-yhp-ieStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - DefaultScope {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cabDPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} http://marahu.dvrdns.org:3130/webrec.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 187.22.0.61 187.22.0.66Tcpip\..\Interfaces\{A014895A-EA50-48E7-B92D-4BA595890AA7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1Tcpip\..\Interfaces\{C87D9D7B-D12F-42F4-B4C5-1659882566C7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: gastecnologia.com.br/sf/abn - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtnFF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FFFF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpiFF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi Chrome: =======CHR DefaultSearchKeyword: yahoo.com searchCHR DefaultSearchProvider: YahooCHR DefaultSearchURL: http://br.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=800236&p={searchTerms}CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1CHR Extension: (YouTube) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1CHR Extension: (Google Search) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1CHR Extension: (Google Wallet) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0CHR Extension: (Gmail) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crxCHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2013-10-05] (DTS)R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [409144 2013-08-19] (GAS Tecnologia)R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-01] ()R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) ==================== Drivers (Whitelisted) ==================== S3 AIDA64Driver; No ImagePathR1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-15] (DT Soft Ltd)S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-14 21:32 - 2013-12-14 21:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\ACSA\Downloads\HijackThis.exe2013-12-14 20:31 - 2013-12-14 20:31 - 13086648 _____ (IObit ) C:\Users\ACSA\Downloads\driverbooster-cnet-setup.exe2013-12-14 19:26 - 2013-12-14 19:26 - 00000000 ____H C:\ProgramData\cm-lock2013-12-14 19:00 - 2013-12-15 00:42 - 00000000 ____D C:\Users\ACSA\Desktop\FRST2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST2013-12-14 12:30 - 2013-12-14 12:31 - 00000000 ____D C:\AdwCleaner2013-12-14 11:57 - 2013-12-14 11:58 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe2013-12-14 11:32 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip2013-12-14 09:50 - 2013-12-15 00:17 - 00001176 _____ C:\Windows\setupact.log2013-12-14 09:50 - 2013-12-15 00:16 - 00008500 _____ C:\Windows\PFRO.log2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log2013-12-14 09:18 - 2013-12-14 09:28 - 00000000 ____D C:\ProgramData\HitmanPro2013-12-14 09:18 - 2013-12-14 09:19 - 00000000 ____D C:\Program Files\HitmanPro2013-12-14 09:16 - 2013-12-14 09:17 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe2013-12-13 11:14 - 2013-12-14 11:35 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt2013-12-12 16:38 - 2013-12-12 16:39 - 00000000 ___SD C:\ComboFix2013-12-12 16:35 - 2013-12-12 17:55 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz2013-12-12 16:04 - 2013-12-14 11:58 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab2013-12-12 00:18 - 2013-12-12 00:19 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe2013-12-11 21:40 - 2013-12-15 00:29 - 00419690 _____ C:\Windows\WindowsUpdate.log2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg2013-12-10 21:53 - 2013-05-10 03:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2013-12-10 21:53 - 2013-05-10 03:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2013-12-10 21:53 - 2013-05-10 02:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2013-12-10 21:53 - 2013-05-10 02:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2013-12-10 21:52 - 2013-11-26 09:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-12-10 21:52 - 2013-11-26 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-12-10 21:52 - 2013-11-26 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-12-10 21:52 - 2013-11-26 08:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-12-10 21:52 - 2013-11-26 07:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-12-10 21:52 - 2013-11-26 07:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-12-10 21:52 - 2013-11-26 07:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-12-10 21:52 - 2013-11-26 07:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-12-10 21:52 - 2013-11-26 07:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-12-10 21:52 - 2013-11-26 07:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-12-10 21:52 - 2013-11-26 07:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-12-10 21:52 - 2013-11-26 07:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-12-10 21:52 - 2013-11-26 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-12-10 21:52 - 2013-11-26 07:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-12-10 21:52 - 2013-11-26 06:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-12-10 21:52 - 2013-11-26 06:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-12-10 21:52 - 2013-11-26 06:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-12-10 21:52 - 2013-11-26 06:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-12-10 21:52 - 2013-11-26 06:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-12-10 21:52 - 2013-11-26 06:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-12-10 21:52 - 2013-11-26 06:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-12-10 21:52 - 2013-11-26 06:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-12-10 21:52 - 2013-11-26 05:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-12-10 21:52 - 2013-11-26 05:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-12-10 21:52 - 2013-11-26 05:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-12-10 21:52 - 2013-11-26 05:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-12-10 21:52 - 2013-11-26 04:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-12-10 21:52 - 2013-11-26 04:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-12-10 21:52 - 2013-11-26 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-12-10 21:52 - 2013-11-26 04:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-12-10 21:52 - 2013-11-26 04:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-12-10 21:49 - 2013-11-23 16:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll2013-12-10 21:49 - 2013-11-23 15:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll2013-12-10 21:49 - 2013-10-30 00:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll2013-12-10 21:49 - 2013-10-30 00:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll2013-12-10 21:49 - 2013-10-29 23:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-12-10 21:49 - 2013-10-19 00:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2013-12-10 21:49 - 2013-10-18 23:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll2013-12-10 21:48 - 2013-11-12 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-12-10 21:48 - 2013-11-12 00:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2013-12-10 21:48 - 2013-10-12 00:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2013-12-10 21:48 - 2013-10-12 00:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2013-12-10 21:48 - 2013-10-12 00:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx2013-12-10 21:48 - 2013-10-12 00:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll2013-12-10 21:48 - 2013-10-11 23:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2013-12-10 21:48 - 2013-10-11 23:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2013-12-10 21:48 - 2013-10-11 23:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe2013-12-10 21:48 - 2013-10-11 23:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe2013-12-10 21:48 - 2013-10-04 00:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2013-12-10 21:48 - 2013-10-03 23:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-12-10 18:24 - 2013-12-10 18:27 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT2013-12-10 11:55 - 2013-12-10 11:42 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe2013-12-10 11:45 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe2013-12-10 11:30 - 2013-12-10 11:31 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe2013-12-07 19:12 - 2013-12-08 07:44 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations2013-12-07 19:08 - 2013-12-07 19:09 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip2013-12-07 09:51 - 2013-06-06 18:41 - 00489392 _____ (Ask Partner Network) C:\Users\ACSA\Documents\APNSetup1.exe2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt2013-12-04 10:10 - 2013-12-04 11:00 - 25095200 _____ (IObit ) C:\Users\ACSA\Downloads\imf-setup.exe2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-12-04 08:10 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH2013-12-04 08:04 - 2013-12-04 08:28 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe2013-12-03 00:03 - 2013-10-30 15:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2013-12-03 00:03 - 2013-10-30 15:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs2013-12-01 08:21 - 2013-12-10 09:11 - 00000000 ____D C:\Users\Public\Documents\Lightworks2013-12-01 08:21 - 2013-12-01 08:30 - 00000000 ____D C:\Program Files (x86)\Lightworks2013-12-01 08:14 - 2013-12-01 08:16 - 154323168 _____ (Online Media Technologies Ltd. ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe2013-11-29 23:26 - 2013-12-01 07:35 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit2013-11-29 20:38 - 2013-12-02 15:42 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis52013-11-29 20:30 - 2013-12-02 10:57 - 00000000 ____D C:\ProgramData\Abvent2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent2013-11-29 20:08 - 2013-11-29 20:37 - 00000000 ____D C:\Program Files\Artlantis Studio 52013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}2013-11-23 20:34 - 2013-11-23 20:36 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win642013-11-23 18:23 - 2013-11-23 19:18 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip2013-11-21 10:40 - 2013-11-21 10:41 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia ) C:\Users\ACSA\Downloads\gbplugin2.exe2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip2013-11-20 13:23 - 2013-11-11 13:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2013-11-20 13:23 - 2013-11-11 13:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2013-11-20 13:23 - 2013-11-11 13:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin2013-11-20 13:23 - 2013-11-11 13:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2013-11-20 13:23 - 2013-11-11 13:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2013-11-20 13:23 - 2013-11-11 13:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2013-11-20 13:21 - 2013-11-14 09:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-11-20 13:21 - 2013-11-14 09:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-11-20 13:21 - 2013-11-14 09:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-11-20 13:21 - 2013-11-14 09:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-11-20 13:21 - 2013-11-14 09:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2013-11-20 13:21 - 2013-11-14 09:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-11-20 13:21 - 2013-11-14 09:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-11-20 13:21 - 2013-11-14 09:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-11-20 13:21 - 2013-11-14 09:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-11-20 13:21 - 2013-11-14 09:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-11-20 13:21 - 2013-11-14 09:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-11-20 13:21 - 2013-11-14 09:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2013-11-20 13:21 - 2013-11-14 09:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2013-11-20 13:21 - 2013-11-14 09:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb2013-11-19 13:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey.htm2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta A culpa pode ser do DNS Rodrigo Rey_files2013-11-18 13:08 - 2013-11-18 13:09 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe2013-11-16 11:44 - 2013-11-16 11:45 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip2013-11-16 10:57 - 2013-11-16 10:58 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp42013-11-16 10:41 - 2013-12-15 00:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI2013-11-15 08:02 - 2013-11-15 08:03 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls Link to post Share on other sites
Recommended Posts