Jump to content

Annoying Yahoo search engine in all browsers

acsalmeida

By acsalmeida
in Resolved Malware Removal Logs

 Share

Recommended Posts

acsalmeida

acsalmeida

Posted
Posted
OS: Upadted Windows 7 Pro (x64)

 

Annoying Yahoo search engine in all browsers, What I've already done (all browsers):

1. I did a research and tried a lot of tips, but none worked so far.

2. I already tried to change the searching engine and initial web page inside the option of the browsers, there is no extensions or plugins associated with "Yahoo" or "search engine".

3. I searched for "spigot" on my computer but it didn't return any results although the search field shows http://br.search.yahoo.com/?type=800236&fr=spigot-yhp-ff

4. I can't see eithher "Search Settings", "Yahoo", "Baidu" or "YouTube Downloader Toolbar" in my windows control panel (Start>Control 

Panel>Programs/Programs and Features).

5. On the processes tab of my windows task manager I don't see any files called searchsettigs.exe.

6. Fact: When I delete the file "prefs.js and folder "searchplugins" (yahoo_ff.xml) from C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles

\v1q90507.default and open the Firefox, everything is normal, but if I close and reopen, Yahoo is back to the search field.

 

Thank you very much in advance

 

 

Link to post
Share on other sites
  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum, please try this procedure:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
# AdwCleaner v3.015 - Report created 14/12/2013 at 12:31:54
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : ACSA - ACSA-PC
# Running from : C:\Users\ACSA\Desktop\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v25.0.1 (pt-BR)
 
[ File : C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [880 octets] - [14/12/2013 12:30:09]
AdwCleaner[s0].txt - [802 octets] - [14/12/2013 12:31:54]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [861 octets] ##########
 
===================================================================================
 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Versão da Base de Dados:  v2013.12.14.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
ACSA :: ACSA-PC [administrador]
 
14/12/2013 12:38:32
mbam-log-2013-12-14 (12-38-32).txt
 
Tipo de Verificação:  Verificação Rápida 
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  228768
Tempo decorrido: 7 minuto(s), 34 segundo(s)
 
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
 
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
 
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
 
(fim)

 

===================================================================================
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Run this scan:

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
MrC
Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows 7 Professional x64

Ran by ACSA on 14/12/2013 at 13:36:40,27

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 14/12/2013 at 13:59:01,73

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted

MrCharlie, on "Checking Module"
 

A bad module has been detected and asked me to reboot now ou later, I rebooted.
The Yahoo still there
 
I run the program again, the same bad module again and asked me to reboot, but this time I didn't. the program finish the scan and the result is above.
The Yahoo still there
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK.....run this scan and post the logs....

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted

Here we go...

FRST.txt
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by ACSA (administrator) on ACSA-PC on 14-12-2013 17:53:38
Running from C:\Users\ACSA\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe
(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Dropbox, Inc.) C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-10-05] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-10-05] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1612504 2013-11-11] (COMODO)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [FMCore.exe] - C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe [9440256 2012-12-11] (Celartem, Inc., doing business as Extensis.)
HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Google Update] - C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-14] (Google Inc.)
HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKCU\...\Policies\Explorer: [] 
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a8726356-a695-4a0f-a368-9e52a6bc90b3.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [tvncontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-12-13] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)
HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.com/?type=800236&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE89D256EDC92CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
URLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyE0A0Fzz0AtAzztD0DtA0EtN0D0Tzu0StByDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=1155018486
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKCU - DefaultScope {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} http://marahu.dvrdns.org:3130/webrec.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 187.22.0.61 187.22.0.66
Tcpip\..\Interfaces\{A014895A-EA50-48E7-B92D-4BA595890AA7}: [NameServer]187.22.0.61,187.22.0.66
 
FireFox:
========
FF ProfilePath: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/abn - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)
FF SearchPlugin: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: Ads Removal - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\adsremoval@adsremoval.net
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: support - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\support@real-hide-ip.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
 
Chrome: 
=======
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultNewTabURL: 
CHR Extension: (Google Drive) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1
CHR Extension: (Google Wallet) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Gmail) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-12-13] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-19] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2013-11-11] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2013-10-05] (DTS)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [409144 2013-08-19] (GAS Tecnologia)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-12-13] (Comodo Security Solutions, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-01] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
 
==================== Drivers (Whitelisted) ====================
 
S3 AIDA64Driver; No ImagePath
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [709144 2013-11-14] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48872 2013-09-24] (COMODO)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-15] (DT Soft Ltd)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-07] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-09-24] (COMODO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-14 17:53 - 2013-12-14 17:53 - 00034299 _____ C:\Users\ACSA\Desktop\FRST.txt
2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST
2013-12-14 17:51 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Desktop\FRST64.exe
2013-12-14 16:39 - 2013-12-14 16:39 - 00000000 ____H C:\ProgramData\cm-lock
2013-12-14 13:12 - 2013-12-14 13:12 - 01034531 _____ (Thisisu) C:\Users\ACSA\Desktop\JRT.exe
2013-12-14 12:30 - 2013-12-14 12:31 - 00000000 ____D C:\AdwCleaner
2013-12-14 11:57 - 2013-12-14 11:58 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe
2013-12-14 11:32 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe
2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip
2013-12-14 09:50 - 2013-12-14 16:38 - 00000840 _____ C:\Windows\setupact.log
2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log
2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log
2013-12-14 09:18 - 2013-12-14 09:28 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-14 09:18 - 2013-12-14 09:19 - 00000000 ____D C:\Program Files\HitmanPro
2013-12-14 09:16 - 2013-12-14 09:17 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe
2013-12-13 11:14 - 2013-12-14 11:35 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe
2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip
2013-12-13 10:23 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Desktop\adwcleaner.exe
2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt
2013-12-12 16:38 - 2013-12-12 16:39 - 00000000 ___SD C:\ComboFix
2013-12-12 16:35 - 2013-12-12 17:55 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz
2013-12-12 16:04 - 2013-12-14 11:58 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt
2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-12-12 00:18 - 2013-12-12 00:19 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe
2013-12-11 21:40 - 2013-12-14 16:44 - 00373793 _____ C:\Windows\WindowsUpdate.log
2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg
2013-12-10 21:53 - 2013-05-10 03:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-10 21:53 - 2013-05-10 03:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-10 21:53 - 2013-05-10 02:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-10 21:53 - 2013-05-10 02:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-10 21:52 - 2013-11-26 09:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 21:52 - 2013-11-26 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 21:52 - 2013-11-26 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 21:52 - 2013-11-26 08:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 21:52 - 2013-11-26 07:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 21:52 - 2013-11-26 07:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 21:52 - 2013-11-26 07:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 21:52 - 2013-11-26 07:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 21:52 - 2013-11-26 07:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 21:52 - 2013-11-26 07:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 21:52 - 2013-11-26 07:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 21:52 - 2013-11-26 07:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 21:52 - 2013-11-26 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 21:52 - 2013-11-26 07:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 21:52 - 2013-11-26 06:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 21:52 - 2013-11-26 06:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 21:52 - 2013-11-26 06:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 21:52 - 2013-11-26 06:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 21:52 - 2013-11-26 06:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 21:52 - 2013-11-26 06:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 21:52 - 2013-11-26 06:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 21:52 - 2013-11-26 06:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 21:52 - 2013-11-26 05:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 21:52 - 2013-11-26 05:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 21:52 - 2013-11-26 05:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 21:52 - 2013-11-26 05:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 21:52 - 2013-11-26 04:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 21:52 - 2013-11-26 04:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 21:52 - 2013-11-26 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 21:52 - 2013-11-26 04:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 21:52 - 2013-11-26 04:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 21:49 - 2013-11-23 16:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 21:49 - 2013-11-23 15:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 21:49 - 2013-10-30 00:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 21:49 - 2013-10-30 00:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 21:49 - 2013-10-29 23:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 21:49 - 2013-10-19 00:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 21:49 - 2013-10-18 23:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 21:48 - 2013-11-12 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 21:48 - 2013-11-12 00:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 21:48 - 2013-10-12 00:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 21:48 - 2013-10-12 00:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 21:48 - 2013-10-12 00:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 21:48 - 2013-10-12 00:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 21:48 - 2013-10-11 23:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 21:48 - 2013-10-11 23:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 21:48 - 2013-10-11 23:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 21:48 - 2013-10-11 23:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 21:48 - 2013-10-04 00:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 21:48 - 2013-10-03 23:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos
2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt
2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log
2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe
2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-10 18:24 - 2013-12-10 18:27 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe
2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi
2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 11:55 - 2013-12-10 11:42 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe
2013-12-10 11:45 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe
2013-12-10 11:30 - 2013-12-10 11:31 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe
2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe
2013-12-07 19:12 - 2013-12-08 07:44 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate
2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG
2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations
2013-12-07 19:08 - 2013-12-07 19:09 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip
2013-12-07 09:51 - 2013-06-06 18:41 - 00489392 _____ (Ask Partner Network) C:\Users\ACSA\Documents\APNSetup1.exe
2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt
2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP
2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP
2013-12-07 08:56 - 2013-12-07 08:55 - 04034166 ____R (Friends in War) C:\Users\ACSA\Desktop\Real Hide IP v4.2.9.6 (1-click run)(registered).exe
2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)
2013-12-07 08:51 - 2013-12-07 08:51 - 00923784 _____ (CNET Download.com) C:\Users\ACSA\Downloads\cbsidlm-cbsi145-Real_Hide_IP-ORG-10907662.exe
2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM
2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt
2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt
2013-12-04 10:10 - 2013-12-04 11:00 - 25095200 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\imf-setup.exe
2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en
2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-04 08:10 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-04 08:04 - 2013-12-04 08:28 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live
2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe
2013-12-03 00:03 - 2013-10-30 15:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-03 00:03 - 2013-10-30 15:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software
2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar
2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK
2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs
2013-12-01 08:21 - 2013-12-10 09:11 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2013-12-01 08:21 - 2013-12-01 08:30 - 00000000 ____D C:\Program Files (x86)\Lightworks
2013-12-01 08:14 - 2013-12-01 08:16 - 154323168 _____ (Online Media Technologies Ltd.                              ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe
2013-11-29 23:26 - 2013-12-01 07:35 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu
2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip
2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit
2013-11-29 20:38 - 2013-12-02 15:42 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis5
2013-11-29 20:30 - 2013-12-02 10:57 - 00000000 ____D C:\ProgramData\Abvent
2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent
2013-11-29 20:08 - 2013-11-29 20:37 - 00000000 ____D C:\Program Files\Artlantis Studio 5
2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA
2013-11-26 18:43 - 2013-11-26 18:43 - 00001165 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData
2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-23 20:36 - 2013-12-07 08:57 - 00003266 _____ C:\Windows\system32\Drivers\fvstore.dat
2013-11-23 20:34 - 2013-11-23 20:36 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64
2013-11-23 18:23 - 2013-11-23 19:18 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar
2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip
2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip
2013-11-21 10:40 - 2013-11-21 10:41 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat
2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe
2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia
2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia                                              ) C:\Users\ACSA\Downloads\gbplugin2.exe
2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip
2013-11-20 13:23 - 2013-11-11 13:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-11-20 13:23 - 2013-11-11 13:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-11-20 13:23 - 2013-11-11 13:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin
2013-11-20 13:23 - 2013-11-11 13:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-11-20 13:23 - 2013-11-11 13:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-11-20 13:23 - 2013-11-11 13:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-20 13:21 - 2013-11-14 09:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-11-20 13:21 - 2013-11-14 09:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-11-20 13:21 - 2013-11-14 09:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb
2013-11-19 13:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey.htm
2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey_files
2013-11-18 13:08 - 2013-11-18 13:09 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe
2013-11-16 11:44 - 2013-11-16 11:45 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip
2013-11-16 10:57 - 2013-11-16 10:58 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp4
2013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar
2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim
2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI
2013-11-15 08:02 - 2013-11-15 08:03 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls
2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls
2013-11-14 08:52 - 2013-11-14 08:53 - 28436064 _____ (ofcdesk, llc                                                ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe
Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
==================== One Month Modified Files and Folders =======

 

2013-12-14 17:53 - 2013-12-14 17:53 - 00034299 _____ C:\Users\ACSA\Desktop\FRST.txt

2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST

2013-12-14 17:50 - 2013-12-14 17:51 - 01927796 _____ (Farbar) C:\Users\ACSA\Desktop\FRST64.exe

2013-12-14 17:50 - 2013-12-14 11:32 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe

2013-12-14 17:49 - 2012-09-14 23:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-14 17:48 - 2012-09-15 01:02 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job

2013-12-14 16:47 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-12-14 16:47 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-12-14 16:44 - 2013-12-11 21:40 - 00373793 _____ C:\Windows\WindowsUpdate.log

2013-12-14 16:44 - 2009-07-14 03:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-14 16:42 - 2012-09-16 09:16 - 00000000 ____D C:\Program Files (x86)\Steam

2013-12-14 16:41 - 2013-01-09 07:37 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Dropbox

2013-12-14 16:39 - 2013-12-14 16:39 - 00000000 ____H C:\ProgramData\cm-lock

2013-12-14 16:39 - 2012-09-17 16:23 - 00000010 _____ C:\Users\ACSA\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30

2013-12-14 16:39 - 2012-09-17 16:23 - 00000010 _____ C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C96

2013-12-14 16:38 - 2013-12-14 09:50 - 00000840 _____ C:\Windows\setupact.log

2013-12-14 16:38 - 2013-10-05 10:03 - 00000282 _____ C:\Windows\Tasks\Driver Booster Update.job

2013-12-14 16:38 - 2012-09-14 23:41 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-14 16:38 - 2012-09-14 23:03 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini

2013-12-14 16:37 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-14 14:52 - 2012-09-14 23:40 - 00000000 ____D C:\Program Files (x86)\Google

2013-12-14 13:36 - 2013-08-02 14:37 - 03891200 ___SH C:\Users\ACSA\Downloads\Thumbs.db

2013-12-14 13:12 - 2013-12-14 13:12 - 01034531 _____ (Thisisu) C:\Users\ACSA\Desktop\JRT.exe

2013-12-14 12:31 - 2013-12-14 12:30 - 00000000 ____D C:\AdwCleaner

2013-12-14 11:58 - 2013-12-14 11:57 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe

2013-12-14 11:58 - 2013-12-12 16:04 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt

2013-12-14 11:35 - 2013-12-13 11:14 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe

2013-12-14 10:24 - 2012-10-16 09:48 - 00019968 ___SH C:\Users\ACSA\Thumbs.db

2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip

2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log

2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log

2013-12-14 09:47 - 2013-03-10 10:53 - 00000000 ____D C:\ProgramData\GAS Tecnologia

2013-12-14 09:44 - 2012-09-15 07:03 - 00000000 ____D C:\Users\ACSA\AppData\Local\CrashDumps

2013-12-14 09:28 - 2013-12-14 09:18 - 00000000 ____D C:\ProgramData\HitmanPro

2013-12-14 09:19 - 2013-12-14 09:18 - 00000000 ____D C:\Program Files\HitmanPro

2013-12-14 09:17 - 2013-12-14 09:16 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe

2013-12-14 09:15 - 2012-09-15 01:02 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job

2013-12-13 21:58 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe

2013-12-13 15:52 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

2013-12-13 15:47 - 2012-09-15 01:02 - 00000000 ____D C:\Program Files (x86)\Origin

2013-12-13 14:58 - 2012-09-15 00:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-12-13 11:30 - 2013-07-26 16:02 - 00000000 ____D C:\Users\ACSA\AppData\Local\Deployment

2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip

2013-12-13 10:47 - 2013-01-12 07:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-12-13 10:30 - 2012-09-15 18:56 - 00000000 ____D C:\ProgramData\GbPlugin

2013-12-13 10:22 - 2013-12-13 10:23 - 01226802 _____ C:\Users\ACSA\Desktop\adwcleaner.exe

2013-12-13 10:22 - 2013-12-10 11:45 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe

2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt

2013-12-12 17:55 - 2013-12-12 16:35 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz

2013-12-12 16:39 - 2013-12-12 16:38 - 00000000 ___SD C:\ComboFix

2013-12-12 12:56 - 2013-10-02 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Battlefield 4

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2013-12-12 00:19 - 2013-12-12 00:18 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe

2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg

2013-12-11 19:33 - 2013-06-25 10:23 - 00000000 ____D C:\Users\ACSA\Documents\BIMx

2013-12-11 19:33 - 2012-09-15 21:55 - 00000000 ____D C:\Users\ACSA\Graphisoft

2013-12-11 19:33 - 2012-09-15 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Corel

2013-12-11 19:03 - 2013-09-22 09:09 - 00000000 _____ C:\Windows\Path.idx

2013-12-11 19:02 - 2013-09-22 09:09 - 00867360 _____ C:\Windows\PE_Rom.dll

2013-12-10 22:41 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache

2013-12-10 22:15 - 2009-07-14 02:45 - 05162600 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-10 21:52 - 2013-07-30 10:19 - 00000000 ____D C:\Windows\system32\MRT

2013-12-10 21:49 - 2012-09-14 23:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-12-10 18:56 - 2013-11-05 11:36 - 00000000 ____D C:\Qoobox(1)

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos

2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt

2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log

2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro

2013-12-10 18:27 - 2013-12-10 18:24 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe

2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi

2013-12-10 17:00 - 2013-06-17 16:27 - 00000497 _____ C:\Users\ACSA\Downloads\QUEM INCOMODA.txt

2013-12-10 12:55 - 2013-05-18 16:54 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Skype

2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT

2013-12-10 11:42 - 2013-12-10 11:55 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe

2013-12-10 11:31 - 2013-12-10 11:30 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe

2013-12-10 09:11 - 2013-12-01 08:21 - 00000000 ____D C:\Users\Public\Documents\Lightworks

2013-12-10 09:09 - 2012-12-03 14:05 - 00000029 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak

2013-12-10 09:09 - 2009-07-14 00:34 - 00480308 _____ C:\Windows\system32\Drivers\etc\hosts_PTBackup.bak

2013-12-10 08:39 - 2013-04-10 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe

2013-12-09 07:34 - 2013-09-04 09:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2013-12-08 07:44 - 2013-12-07 19:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate

2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG

2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations

2013-12-07 19:09 - 2013-12-07 19:08 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip

2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP

2013-12-07 08:57 - 2013-11-23 20:36 - 00003266 _____ C:\Windows\system32\Drivers\fvstore.dat

2013-12-07 08:55 - 2013-12-07 08:56 - 04034166 ____R (Friends in War) C:\Users\ACSA\Desktop\Real Hide IP v4.2.9.6 (1-click run)(registered).exe

2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)

2013-12-07 08:51 - 2013-12-07 08:51 - 00923784 _____ (CNET Download.com) C:\Users\ACSA\Downloads\cbsidlm-cbsi145-Real_Hide_IP-ORG-10907662.exe

2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM

2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt

2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt

2013-12-05 08:39 - 2012-09-18 10:11 - 00001456 _____ C:\Users\ACSA\AppData\Local\Adobe Save for Web 13.0 Prefs

2013-12-04 11:00 - 2013-12-04 10:10 - 25095200 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\imf-setup.exe

2013-12-04 08:28 - 2013-12-04 08:04 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-12-04 08:11 - 2013-12-04 08:10 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH

2013-12-04 08:10 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe

2013-12-03 08:44 - 2012-09-14 23:41 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-03 08:44 - 2012-09-14 23:41 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-12-03 00:09 - 2013-11-13 12:59 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA Corporation

2013-12-03 00:09 - 2013-10-02 21:13 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA

2013-12-03 00:04 - 2013-10-04 09:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-12-03 00:04 - 2012-09-14 23:09 - 00000000 ____D C:\ProgramData\NVIDIA

2013-12-03 00:03 - 2012-12-18 13:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-12-03 00:03 - 2012-09-14 23:06 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-12-02 15:42 - 2013-11-29 20:38 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis5

2013-12-02 10:57 - 2013-11-29 20:30 - 00000000 ____D C:\ProgramData\Abvent

2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software

2013-12-01 13:41 - 2012-09-15 22:54 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar

2013-12-01 10:07 - 2012-09-14 23:18 - 00766336 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK

2013-12-01 08:30 - 2013-12-01 08:21 - 00000000 ____D C:\Program Files (x86)\Lightworks

2013-12-01 08:30 - 2012-09-14 22:34 - 00000000 ____D C:\Users\ACSA

2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs

2013-12-01 08:16 - 2013-12-01 08:14 - 154323168 _____ (Online Media Technologies Ltd.                              ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe

2013-12-01 07:45 - 2013-07-10 17:03 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys

2013-12-01 07:45 - 2013-07-10 17:03 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2013-12-01 07:45 - 2013-01-12 07:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2013-12-01 07:45 - 2013-01-12 07:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys

2013-12-01 07:43 - 2012-09-15 01:02 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA

2013-12-01 07:43 - 2012-09-15 01:02 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core

2013-12-01 07:35 - 2013-11-29 23:26 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu

2013-12-01 07:30 - 2013-01-12 07:44 - 00000000 ____D C:\ProgramData\AVAST Software

2013-12-01 07:29 - 2013-01-12 07:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-11-30 06:46 - 2013-08-20 11:29 - 00000000 ____D C:\Users\ACSA\Downloads\20 Historic Black and White Photos Colorized

2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip

2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit

2013-11-29 20:37 - 2013-11-29 20:08 - 00000000 ____D C:\Program Files\Artlantis Studio 5

2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent

2013-11-29 14:56 - 2013-10-28 18:17 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-11-29 14:56 - 2013-10-28 18:17 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-11-29 09:16 - 2012-09-15 00:22 - 00000000 ____D C:\Users\ACSA\AppData\Local\Adobe

2013-11-26 18:55 - 2012-09-15 03:22 - 00000000 ____D C:\Windows\Panther

2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA

2013-11-26 18:43 - 2013-11-26 18:43 - 00001165 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\IObit

2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\ProgramData\IObit

2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\Program Files (x86)\IObit

2013-11-26 09:54 - 2013-12-10 21:52 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-11-26 08:19 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-11-26 08:18 - 2013-12-10 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-11-26 08:11 - 2013-12-10 21:52 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-11-26 07:48 - 2013-12-10 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-11-26 07:46 - 2013-12-10 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-11-26 07:41 - 2013-12-10 21:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-11-26 07:29 - 2013-12-10 21:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-11-26 07:27 - 2013-12-10 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-11-26 07:23 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-11-26 07:21 - 2013-12-10 21:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-11-26 07:18 - 2013-12-10 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-11-26 07:18 - 2013-12-10 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-11-26 07:16 - 2013-12-10 21:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-11-26 06:57 - 2013-12-10 21:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-11-26 06:38 - 2013-12-10 21:52 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-11-26 06:38 - 2013-12-10 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-11-26 06:35 - 2013-12-10 21:52 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-11-26 06:32 - 2013-12-10 21:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-11-26 06:28 - 2013-12-10 21:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-11-26 06:16 - 2013-12-10 21:52 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-11-26 06:02 - 2013-12-10 21:52 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-11-26 05:48 - 2013-12-10 21:52 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-11-26 05:32 - 2013-12-10 21:52 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-11-26 05:26 - 2013-12-10 21:52 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-11-26 05:07 - 2013-12-10 21:52 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-11-26 04:40 - 2013-12-10 21:52 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-11-26 04:34 - 2013-12-10 21:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-11-26 04:34 - 2013-12-10 21:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-11-26 04:33 - 2013-12-10 21:52 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-11-26 04:27 - 2013-12-10 21:52 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-11-23 20:36 - 2013-11-23 20:34 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64

2013-11-23 19:18 - 2013-11-23 18:23 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar

2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip

2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip

2013-11-23 16:26 - 2013-12-10 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-11-23 15:47 - 2013-12-10 21:49 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-11-21 10:41 - 2013-11-21 10:40 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat

2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe

2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia

2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia                                              ) C:\Users\ACSA\Downloads\gbplugin2.exe

2013-11-21 08:51 - 2013-10-28 15:51 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\NVIDIA

2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip

2013-11-19 15:20 - 2012-09-14 22:34 - 00001417 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-19 15:15 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-19 13:11 - 2012-09-14 23:18 - 00001945 _____ C:\Windows\epplauncher.mif

2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-11-19 08:21 - 2010-11-21 01:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey.htm

2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey_files

2013-11-18 13:09 - 2013-11-18 13:08 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe

2013-11-16 11:45 - 2013-11-16 11:44 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip

2013-11-16 10:58 - 2013-11-16 10:57 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp4

2013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar

2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim

2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI

2013-11-15 08:03 - 2013-11-15 08:02 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls

2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls

2013-11-14 09:55 - 2013-11-20 13:21 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-11-14 09:55 - 2013-11-20 13:21 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2013-11-14 09:55 - 2013-11-20 13:21 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00023754 _____ C:\Windows\system32\nvinfo.pb

2013-11-14 09:38 - 2013-09-24 12:54 - 00709144 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys

2013-11-14 09:38 - 2013-09-24 12:53 - 00043216 _____ (COMODO) C:\Windows\system32\cmdcsr.dll

2013-11-14 08:53 - 2013-11-14 08:52 - 28436064 _____ (ofcdesk, llc                                                ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe

 

Some content of TEMP:

====================

C:\Users\ACSA\AppData\Local\Temp\ntdll_dump.dll

C:\Users\ACSA\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-12-10 13:48

 

==================== End Of Log ============================

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted

Addition.txt
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01
Ran by ACSA at 2013-12-14 17:54:32
Running from C:\Users\ACSA\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
 
==================== Installed Programs ======================
 
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.1)
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Illustrator CS6 (x32 Version: 16.0)
Adobe InDesign CS6 (x32 Version: 8.0)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Photoshop CS5.1 (x32 Version: 12.1)
Advanced SystemCare 7 (x32 Version: 7.0.6)
AI Suite II (x32 Version: 1.01.14)
Akamai NetSession Interface (HKCU)
AmpliTube 3 version 3.9.0 (Version: 3.9.0)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArchiCAD 16 INT (Version: 16.0)
ArchiCAD 17 (x32)
ArchiCAD 17 INT (Version: 17.0)
ArchiCAD 17 USA (Version: 17.0)
Artlantis Studio 5.0.2.3 (64 bit) (Version: 5.0.2.3)
ASIO4ALL (x32 Version: 2.11 Beta1)
ASUS PC Diagnostics (x32 Version: 1.1.2)
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0)
AutoCAD Architecture 2012 - English (Version: 6.7.49.0)
AutoCAD Architecture 2012 Language Pack - English (Version: 18.2.51.0)
Autodesk 360 (Version: 4.0.27.1)
Autodesk App Manager (x32 Version: 1.1.0)
Autodesk AutoCAD 2014 - English (Version: 19.1.18.0)
Autodesk Content Service (x32 Version: 3.1.3.0)
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0)
Autodesk Featured Apps (x32 Version: 1.1.0)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)
Autodesk Material Library 2012 (x32 Version: 2.5.0.8)
Autodesk Material Library 2014 (x32 Version: 4.0.19.0)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0)
Autodesk ReCap (Version: 1.0.43.13)
Autodesk ReCap Language Pack-English (Version: 1.0.43.13)
avast! Free Antivirus (x32 Version: 9.0.2008)
AVS Video ReMaker 4.1.3.149 (x32 Version: 4.1.3.149)
Battlefield 4™ (x32 Version: 1.0.0.1)
Battlelog Web Plugins (x32 Version: 2.3.2)
Bluetooth Win7 Suite (64) (Version: 7.2.0.40)
Bonjour (Version: 3.0.0.10)
CameraHelperMsi (x32 Version: 13.51.815.0)
CCleaner (Version: 4.01)
CodeMeter Runtime Kit v5.00a (Version: 5.00.1062.501)
Comodo Dragon (x32 Version: 30.0.0.0)
COMODO Firewall (Version: 6.3.32439.2937)
Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)
Corel Graphics - Windows Shell Extension (Version: 16.0.707)
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707)
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0)
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.0.0.707)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0)
CrystalDiskInfo 5.0.5 (x32 Version: 5.0.5)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.45.4.0316)
Driver Booster (x32 Version: 1.0)
Dropbox (HKCU Version: 2.0.22)
Easy CD-DA Extractor 16 (x32 Version: 16.0.8)
EPSON Printer Software
erLT (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Extensis Suitcase Fusion 4 (x32 Version: 15.0.5)
EZ Vinyl/Tape Converter by Ion Audio 11.5.0 (x32 Version: 11.5.0)
EZXDfh (x32 Version: 1.0)
EZXMetalMachine (x32 Version: 1.0.0)
FARO LS 1.1.406.58 (x32 Version: 4.6.58.2)
FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630)
FL Studio 11 (x32)
FlowStone FL 3.0 (x32)
Galeria de Fotos (x32 Version: 16.4.3508.0205)
GeekBuddy (Version: 4.10.79)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Earth (x32 Version: 7.1.2.2041)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320)
Google Update Helper (x32 Version: 1.3.22.3)
HD Tune 2.55 (x32)
HiJackThis (x32 Version: 1.0.0)
HitmanPro 3.7 (Version: 3.7.8.208)
IL Download Manager (x32)
IL Shared Libraries (x32)
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Intel® Rapid Storage Technology (x32 Version: 10.1.0.1008)
Intel® Watchdog Timer Driver (Intel® WDT) (x32)
Intelbras (x32)
IObit Malware Fighter (x32 Version: 2.2)
IObit Uninstaller (x32 Version: 3.0.4.1082)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (x32 Version: 1.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java 6 Update 32 (x32 Version: 6.0.320)
Java 7 Update 5 (64-bit) (Version: 7.0.50)
JDiskReport 1.4.0 (x32 Version: 1.4.0 (2012-01-20 11:38:43))
JMicron JMB36X Driver (x32 Version: 1.17.58.2)
jv16 PowerTools 2012 (x32 Version: )
Kaspersky Security Scan (x32 Version: 12.0.1.340)
KORG AudioGate (x32 Version: 2.3.3)
LibreOffice 3.6 (x32 Version: 3.6.1.2)
Lightworks (x32 Version: 11.1.1.0)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Webcam Software (x32 Version: 2.51)
LWS Facebook (x32 Version: 13.50.854.0)
LWS Gallery (x32 Version: 13.51.827.0)
LWS Help_main (x32 Version: 13.51.828.0)
LWS Launcher (x32 Version: 13.51.828.0)
LWS Pictures And Video (x32 Version: 13.51.815.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Webcam Software (x32 Version: 13.51.815.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
Macrium Reflect Free Edition (Version: 5.0.5154)
Malwarebytes Anti-Malware versão 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.0.0.1051)
Media Player Codec Pack 4.2.9 (x32 Version: 4.2.9)
Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MiniTool Partition Wizard Home Edition 7.6.1 (x32)
Módulo de Proteção Banco Santander 3.4.3.1 (x32 Version: Módulo de Proteção Banco Santander (Brasil) S.A.)
Movie Maker (x32 Version: 16.4.3508.0205)
Mozilla Firefox 25.0.1 (x86 pt-BR) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.0.1)
Mozilla Thunderbird 24.0.1 (x86 pt-BR) (x32 Version: 24.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Native Instruments Controller Editor (Version: 1.3.5.667)
Native Instruments Controller Editor (x32)
Native Instruments Guitar Rig 5 (Version: 5.0.2.2476)
Native Instruments Guitar Rig 5 (x32)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Mobile I/O (x32)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Session I/O (x32)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Rig Kontrol 3 (x32)
Native Instruments Service Center (Version: 2.3.0.853)
Native Instruments Service Center (x32)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero Blu-ray Player (x32 Version: 12.0.17700)
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000)
Nero Core Components (x32 Version: 11.0.18100)
Nero Kwik Media (x32 Version: 1.18.18900)
Nero Kwik Media (x32 Version: 12.0.01300)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
n-Track Studio 7 (x32)
NVIDIA Control Panel 331.82 (Version: 331.82)
NVIDIA GeForce Experience 1.8 (Version: 1.8)
NVIDIA Graphics Driver 331.82 (Version: 331.82)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)
NVIDIA Update 10.10.5 (Version: 10.10.5)
NVIDIA Update Core (Version: 10.10.5)
NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)
ofcdesk Tigre 2014 for AutoCAD (Version: 6.0.0.2)
Origin (x32 Version: 9.0.11.77)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (Version: 4.0.30319)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (Version: 4.0.30319)
PDF Settings CC (x32 Version: 12.0)
PDF Settings CS5 (x32 Version: 10.0)
PDF Settings CS6 (x32 Version: 11.0)
PerformanceTest v8.0 (Version: 8.0.1024.0)
Photo Common (x32 Version: 16.4.3508.0205)
Photo Gallery (x32 Version: 16.4.3508.0205)
Prerequisite installer (x32 Version: 12.0.0002)
PunkBuster Services (x32 Version: 0.993)
QuickTime (x32 Version: 7.74.80.86)
Rapture 1.2.2 (x32 Version: 18.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914)
Receitanet (x32 Version: 1.03)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
RidNacs 2.0.3 (x32)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
SHIELD Streaming (Version: 1.6.75)
SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0)
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.3 (x32 Version: 6.3.107)
Smart Defrag 2 (x32 Version: 2.9)
SolveigMM AVI Trimmer (x32 Version: 2.1.1307.29)
Sophos Virus Removal Tool (x32 Version: 2.4)
SpyHunter (Version: 4.16.5.4290)
Steam (x32 Version: 1.0.0.0)
StuffIt Expander 2011 (Version: 15.0.7.2518)
Suporte para Aplicativos Apple (x32 Version: 2.3.4)
Surfing Protection (x32 Version: 1.0)
UltraISO Premium V9.33 (x32)
Unigine Valley Benchmark version 1.0 (x32 Version: 1.0)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)
WD Drive Utilities (x32 Version: 1.0.3.3)
WD Security (x32 Version: 1.0.3.3)
WD SmartWare (Version: 1.6.4.7)
WibuKey Setup (WibuKey Remove) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup))
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live Photo Common (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World of Tanks (x32)
Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
==================== Restore Points  =========================

 

10-12-2013 20:28:16 Installed HiJackThis

10-12-2013 20:39:21 Installed Sophos Virus Removal Tool.

10-12-2013 23:49:19 Windows Update

12-12-2013 18:28:35 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-14 00:34 - 2013-12-10 09:09 - 00480370 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

127.0.0.1  www.winaproduct.com

127.0.0.1  www.winadiscount.com #[Dr.Web.Adware.Xbarre]

127.0.0.1  www.stickylogic.com

127.0.0.1  rt.udmserve.net

127.0.0.1  adunit.namiflow.com

127.0.0.1  ads.namiflow.com

127.0.0.1  c7.zxxds.net

127.0.0.1  c1.zxxds.net #[g1.panthercdn.com]

127.0.0.1  www.zedo.com #[Adware.RaxSearch]

127.0.0.1  yads.zedo.com

127.0.0.1  xads.zedo.com

127.0.0.1  ss7.zedo.com

127.0.0.1  ss2.zedo.com

127.0.0.1  ss1.zedo.com

127.0.0.1  simg.zedo.com

127.0.0.1  r1.zedo.com

127.0.0.1  l8.zedo.com

127.0.0.1  l6.zedo.com #[a515.g.akamai.net]

127.0.0.1  l5.zedo.com

127.0.0.1  l4.zedo.com

127.0.0.1  l3.zedo.com

127.0.0.1  l2.zedo.com

127.0.0.1  l1.zedo.com #[a1101.g.akamai.net]

127.0.0.1  h.zedo.com

127.0.0.1  gw.zedo.com

127.0.0.1  g.zedo.com #[zedo.live365.com]

127.0.0.1  freeze.zedo.com

127.0.0.1  d8.zedo.com

 

There are 1000 more lines.

 

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {135B7439-0B24-477A-B7C9-B9FF3648E6E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-01] (AVAST Software)

Task: {13933E39-CAE9-42DF-A1A0-EA5D31A39EA4} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2010-10-12] (ASUSTeK Computer Inc.)

Task: {343A66D2-B656-4372-B671-0827802EB372} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-09-08] (IObit)

Task: {5977B48F-4841-4841-A014-37E3725FF600} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)

Task: {64C4E980-2D1A-4038-A0B1-570C36817B4C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO)

Task: {86193A09-879A-4CB9-946A-530DC5CCEF27} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)

Task: {86686411-B99C-4BAD-BB32-E7517730765D} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)

Task: {8A2D1A34-64B5-4B24-80A7-451F2109559C} - System32\Tasks\ASC7_SkipUac_ACSA => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-14] (IObit)

Task: {9168CFD9-D7F7-43E8-BC02-245CB87E400F} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-11-20] (COMODO)

Task: {9A9D5D7E-A12C-4DBD-8721-E44D5017E894} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {9E150ECC-E803-4967-B7D6-CB3ED1C8E667} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A4E43EB6-0E57-47E6-8F9E-32BDCA5370B6} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)

Task: {A528B670-2365-40AC-8500-C232C4CD4FA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {AD3289ED-6233-4FDF-A6BC-C0C7F9E542E9} - System32\Tasks\{579ACB44-8AFF-4AAA-A322-4550C6AD120B} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/pt/abandoninstall?source=lightinstaller&page=tsMain

Task: {BAC5E8CC-4CA2-4CC3-861E-C297AF10D1D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {C119E16F-9D7B-457C-935E-7D4963885974} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.)

Task: {C8B872E9-45E6-4376-9D8E-3FB3AE892C2E} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)

Task: {E0C07C03-9C9F-4EBB-89FD-8572F76E2ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {EC2F3FEC-01B5-4B45-BE50-E669FD892F09} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-09-08] (IObit)

Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-11-26 18:43 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll

2013-12-13 10:47 - 2013-12-13 06:58 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121300\algo.dll

2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-22 08:55 - 2013-12-14 16:37 - 00024064 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll

2013-09-22 08:55 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll

2013-02-09 13:23 - 2013-09-11 19:06 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll

2012-12-11 12:52 - 2012-12-11 12:52 - 01007616 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libxml2.2.6.24.dll

2012-12-11 12:52 - 2012-12-11 12:52 - 00901120 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\iconv-1.9.2.dll

2012-12-11 12:52 - 2012-12-11 12:52 - 00007168 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libcharset.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll

2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

2013-03-13 18:48 - 2013-03-13 18:48 - 24978944 _____ () C:\Users\ACSA\AppData\Roaming\Dropbox\bin\libcef.dll

2013-12-01 07:45 - 2013-12-01 07:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2013-07-26 12:47 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl

2013-07-26 12:47 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl

2013-07-26 12:47 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl

2013-07-26 12:47 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll

2013-12-04 13:01 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll

2013-02-09 13:20 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll

2013-02-09 13:20 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll

2013-09-22 08:56 - 2010-11-16 11:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll

2013-09-22 08:56 - 2010-07-30 12:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll

2013-09-22 08:56 - 2010-07-15 21:04 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll

2013-09-22 08:56 - 2010-07-15 21:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll

2013-09-22 08:56 - 2010-07-15 21:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll

2013-09-22 08:58 - 2009-05-21 11:14 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll

2013-09-22 08:58 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll

2013-08-15 04:33 - 2013-08-15 04:33 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93ef72cbcec2a4b14fe06bb029d98d3a\IsdiInterop.ni.dll

2012-09-14 22:45 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2013-09-22 08:55 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll

2013-09-22 08:55 - 2010-12-02 18:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll

2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll

2013-09-22 08:55 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll

2013-09-22 08:56 - 2010-10-15 18:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll

2013-09-22 08:55 - 2010-11-19 11:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll

2013-09-22 08:56 - 2010-12-30 23:15 - 01656320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll

2013-09-22 08:57 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll

2013-09-22 08:57 - 2010-12-03 17:12 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll

2013-09-22 08:55 - 2010-09-27 21:51 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll

2013-09-22 08:55 - 2010-09-27 21:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll

2013-09-22 08:55 - 2010-11-19 11:55 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll

2013-09-22 08:55 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll

2013-09-22 08:55 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll

2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll

2013-12-05 11:50 - 2013-12-04 00:47 - 00702416 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll

2013-12-05 11:50 - 2013-12-04 00:47 - 00099792 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll

2013-12-05 11:50 - 2013-12-04 00:48 - 04055504 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll

2013-12-05 11:50 - 2013-12-04 00:48 - 00399312 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

2013-12-05 11:50 - 2013-12-04 00:47 - 01619408 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

2013-12-05 11:50 - 2013-12-04 00:48 - 13586896 _____ () C:\Users\ACSA\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Windows\System32:82A93AA7_Abn.gbp

AlternateDataStreams: C:\Users\ACSA\Cookies:mwzswpu5eJKHwIy6QklIGOYWQtv6

AlternateDataStreams: C:\Users\ACSA\Local Settings:t8G6tbQRuEHRJYDyzvvuGm

AlternateDataStreams: C:\Users\ACSA\AppData\Local:t8G6tbQRuEHRJYDyzvvuGm

AlternateDataStreams: C:\Users\ACSA\AppData\Local\7D3pn4Otqu:MPmoYbYFSazOUSCOwa1Kqnb

AlternateDataStreams: C:\Users\ACSA\AppData\Local\Application Data:t8G6tbQRuEHRJYDyzvvuGm

AlternateDataStreams: C:\Users\ACSA\AppData\Local\Temp:0NEkqv9XiqGAvWUqf7wT

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

 

==================== Faulty Device Manager Devices =============

 

Name: ASUS Bluetooth

Description: ASUS Bluetooth

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Atheros Communications

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (12/14/2013 04:36:54 PM) (Source: volmgr) (User: )

Description: Crash dump initialization failed!

 

Error: (12/14/2013 04:20:35 PM) (Source: volmgr) (User: )

Description: Crash dump initialization failed!

 

Error: (12/14/2013 04:21:23 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 16:19:59 on ‎14/‎12/‎2013 was unexpected.

 

 

Microsoft Office Sessions:

=========================

Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-12-14 17:25:42.260

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 17:15:55.439

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 16:51:41.166

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 16:41:36.765

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 16:36:09.963

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 16:23:07.779

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 16:17:15.375

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 13:35:01.448

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 13:28:09.484

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 13:22:00.309

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 39%

Total physical RAM: 8167.14 MB

Available physical RAM: 4954.02 MB

Total Pagefile: 16332.46 MB

Available Pagefile: 12208.91 MB

Total Virtual: 8192 MB

Available Virtual: 8191.79 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:341.7 GB) (Free:154.45 GB) NTFS

Drive d: () (Fixed) (Total:78.13 GB) (Free:25.82 GB) NTFS

Drive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1641.89 GB) NTFS

Drive f: () (Fixed) (Total:39.06 GB) (Free:17.5 GB) NTFS

Drive g: () (Fixed) (Total:39.06 GB) (Free:30.06 GB) NTFS

Drive h: () (Fixed) (Total:141.83 GB) (Free:31.44 GB) NTFS

Drive k: () (Fixed) (Total:488.28 GB) (Free:441.51 GB) NTFS

Drive l: () (Fixed) (Total:556.64 GB) (Free:164.21 GB) NTFS

Drive n: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: CE5477BD)

Partition 1: (Active) - (Size=78 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=220 GB) - (Type=OF Extended)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 9C491C32)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=342 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=488 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=557 GB) - (Type=07 NTFS)

 

========================================================

Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)

Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}

FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

 

It's not a good idea to have all of these programs on the system.

Having two anti-virus programs running on a system only causes poor performance, conflicts and spotty protection.

http://br.search.yah...&type=800236&p={searchTerms}

CHR DefaultNewTabURL:

 

First make sure you have the latest version of Chrome:

Open up Chrome > Click on the 3 bars in the upper right hand corner

Click on About Google Chrome

If there's an update available it will automatically update

Next:

Go to Tools > Clear Browser Data

Put a check next to all of these:

  • Clear browsing history
  • Clear download history
  • Delete cookies and other site and plug-in data
  • Empty the cache

Click "Clear Browsing Data"

-------------------------------

Next:

Click the Chrome menu on the browser toolbar.

Select Settings.

In the "Search" section, click Manage search engines.

Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default.

Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.

-------------------------------------

Click the Chrome menu .

Select Settings.

In the "On startup" section, select Open a specific page or set of pages.

Click Set pages. (in blue to the right)

Remove any unfamiliar pages.

-----------------------

Click the Chrome menu .

Select Settings.

In the "Appearance" section, if the "Show Home button" checkbox is selected, see if the page listed below is the home page you’d like to use.

If the page isn't the home page you'd like to use, click Change and select your preferred page.

-------------------------

The link better explains resetting Chrome: (it's towards the bottom.....don't download anything from that site)

http://www.techsupportall.com/how-to-remove-dosearch-com-from-internet-explorer-chrome-firefox/

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Carefully check you browsers shortcuts:

Right-click your browser’s shortcut. Choose Properties. Go to Shortcut tab and navigate to Target line. There should be only your browser’s directory in the Targetline: (Delete anything else)

Internet Explorer – C:Program Files Internet Explorer iexplore.exe

Mozilla Firefox –C:Program FilesMozilla Firefoxfirefox.exe

Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Let me know.....MrC

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted

MrCharlie, thank you for your advice about the multiple anti-virus, I wll fix it this
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2013 01
Ran by ACSA at 2013-12-14 19:02:17 Run:1
Running from C:\Users\ACSA\Desktop\FRST
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yah...r=spigot-yhp-ie
URLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://br.search.yah...&type=800236&p={searchTerms}
SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yah...&type=800236&p={searchTerms}
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xml
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
*****************
 
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{78CA4453-2964-48D0-9F7D-E7E79C53B942} => Key deleted successfully.
HKCR\CLSID\{78CA4453-2964-48D0-9F7D-E7E79C53B942} => Key not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml => Moved successfully.
C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xml => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
 
==== End of Fixlog ====
Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01

Ran by ACSA (administrator) on ACSA-PC on 14-12-2013 21:33:48

Running from C:\Users\ACSA\Desktop\FRST

Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe

() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe

() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe

(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

() C:\Program Files\Macrium\Reflect\ReflectService.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe

(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe

(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe

(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Dropbox, Inc.) C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-10-05] (Realtek Semiconductor)

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-10-05] (Realtek Semiconductor)

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)

Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)

HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)

HKCU\...\Run: [FMCore.exe] - C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe [9440256 2012-12-11] (Celartem, Inc., doing business as Extensis.)

HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)

HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKCU\...\Run: [Google Update] - C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)

HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-14] (Google Inc.)

HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1

HKCU\...\Policies\Explorer: [] 

HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)

HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)

HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)

HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a8726356-a695-4a0f-a368-9e52a6bc90b3.exe [180184 2013-11-23] (AVAST Software)

HKLM-x32\...\Run: [tvncontrol] - "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)

Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

BootExecute: autocheck autochk * SmartDefragBootTime.exe

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.com/?type=402027&fr=spigot-yhp-ie

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE89D256EDC92CD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - DefaultScope {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}

SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)

BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} http://marahu.dvrdns.org:3130/webrec.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 187.22.0.61 187.22.0.66

Tcpip\..\Interfaces\{A014895A-EA50-48E7-B92D-4BA595890AA7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Tcpip\..\Interfaces\{C87D9D7B-D12F-42F4-B4C5-1659882566C7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

 

FireFox:

========

FF ProfilePath: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default

FF DefaultSearchEngine: Yahoo!

FF SelectedSearchEngine: Yahoo!




FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: gastecnologia.com.br/sf/abn - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)

FF SearchPlugin: C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\searchplugins\yahoo_ff.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml

FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\ascsurfingprotection@iobit.com

FF Extension: Slick Savings - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\savingsslider@mybrowserbar.com

FF Extension: Start Page - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}

FF Extension: support - C:\Users\ACSA\AppData\Roaming\Mozilla\Firefox\Profiles\v1q90507.default\Extensions\support@real-hide-ip.com.xpi

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi

FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi

 

Chrome: 

=======



CHR DefaultSearchKeyword: yahoo.com search

CHR DefaultSearchProvider: Yahoo


CHR DefaultNewTabURL: 

CHR Extension: (Google Drive) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Google Wallet) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1

CHR Extension: (Gmail) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx

CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.2.crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\ACSA\AppData\Local\Slick Savings\coupons.crx

CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx

 

==================== Services (Whitelisted) =================

 

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)

R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2013-10-05] (DTS)

R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [409144 2013-08-19] (GAS Tecnologia)

R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-01] ()

R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)

R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)

R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )

 

==================== Drivers (Whitelisted) ====================

 

S3 AIDA64Driver; No ImagePath

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()

S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-15] (DT Soft Ltd)

R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()

S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()

R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()

R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-12-14 21:32 - 2013-12-14 21:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\ACSA\Downloads\HijackThis.exe

2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Users\ACSA\AppData\Local\Slick Savings

2013-12-14 20:31 - 2013-12-14 20:31 - 13086648 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\driverbooster-cnet-setup.exe

2013-12-14 19:26 - 2013-12-14 19:26 - 00000000 ____H C:\ProgramData\cm-lock

2013-12-14 19:00 - 2013-12-14 21:33 - 00000000 ____D C:\Users\ACSA\Desktop\FRST

2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST

2013-12-14 12:30 - 2013-12-14 12:31 - 00000000 ____D C:\AdwCleaner

2013-12-14 11:57 - 2013-12-14 11:58 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe

2013-12-14 11:32 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe

2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip

2013-12-14 09:50 - 2013-12-14 19:25 - 00001008 _____ C:\Windows\setupact.log

2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log

2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log

2013-12-14 09:18 - 2013-12-14 09:28 - 00000000 ____D C:\ProgramData\HitmanPro

2013-12-14 09:18 - 2013-12-14 09:19 - 00000000 ____D C:\Program Files\HitmanPro

2013-12-14 09:16 - 2013-12-14 09:17 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe

2013-12-13 11:14 - 2013-12-14 11:35 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe

2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip

2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt

2013-12-12 16:38 - 2013-12-12 16:39 - 00000000 ___SD C:\ComboFix

2013-12-12 16:35 - 2013-12-12 17:55 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz

2013-12-12 16:04 - 2013-12-14 11:58 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2013-12-12 00:18 - 2013-12-12 00:19 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe

2013-12-11 21:40 - 2013-12-14 20:44 - 00396879 _____ C:\Windows\WindowsUpdate.log

2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg

2013-12-10 21:53 - 2013-05-10 03:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2013-12-10 21:53 - 2013-05-10 03:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2013-12-10 21:53 - 2013-05-10 02:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2013-12-10 21:53 - 2013-05-10 02:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2013-12-10 21:52 - 2013-11-26 09:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-12-10 21:52 - 2013-11-26 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-12-10 21:52 - 2013-11-26 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-12-10 21:52 - 2013-11-26 08:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-12-10 21:52 - 2013-11-26 07:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-12-10 21:52 - 2013-11-26 07:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-12-10 21:52 - 2013-11-26 07:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-12-10 21:52 - 2013-11-26 07:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-12-10 21:52 - 2013-11-26 07:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-12-10 21:52 - 2013-11-26 07:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-12-10 21:52 - 2013-11-26 07:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-12-10 21:52 - 2013-11-26 07:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-12-10 21:52 - 2013-11-26 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-12-10 21:52 - 2013-11-26 07:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-12-10 21:52 - 2013-11-26 06:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-12-10 21:52 - 2013-11-26 06:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-12-10 21:52 - 2013-11-26 06:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-12-10 21:52 - 2013-11-26 06:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-12-10 21:52 - 2013-11-26 06:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-12-10 21:52 - 2013-11-26 06:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-12-10 21:52 - 2013-11-26 06:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-12-10 21:52 - 2013-11-26 06:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-12-10 21:52 - 2013-11-26 05:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-12-10 21:52 - 2013-11-26 05:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-12-10 21:52 - 2013-11-26 05:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-12-10 21:52 - 2013-11-26 05:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-12-10 21:52 - 2013-11-26 04:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-12-10 21:52 - 2013-11-26 04:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-12-10 21:52 - 2013-11-26 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-12-10 21:52 - 2013-11-26 04:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-12-10 21:52 - 2013-11-26 04:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-12-10 21:49 - 2013-11-23 16:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-12-10 21:49 - 2013-11-23 15:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-12-10 21:49 - 2013-10-30 00:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2013-12-10 21:49 - 2013-10-30 00:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2013-12-10 21:49 - 2013-10-29 23:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-12-10 21:49 - 2013-10-19 00:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-12-10 21:49 - 2013-10-18 23:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-12-10 21:48 - 2013-11-12 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-12-10 21:48 - 2013-11-12 00:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-12-10 21:48 - 2013-10-12 00:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2013-12-10 21:48 - 2013-10-12 00:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2013-12-10 21:48 - 2013-10-12 00:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2013-12-10 21:48 - 2013-10-12 00:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2013-12-10 21:48 - 2013-10-11 23:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2013-12-10 21:48 - 2013-10-11 23:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2013-12-10 21:48 - 2013-10-11 23:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2013-12-10 21:48 - 2013-10-11 23:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2013-12-10 21:48 - 2013-10-04 00:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2013-12-10 21:48 - 2013-10-03 23:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos

2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt

2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log

2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro

2013-12-10 18:24 - 2013-12-10 18:27 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe

2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi

2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT

2013-12-10 11:55 - 2013-12-10 11:42 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe

2013-12-10 11:45 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe

2013-12-10 11:30 - 2013-12-10 11:31 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe

2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe

2013-12-07 19:12 - 2013-12-08 07:44 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate

2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG

2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations

2013-12-07 19:08 - 2013-12-07 19:09 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip

2013-12-07 09:51 - 2013-06-06 18:41 - 00489392 _____ (Ask Partner Network) C:\Users\ACSA\Documents\APNSetup1.exe

2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP

2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)

2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM

2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt

2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt

2013-12-04 10:10 - 2013-12-04 11:00 - 25095200 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\imf-setup.exe

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-12-04 08:10 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH

2013-12-04 08:04 - 2013-12-04 08:28 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live

2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe

2013-12-03 00:03 - 2013-10-30 15:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-12-03 00:03 - 2013-10-30 15:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software

2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar

2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK

2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs

2013-12-01 08:21 - 2013-12-10 09:11 - 00000000 ____D C:\Users\Public\Documents\Lightworks

2013-12-01 08:21 - 2013-12-01 08:30 - 00000000 ____D C:\Program Files (x86)\Lightworks

2013-12-01 08:14 - 2013-12-01 08:16 - 154323168 _____ (Online Media Technologies Ltd.                              ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe

2013-11-29 23:26 - 2013-12-01 07:35 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu

2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip

2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit

2013-11-29 20:38 - 2013-12-02 15:42 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis5

2013-11-29 20:30 - 2013-12-02 10:57 - 00000000 ____D C:\ProgramData\Abvent

2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent

2013-11-29 20:08 - 2013-11-29 20:37 - 00000000 ____D C:\Program Files\Artlantis Studio 5

2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-11-23 20:34 - 2013-11-23 20:36 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64

2013-11-23 18:23 - 2013-11-23 19:18 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar

2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip

2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip

2013-11-21 10:40 - 2013-11-21 10:41 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat

2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe

2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia

2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia                                              ) C:\Users\ACSA\Downloads\gbplugin2.exe

2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip

2013-11-20 13:23 - 2013-11-11 13:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-11-20 13:23 - 2013-11-11 13:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-11-20 13:23 - 2013-11-11 13:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin

2013-11-20 13:23 - 2013-11-11 13:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-11-20 13:23 - 2013-11-11 13:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-11-20 13:23 - 2013-11-11 13:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-11-20 13:21 - 2013-11-14 09:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2013-11-20 13:21 - 2013-11-14 09:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb

2013-11-19 13:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey.htm

2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey_files

2013-11-18 13:08 - 2013-11-18 13:09 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe

2013-11-16 11:44 - 2013-11-16 11:45 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip

2013-11-16 10:57 - 2013-11-16 10:58 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp4

2013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar

2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim

2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI

2013-11-15 08:02 - 2013-11-15 08:03 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls

2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls

2013-11-14 08:52 - 2013-11-14 08:53 - 28436064 _____ (ofcdesk, llc                                                ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe
Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
==================== One Month Modified Files and Folders =======

 

2013-12-14 21:33 - 2013-12-14 21:32 - 00388608 _____ (Trend Micro Inc.) C:\Users\ACSA\Downloads\HijackThis.exe

2013-12-14 21:33 - 2013-12-14 19:00 - 00000000 ____D C:\Users\ACSA\Desktop\FRST

2013-12-14 20:49 - 2012-09-14 23:41 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-14 20:48 - 2012-09-15 01:02 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job

2013-12-14 20:44 - 2013-12-11 21:40 - 00396879 _____ C:\Windows\WindowsUpdate.log

2013-12-14 20:32 - 2013-12-14 20:32 - 00000000 ____D C:\Users\ACSA\AppData\Local\Slick Savings

2013-12-14 20:32 - 2012-11-14 09:53 - 00000000 ____D C:\ProgramData\IObit

2013-12-14 20:31 - 2013-12-14 20:31 - 13086648 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\driverbooster-cnet-setup.exe

2013-12-14 20:29 - 2012-11-14 09:53 - 00000000 ____D C:\Program Files (x86)\IObit

2013-12-14 20:27 - 2013-10-09 17:36 - 00000000 ____D C:\Program Files (x86)\Comodo

2013-12-14 20:19 - 2012-09-16 09:16 - 00000000 ____D C:\Program Files (x86)\Steam

2013-12-14 20:18 - 2013-10-05 10:03 - 00000282 _____ C:\Windows\Tasks\Driver Booster Update.job

2013-12-14 19:35 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-12-14 19:35 - 2009-07-14 02:45 - 00020528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-12-14 19:32 - 2009-07-14 03:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-14 19:29 - 2013-01-09 07:37 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Dropbox

2013-12-14 19:27 - 2013-10-09 17:36 - 00000000 ____D C:\ProgramData\COMODO

2013-12-14 19:27 - 2012-09-17 16:23 - 00000010 _____ C:\Users\ACSA\AppData\Local\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30

2013-12-14 19:27 - 2012-09-17 16:23 - 00000010 _____ C:\ProgramData\.F464B91F-G49F-3G3D-CFCD-9G7D2C141C96

2013-12-14 19:27 - 2012-09-14 23:03 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini

2013-12-14 19:26 - 2013-12-14 19:26 - 00000000 ____H C:\ProgramData\cm-lock

2013-12-14 19:26 - 2012-09-14 23:41 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-14 19:25 - 2013-12-14 09:50 - 00001008 _____ C:\Windows\setupact.log

2013-12-14 19:25 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-14 19:24 - 2013-06-10 16:08 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys

2013-12-14 19:24 - 2013-06-10 16:08 - 00010266 _____ C:\Windows\SysWOW64\Drivers\ndisrd.cat

2013-12-14 19:24 - 2013-06-10 16:08 - 00001402 _____ C:\Windows\SysWOW64\Drivers\gas.cer

2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST

2013-12-14 17:50 - 2013-12-14 11:32 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe

2013-12-14 14:52 - 2012-09-14 23:40 - 00000000 ____D C:\Program Files (x86)\Google

2013-12-14 13:36 - 2013-08-02 14:37 - 03891200 ___SH C:\Users\ACSA\Downloads\Thumbs.db

2013-12-14 12:31 - 2013-12-14 12:30 - 00000000 ____D C:\AdwCleaner

2013-12-14 11:58 - 2013-12-14 11:57 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe

2013-12-14 11:58 - 2013-12-12 16:04 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt

2013-12-14 11:35 - 2013-12-13 11:14 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe

2013-12-14 10:24 - 2012-10-16 09:48 - 00019968 ___SH C:\Users\ACSA\Thumbs.db

2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip

2013-12-14 09:50 - 2013-12-14 09:50 - 00000534 _____ C:\Windows\PFRO.log

2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log

2013-12-14 09:47 - 2013-03-10 10:53 - 00000000 ____D C:\ProgramData\GAS Tecnologia

2013-12-14 09:44 - 2012-09-15 07:03 - 00000000 ____D C:\Users\ACSA\AppData\Local\CrashDumps

2013-12-14 09:28 - 2013-12-14 09:18 - 00000000 ____D C:\ProgramData\HitmanPro

2013-12-14 09:19 - 2013-12-14 09:18 - 00000000 ____D C:\Program Files\HitmanPro

2013-12-14 09:17 - 2013-12-14 09:16 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe

2013-12-14 09:15 - 2012-09-15 01:02 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job

2013-12-13 21:58 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe

2013-12-13 15:52 - 2012-09-15 02:23 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

2013-12-13 15:47 - 2012-09-15 01:02 - 00000000 ____D C:\Program Files (x86)\Origin

2013-12-13 14:58 - 2012-09-15 00:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-12-13 11:30 - 2013-07-26 16:02 - 00000000 ____D C:\Users\ACSA\AppData\Local\Deployment

2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip

2013-12-13 10:47 - 2013-01-12 07:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-12-13 10:30 - 2012-09-15 18:56 - 00000000 ____D C:\ProgramData\GbPlugin

2013-12-13 10:22 - 2013-12-10 11:45 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe

2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt

2013-12-12 17:55 - 2013-12-12 16:35 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz

2013-12-12 16:39 - 2013-12-12 16:38 - 00000000 ___SD C:\ComboFix

2013-12-12 12:56 - 2013-10-02 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Battlefield 4

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2013-12-12 00:19 - 2013-12-12 00:18 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe

2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg

2013-12-11 19:33 - 2013-06-25 10:23 - 00000000 ____D C:\Users\ACSA\Documents\BIMx

2013-12-11 19:33 - 2012-09-15 21:55 - 00000000 ____D C:\Users\ACSA\Graphisoft

2013-12-11 19:33 - 2012-09-15 21:08 - 00000000 ____D C:\Users\ACSA\Documents\Corel

2013-12-11 19:03 - 2013-09-22 09:09 - 00000000 _____ C:\Windows\Path.idx

2013-12-11 19:02 - 2013-09-22 09:09 - 00867360 _____ C:\Windows\PE_Rom.dll

2013-12-10 22:41 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache

2013-12-10 22:15 - 2009-07-14 02:45 - 05162600 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-10 21:52 - 2013-07-30 10:19 - 00000000 ____D C:\Windows\system32\MRT

2013-12-10 21:49 - 2012-09-14 23:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-12-10 18:56 - 2013-11-05 11:36 - 00000000 ____D C:\Qoobox(1)

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos

2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt

2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log

2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro

2013-12-10 18:27 - 2013-12-10 18:24 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe

2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi

2013-12-10 17:00 - 2013-06-17 16:27 - 00000497 _____ C:\Users\ACSA\Downloads\QUEM INCOMODA.txt

2013-12-10 12:55 - 2013-05-18 16:54 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Skype

2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT

2013-12-10 11:42 - 2013-12-10 11:55 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe

2013-12-10 11:31 - 2013-12-10 11:30 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe

2013-12-10 09:11 - 2013-12-01 08:21 - 00000000 ____D C:\Users\Public\Documents\Lightworks

2013-12-10 09:09 - 2012-12-03 14:05 - 00000029 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak

2013-12-10 09:09 - 2009-07-14 00:34 - 00480308 _____ C:\Windows\system32\Drivers\etc\hosts_PTBackup.bak

2013-12-10 08:39 - 2013-04-10 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe

2013-12-09 07:34 - 2013-09-04 09:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2013-12-08 07:44 - 2013-12-07 19:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate

2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG

2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations

2013-12-07 19:09 - 2013-12-07 19:08 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip

2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP

2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)

2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM

2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt

2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt

2013-12-05 08:39 - 2012-09-18 10:11 - 00001456 _____ C:\Users\ACSA\AppData\Local\Adobe Save for Web 13.0 Prefs

2013-12-04 11:00 - 2013-12-04 10:10 - 25095200 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\imf-setup.exe

2013-12-04 08:28 - 2013-12-04 08:04 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-12-04 08:11 - 2013-12-04 08:10 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH

2013-12-04 08:10 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe

2013-12-03 08:44 - 2012-09-14 23:41 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-03 08:44 - 2012-09-14 23:41 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-12-03 00:09 - 2013-11-13 12:59 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA Corporation

2013-12-03 00:09 - 2013-10-02 21:13 - 00000000 ____D C:\Users\ACSA\AppData\Local\NVIDIA

2013-12-03 00:04 - 2013-10-04 09:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-12-03 00:04 - 2012-09-14 23:09 - 00000000 ____D C:\ProgramData\NVIDIA

2013-12-03 00:03 - 2012-12-18 13:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-12-03 00:03 - 2012-09-14 23:06 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-12-02 15:42 - 2013-11-29 20:38 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis5

2013-12-02 10:57 - 2013-11-29 20:30 - 00000000 ____D C:\ProgramData\Abvent

2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software

2013-12-01 13:41 - 2012-09-15 22:54 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar

2013-12-01 10:07 - 2012-09-14 23:18 - 00766336 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK

2013-12-01 08:30 - 2013-12-01 08:21 - 00000000 ____D C:\Program Files (x86)\Lightworks

2013-12-01 08:30 - 2012-09-14 22:34 - 00000000 ____D C:\Users\ACSA

2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs

2013-12-01 08:16 - 2013-12-01 08:14 - 154323168 _____ (Online Media Technologies Ltd.                              ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe

2013-12-01 07:45 - 2013-07-10 17:03 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys

2013-12-01 07:45 - 2013-07-10 17:03 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2013-12-01 07:45 - 2013-01-12 07:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2013-12-01 07:45 - 2013-01-12 07:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2013-12-01 07:45 - 2013-01-12 07:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys

2013-12-01 07:43 - 2012-09-15 01:02 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA

2013-12-01 07:43 - 2012-09-15 01:02 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core

2013-12-01 07:35 - 2013-11-29 23:26 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu

2013-12-01 07:30 - 2013-01-12 07:44 - 00000000 ____D C:\ProgramData\AVAST Software

2013-12-01 07:29 - 2013-01-12 07:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-11-30 06:46 - 2013-08-20 11:29 - 00000000 ____D C:\Users\ACSA\Downloads\20 Historic Black and White Photos Colorized

2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip

2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit

2013-11-29 20:37 - 2013-11-29 20:08 - 00000000 ____D C:\Program Files\Artlantis Studio 5

2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent

2013-11-29 14:56 - 2013-10-28 18:17 - 01096480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2013-11-29 14:56 - 2013-10-28 18:17 - 00979744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2013-11-29 09:16 - 2012-09-15 00:22 - 00000000 ____D C:\Users\ACSA\AppData\Local\Adobe

2013-11-26 18:55 - 2012-09-15 03:22 - 00000000 ____D C:\Windows\Panther

2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-11-26 18:43 - 2012-11-14 09:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\IObit

2013-11-26 09:54 - 2013-12-10 21:52 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-11-26 08:19 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-11-26 08:18 - 2013-12-10 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-11-26 08:11 - 2013-12-10 21:52 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-11-26 07:48 - 2013-12-10 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-11-26 07:46 - 2013-12-10 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-11-26 07:41 - 2013-12-10 21:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-11-26 07:29 - 2013-12-10 21:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-11-26 07:27 - 2013-12-10 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-11-26 07:23 - 2013-12-10 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-11-26 07:21 - 2013-12-10 21:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-11-26 07:18 - 2013-12-10 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-11-26 07:18 - 2013-12-10 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-11-26 07:16 - 2013-12-10 21:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-11-26 06:57 - 2013-12-10 21:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-11-26 06:38 - 2013-12-10 21:52 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-11-26 06:38 - 2013-12-10 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-11-26 06:35 - 2013-12-10 21:52 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-11-26 06:32 - 2013-12-10 21:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-11-26 06:28 - 2013-12-10 21:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-11-26 06:16 - 2013-12-10 21:52 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-11-26 06:02 - 2013-12-10 21:52 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-11-26 05:48 - 2013-12-10 21:52 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-11-26 05:32 - 2013-12-10 21:52 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-11-26 05:26 - 2013-12-10 21:52 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-11-26 05:07 - 2013-12-10 21:52 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-11-26 04:40 - 2013-12-10 21:52 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-11-26 04:34 - 2013-12-10 21:52 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-11-26 04:34 - 2013-12-10 21:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-11-26 04:33 - 2013-12-10 21:52 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-11-26 04:27 - 2013-12-10 21:52 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-11-23 20:36 - 2013-11-23 20:34 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64

2013-11-23 19:18 - 2013-11-23 18:23 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar

2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip

2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip

2013-11-23 16:26 - 2013-12-10 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-11-23 15:47 - 2013-12-10 21:49 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-11-21 10:41 - 2013-11-21 10:40 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat

2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe

2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia

2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia                                              ) C:\Users\ACSA\Downloads\gbplugin2.exe

2013-11-21 08:51 - 2013-10-28 15:51 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\NVIDIA

2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip

2013-11-19 15:20 - 2012-09-14 22:34 - 00001417 _____ C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-19 15:15 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-19 13:11 - 2012-09-14 23:18 - 00001945 _____ C:\Windows\epplauncher.mif

2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files\Microsoft Security Client

2013-11-19 13:11 - 2012-09-14 23:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2013-11-19 08:21 - 2010-11-21 01:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey.htm

2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey_files

2013-11-18 13:09 - 2013-11-18 13:08 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe

2013-11-16 11:45 - 2013-11-16 11:44 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip

2013-11-16 10:58 - 2013-11-16 10:57 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp4

2013-11-16 10:41 - 2013-11-16 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar

2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim

2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI

2013-11-15 08:03 - 2013-11-15 08:02 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls

2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls

2013-11-14 09:55 - 2013-11-20 13:21 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-11-14 09:55 - 2013-11-20 13:21 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2013-11-14 09:55 - 2013-11-20 13:21 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2013-11-14 09:55 - 2013-11-20 13:21 - 00023754 _____ C:\Windows\system32\nvinfo.pb

2013-11-14 09:38 - 2013-09-24 12:53 - 00043216 _____ (COMODO) C:\Windows\system32\cmdcsr.dll

2013-11-14 08:53 - 2013-11-14 08:52 - 28436064 _____ (ofcdesk, llc                                                ) C:\Users\ACSA\Downloads\ofcdesk_mep_GrupoRIC_2014forAutoCAD_6.0.0.5.exe

 

Some content of TEMP:

====================

C:\Users\ACSA\AppData\Local\Temp\ntdll_dump.dll

C:\Users\ACSA\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-12-10 13:48

 

==================== End Of Log ============================

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01

Ran by ACSA at 2013-12-14 21:34:10

Running from C:\Users\ACSA\Desktop\FRST

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

 

==================== Installed Programs ======================

 

Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.1)

Adobe AIR (x32 Version: 3.1.0.4880)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)

Adobe Help Manager (x32 Version: 4.0.244)

Adobe Illustrator CS6 (x32 Version: 16.0)

Adobe InDesign CS6 (x32 Version: 8.0)

Adobe Photoshop CC (x32 Version: 14.0)

Adobe Photoshop CS5.1 (x32 Version: 12.1)

Advanced SystemCare 7 (x32 Version: 7.0.6)

AI Suite II (x32 Version: 1.01.14)

Akamai NetSession Interface (HKCU)

AmpliTube 3 version 3.9.0 (Version: 3.9.0)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

ArchiCAD 16 INT (Version: 16.0)

ArchiCAD 17 (x32)

ArchiCAD 17 INT (Version: 17.0)

ArchiCAD 17 USA (Version: 17.0)

Artlantis Studio 5.0.2.3 (64 bit) (Version: 5.0.2.3)

ASIO4ALL (x32 Version: 2.11 Beta1)

ASUS PC Diagnostics (x32 Version: 1.1.2)

AutoCAD 2014 Language Pack - English (Version: 19.1.18.0)

AutoCAD Architecture 2012 - English (Version: 6.7.49.0)

AutoCAD Architecture 2012 Language Pack - English (Version: 18.2.51.0)

Autodesk 360 (Version: 4.0.27.1)

Autodesk App Manager (x32 Version: 1.1.0)

Autodesk AutoCAD 2014 - English (Version: 19.1.18.0)

Autodesk Content Service (x32 Version: 3.1.3.0)

Autodesk Content Service Language Pack (x32 Version: 3.1.3.0)

Autodesk Featured Apps (x32 Version: 1.1.0)

Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)

Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)

Autodesk Material Library 2012 (x32 Version: 2.5.0.8)

Autodesk Material Library 2014 (x32 Version: 4.0.19.0)

Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8)

Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0)

Autodesk ReCap (Version: 1.0.43.13)

Autodesk ReCap Language Pack-English (Version: 1.0.43.13)

avast! Free Antivirus (x32 Version: 9.0.2008)

AVS Video ReMaker 4.1.3.149 (x32 Version: 4.1.3.149)

Battlefield 4™ (x32 Version: 1.0.0.1)

Battlelog Web Plugins (x32 Version: 2.3.2)

Bluetooth Win7 Suite (64) (Version: 7.2.0.40)

Bonjour (Version: 3.0.0.10)

CameraHelperMsi (x32 Version: 13.51.815.0)

CCleaner (Version: 4.01)

CodeMeter Runtime Kit v5.00a (Version: 5.00.1062.501)

Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)

Corel Graphics - Windows Shell Extension (Version: 16.0.707)

Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707)

CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)

CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0)

CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.0.0.707)

CorelDRAW Graphics Suite X6 (x64) (Version: 16.0)

CrystalDiskInfo 5.0.5 (x32 Version: 5.0.5)

D3DX10 (x32 Version: 15.4.2368.0902)

DAEMON Tools Lite (x32 Version: 4.45.4.0316)

Driver Booster (x32 Version: 1.0)

Dropbox (HKCU Version: 2.0.22)

Easy CD-DA Extractor 16 (x32 Version: 16.0.8)

EPSON Printer Software

erLT (x32 Version: 1.20.138.34)

ESN Sonar (x32 Version: 0.70.4)

Extensis Suitcase Fusion 4 (x32 Version: 15.0.5)

EZ Vinyl/Tape Converter by Ion Audio 11.5.0 (x32 Version: 11.5.0)

EZXDfh (x32 Version: 1.0)

EZXMetalMachine (x32 Version: 1.0.0)

FARO LS 1.1.406.58 (x32 Version: 4.6.58.2)

FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630)

FL Studio 11 (x32)

FlowStone FL 3.0 (x32)

Galeria de Fotos (x32 Version: 16.4.3508.0205)

GeForce Experience NvStream Client Components (Version: 1.6.28)

Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64)

Google Chrome (HKCU Version: 31.0.1650.63)

Google Earth (x32 Version: 7.1.2.2041)

Google Talk Plugin (x32 Version: 4.9.1.16010)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0)

Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320)

Google Update Helper (x32 Version: 1.3.22.3)

HD Tune 2.55 (x32)

HiJackThis (x32 Version: 1.0.0)

HitmanPro 3.7 (Version: 3.7.8.208)

IL Download Manager (x32)

IL Shared Libraries (x32)

Intel® Management Engine Components (x32 Version: 7.0.0.1144)

Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)

Intel® Rapid Storage Technology (x32 Version: 10.1.0.1008)

Intel® Watchdog Timer Driver (Intel® WDT) (x32)

Intelbras (x32)

IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (x32 Version: 1.0)

iTunes (Version: 11.0.4.4)

Java 7 Update 45 (x32 Version: 7.0.450)

Java Auto Updater (x32 Version: 2.1.9.8)

Java 6 Update 32 (x32 Version: 6.0.320)

Java 7 Update 5 (64-bit) (Version: 7.0.50)

JDiskReport 1.4.0 (x32 Version: 1.4.0 (2012-01-20 11:38:43))

JMicron JMB36X Driver (x32 Version: 1.17.58.2)

jv16 PowerTools 2012 (x32 Version: )

Kaspersky Security Scan (x32 Version: 12.0.1.340)

KORG AudioGate (x32 Version: 2.3.3)

LibreOffice 3.6 (x32 Version: 3.6.1.2)

Lightworks (x32 Version: 11.1.1.0)

Logitech Gaming Software 5.10 (Version: 5.10.127)

Logitech SetPoint 6.32 (Version: 6.32.20)

Logitech Webcam Software (x32 Version: 2.51)

LWS Facebook (x32 Version: 13.50.854.0)

LWS Gallery (x32 Version: 13.51.827.0)

LWS Help_main (x32 Version: 13.51.828.0)

LWS Launcher (x32 Version: 13.51.828.0)

LWS Pictures And Video (x32 Version: 13.51.815.0)

LWS Twitter (x32 Version: 13.30.1346.0)

LWS Webcam Software (x32 Version: 13.51.815.0)

LWS WLM Plugin (x32 Version: 1.30.1201.0)

LWS YouTube Plugin (x32 Version: 13.31.1038.0)

Macrium Reflect Free Edition (Version: 5.0.5154)

Malwarebytes Anti-Malware versão 1.75.0.1300 (x32 Version: 1.75.0.1300)

marvell 91xx driver (x32 Version: 1.0.0.1051)

Media Player Codec Pack 4.2.9 (x32 Version: 4.2.9)

Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4.5 (Version: 4.5.50709)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Security Client (Version: 4.4.0304.0)

Microsoft Security Essentials (Version: 4.4.304.0)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)

Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)

Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729)

Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729)

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)

MiniTool Partition Wizard Home Edition 7.6.1 (x32)

Módulo de Proteção Banco Santander 3.4.3.1 (x32 Version: Módulo de Proteção Banco Santander (Brasil) S.A.)

Movie Maker (x32 Version: 16.4.3508.0205)

Mozilla Firefox 25.0.1 (x86 pt-BR) (x32 Version: 25.0.1)

Mozilla Maintenance Service (x32 Version: 24.0.1)

Mozilla Thunderbird 24.0.1 (x86 pt-BR) (x32 Version: 24.0.1)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT110 (x32 Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1109.0912)

Native Instruments Controller Editor (Version: 1.3.5.667)

Native Instruments Controller Editor (x32)

Native Instruments Guitar Rig 5 (Version: 5.0.2.2476)

Native Instruments Guitar Rig 5 (x32)

Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)

Native Instruments Guitar Rig Mobile I/O (x32)

Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)

Native Instruments Guitar Rig Session I/O (x32)

Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)

Native Instruments Rig Kontrol 3 (x32)

Native Instruments Service Center (Version: 2.3.0.853)

Native Instruments Service Center (x32)

Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)

Nero Blu-ray Player (x32 Version: 12.0.17700)

Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000)

Nero Core Components (x32 Version: 11.0.18100)

Nero Kwik Media (x32 Version: 1.18.18900)

Nero Kwik Media (x32 Version: 12.0.01300)

Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000)

Nero Kwik Themes Basic (x32 Version: 12.0.11500)

Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)

Nero Update (x32 Version: 11.0.11800.31.0)

n-Track Studio 7 (x32)

NVIDIA Control Panel 331.82 (Version: 331.82)

NVIDIA GeForce Experience 1.8 (Version: 1.8)

NVIDIA Graphics Driver 331.82 (Version: 331.82)

NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.142.992)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA Network Service (Version: 1.0)

NVIDIA PhysX (x32 Version: 9.13.0725)

NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5)

NVIDIA Update 10.10.5 (Version: 10.10.5)

NVIDIA Update Core (Version: 10.10.5)

NVIDIA Virtual Audio 1.2.12 (Version: 1.2.12)

ofcdesk Tigre 2014 for AutoCAD (Version: 6.0.0.2)

Origin (x32 Version: 9.0.11.77)

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (Version: 4.0.30319)

Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (Version: 4.0.30319)

PDF Settings CC (x32 Version: 12.0)

PDF Settings CS5 (x32 Version: 10.0)

PDF Settings CS6 (x32 Version: 11.0)

PerformanceTest v8.0 (Version: 8.0.1024.0)

Photo Common (x32 Version: 16.4.3508.0205)

Photo Gallery (x32 Version: 16.4.3508.0205)

Prerequisite installer (x32 Version: 12.0.0002)

PunkBuster Services (x32 Version: 0.993)

QuickTime (x32 Version: 7.74.80.86)

Rapture 1.2.2 (x32 Version: 18.0)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6914)

Receitanet (x32 Version: 1.03)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)

RidNacs 2.0.3 (x32)

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)

SHIELD Streaming (Version: 1.6.75)

SketchUp Import for AutoCAD 2014 (x32 Version: 1.1.0)

Skype Click to Call (x32 Version: 6.13.13771)

Skype™ 6.3 (x32 Version: 6.3.107)

Smart Defrag 2 (x32 Version: 2.9)

SolveigMM AVI Trimmer (x32 Version: 2.1.1307.29)

Sophos Virus Removal Tool (x32 Version: 2.4)

SpyHunter (Version: 4.16.5.4290)

Steam (x32 Version: 1.0.0.0)

StuffIt Expander 2011 (Version: 15.0.7.2518)

Suporte para Aplicativos Apple (x32 Version: 2.3.4)

Surfing Protection (x32 Version: 1.0)

UltraISO Premium V9.33 (x32)

Unigine Valley Benchmark version 1.0 (x32 Version: 1.0)

Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)

Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)

Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)

Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)

WD Drive Utilities (x32 Version: 1.0.3.3)

WD Security (x32 Version: 1.0.3.3)

WD SmartWare (Version: 1.6.4.7)

WibuKey Setup (WibuKey Remove) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup))

Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205)

Windows Live Essentials (x32 Version: 16.4.3508.0205)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (x32 Version: 16.4.3508.0205)

Windows Live Photo Common (x32 Version: 16.4.3508.0205)

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)

Windows Live SOXE (x32 Version: 16.4.3508.0205)

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)

Windows Live UX Platform (x32 Version: 16.4.3508.0205)

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)

WinRAR 4.20 (64-bit) (Version: 4.20.0)

World of Tanks (x32)

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
==================== Restore Points  =========================

 

10-12-2013 20:28:16 Installed HiJackThis

10-12-2013 20:39:21 Installed Sophos Virus Removal Tool.

10-12-2013 23:49:19 Windows Update

12-12-2013 18:28:35 Windows Update

14-12-2013 22:25:38 Removed GeekBuddy.

14-12-2013 22:34:05 Removed IObit Apps Toolbar v8.4.

 

==================== Hosts content: ==========================

 

2009-07-14 00:34 - 2013-12-10 09:09 - 00480370 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

127.0.0.1  www.winaproduct.com

127.0.0.1  www.winadiscount.com #[Dr.Web.Adware.Xbarre]

127.0.0.1  www.stickylogic.com

127.0.0.1  rt.udmserve.net

127.0.0.1  adunit.namiflow.com

127.0.0.1  ads.namiflow.com

127.0.0.1  c7.zxxds.net

127.0.0.1  c1.zxxds.net #[g1.panthercdn.com]

127.0.0.1  www.zedo.com #[Adware.RaxSearch]

127.0.0.1  yads.zedo.com

127.0.0.1  xads.zedo.com

127.0.0.1  ss7.zedo.com

127.0.0.1  ss2.zedo.com

127.0.0.1  ss1.zedo.com

127.0.0.1  simg.zedo.com

127.0.0.1  r1.zedo.com

127.0.0.1  l8.zedo.com

127.0.0.1  l6.zedo.com #[a515.g.akamai.net]

127.0.0.1  l5.zedo.com

127.0.0.1  l4.zedo.com

127.0.0.1  l3.zedo.com

127.0.0.1  l2.zedo.com

127.0.0.1  l1.zedo.com #[a1101.g.akamai.net]

127.0.0.1  h.zedo.com

127.0.0.1  gw.zedo.com

127.0.0.1  g.zedo.com #[zedo.live365.com]

127.0.0.1  freeze.zedo.com

127.0.0.1  d8.zedo.com

 

There are 1000 more lines.

 

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {135B7439-0B24-477A-B7C9-B9FF3648E6E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-01] (AVAST Software)

Task: {13933E39-CAE9-42DF-A1A0-EA5D31A39EA4} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2010-10-12] (ASUSTeK Computer Inc.)

Task: {343A66D2-B656-4372-B671-0827802EB372} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-04] (IObit)

Task: {5977B48F-4841-4841-A014-37E3725FF600} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)

Task: {86193A09-879A-4CB9-946A-530DC5CCEF27} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)

Task: {86686411-B99C-4BAD-BB32-E7517730765D} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)

Task: {8A2D1A34-64B5-4B24-80A7-451F2109559C} - System32\Tasks\ASC7_SkipUac_ACSA => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-14] (IObit)

Task: {9A9D5D7E-A12C-4DBD-8721-E44D5017E894} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {9E150ECC-E803-4967-B7D6-CB3ED1C8E667} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A4E43EB6-0E57-47E6-8F9E-32BDCA5370B6} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)

Task: {A528B670-2365-40AC-8500-C232C4CD4FA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {AD3289ED-6233-4FDF-A6BC-C0C7F9E542E9} - System32\Tasks\{579ACB44-8AFF-4AAA-A322-4550C6AD120B} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/pt/abandoninstall?source=lightinstaller&page=tsMain

Task: {BAC5E8CC-4CA2-4CC3-861E-C297AF10D1D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {C119E16F-9D7B-457C-935E-7D4963885974} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.)

Task: {C8B872E9-45E6-4376-9D8E-3FB3AE892C2E} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)

Task: {E0C07C03-9C9F-4EBB-89FD-8572F76E2ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)

Task: {EC2F3FEC-01B5-4B45-BE50-E669FD892F09} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-11-08] (IObit)

Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000Core.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2759933643-2614577016-1710804323-1000UA.job => C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-11-26 18:43 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll

2013-12-14 19:26 - 2013-12-14 10:26 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121400\algo.dll

2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-22 08:55 - 2013-12-14 19:25 - 00024064 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll

2013-09-22 08:55 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll

2013-02-09 13:23 - 2013-09-11 19:06 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll

2012-12-11 12:52 - 2012-12-11 12:52 - 01007616 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libxml2.2.6.24.dll

2012-12-11 12:52 - 2012-12-11 12:52 - 00901120 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\iconv-1.9.2.dll

2012-12-11 12:52 - 2012-12-11 12:52 - 00007168 _____ () C:\Program Files (x86)\Extensis\Suitcase Fusion 4\libcharset.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll

2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll

2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

2013-12-01 07:45 - 2013-12-01 07:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2013-03-13 18:48 - 2013-03-13 18:48 - 24978944 _____ () C:\Users\ACSA\AppData\Roaming\Dropbox\bin\libcef.dll

2013-09-22 08:56 - 2010-11-16 11:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll

2013-09-22 08:56 - 2010-07-30 12:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll

2013-09-22 08:56 - 2010-07-15 21:04 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll

2013-09-22 08:56 - 2010-07-15 21:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll

2013-09-22 08:56 - 2010-07-15 21:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll

2013-09-22 08:58 - 2009-05-21 11:14 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll

2013-09-22 08:58 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll

2013-08-15 04:33 - 2013-08-15 04:33 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93ef72cbcec2a4b14fe06bb029d98d3a\IsdiInterop.ni.dll

2012-09-14 22:45 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2013-09-22 08:55 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll

2013-09-22 08:55 - 2010-12-02 18:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll

2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll

2013-09-22 08:55 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll

2013-09-22 08:56 - 2010-10-15 18:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll

2013-09-22 08:55 - 2010-11-19 11:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll

2013-09-22 08:56 - 2010-12-30 23:15 - 01656320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll

2013-09-22 08:57 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll

2013-09-22 08:57 - 2010-12-03 17:12 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll

2013-09-22 08:55 - 2010-09-27 21:51 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll

2013-09-22 08:55 - 2010-09-27 21:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll

2013-09-22 08:55 - 2010-11-19 11:55 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll

2013-09-22 08:55 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll

2013-09-22 08:55 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll

2013-09-22 08:55 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll

2013-10-05 10:03 - 2013-08-02 17:07 - 00348992 _____ () C:\Program Files (x86)\IObit\Driver Booster\madExcept_.bpl

2013-10-05 10:03 - 2013-08-02 17:07 - 00183616 _____ () C:\Program Files (x86)\IObit\Driver Booster\madBasic_.bpl

2013-10-05 10:03 - 2013-08-02 17:07 - 00051008 _____ () C:\Program Files (x86)\IObit\Driver Booster\madDisAsm_.bpl

2013-10-05 10:03 - 2012-02-16 10:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Driver Booster\sqlite3.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Windows\System32:82A93AA7_Abn.gbp

AlternateDataStreams: C:\Users\ACSA\Cookies:mwzswpu5eJKHwIy6QklIGOYWQtv6

AlternateDataStreams: C:\Users\ACSA\Local Settings:t8G6tbQRuEHRJYDyzvvuGm

AlternateDataStreams: C:\Users\ACSA\AppData\Local:t8G6tbQRuEHRJYDyzvvuGm

AlternateDataStreams: C:\Users\ACSA\AppData\Local\7D3pn4Otqu:MPmoYbYFSazOUSCOwa1Kqnb

AlternateDataStreams: C:\Users\ACSA\AppData\Local\Application Data:t8G6tbQRuEHRJYDyzvvuGm

AlternateDataStreams: C:\Users\ACSA\AppData\Local\Temp:0NEkqv9XiqGAvWUqf7wT

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

 

==================== Faulty Device Manager Devices =============

 

Name: ASUS Bluetooth

Description: ASUS Bluetooth

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Atheros Communications

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/14/2013 07:26:14 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (12/14/2013 07:27:51 PM) (Source: DCOM) (User: )

Description: {C288AC5A-D846-4696-8028-2DF6F508D0D9}

 

Error: (12/14/2013 07:24:17 PM) (Source: volmgr) (User: )

Description: Crash dump initialization failed!

 

Error: (12/14/2013 04:36:54 PM) (Source: volmgr) (User: )

Description: Crash dump initialization failed!

 

Error: (12/14/2013 04:20:35 PM) (Source: volmgr) (User: )

Description: Crash dump initialization failed!

 

Error: (12/14/2013 04:21:23 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 16:19:59 on ‎14/‎12/‎2013 was unexpected.

 

 

Microsoft Office Sessions:

=========================

Error: (12/14/2013 07:26:14 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/14/2013 04:38:56 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/14/2013 04:22:53 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-12-14 21:20:48.098

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 21:01:06.075

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 20:21:47.474

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 19:26:50.372

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 19:09:34.324

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 19:01:17.483

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 18:19:19.387

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 17:25:42.260

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 17:15:55.439

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-12-14 16:51:41.166

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 33%

Total physical RAM: 8167.14 MB

Available physical RAM: 5422.02 MB

Total Pagefile: 16332.46 MB

Available Pagefile: 13235.13 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:341.7 GB) (Free:154.07 GB) NTFS

Drive d: () (Fixed) (Total:78.13 GB) (Free:25.82 GB) NTFS

Drive e: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1641.89 GB) NTFS

Drive f: () (Fixed) (Total:39.06 GB) (Free:17.5 GB) NTFS

Drive g: () (Fixed) (Total:39.06 GB) (Free:30.06 GB) NTFS

Drive h: () (Fixed) (Total:141.83 GB) (Free:31.44 GB) NTFS

Drive k: () (Fixed) (Total:488.28 GB) (Free:441.51 GB) NTFS

Drive l: () (Fixed) (Total:556.64 GB) (Free:164.21 GB) NTFS

Drive n: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF

 

==================== MBR & Partition Table ==================

 

==================== End Of Log ============================

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK.......

Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then......

You have to manually reset Chrome as before:

CHR DefaultSearchKeyword: yahoo.com search

CHR DefaultSearchProvider: Yahoo

CHR DefaultSearchURL: http://br.search.yah...&type=800236&p={searchTerms}

CHR DefaultNewTabURL:

Let me know....MrC

Link to post
Share on other sites
acsalmeida

acsalmeida

Posted
  • Author
Posted
                                                      Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01

Ran by ACSA (administrator) on ACSA-PC on 15-12-2013 00:42:33

Running from C:\Users\ACSA\Desktop\FRST

Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe

() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe

(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(Celartem, Inc., doing business as Extensis.) C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe

(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe

() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe

(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Akamai Technologies, Inc.) C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe

(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

() C:\Program Files\Macrium\Reflect\ReflectService.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

(Dropbox, Inc.) C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe

() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe

(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\ACSA\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-10-05] (Realtek Semiconductor)

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472992 2013-03-21] (Adobe Systems Incorporated)

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-10-05] (Realtek Semiconductor)

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)

Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)

HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)

HKCU\...\Run: [FMCore.exe] - C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe [9440256 2012-12-11] (Celartem, Inc., doing business as Extensis.)

HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)

HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\ACSA\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKCU\...\Run: [Google Update] - C:\Users\ACSA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-14] (Google Inc.)

HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-14] (Google Inc.)

HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1

HKCU\...\Policies\Explorer: [] 

HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)

HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)

HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)

HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUS ShellProcess Execute] - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a8726356-a695-4a0f-a368-9e52a6bc90b3.exe [180184 2013-11-23] (AVAST Software)

HKLM-x32\...\Run: [tvncontrol] - "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-01] (AVAST Software)

Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

Startup: C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\ACSA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

BootExecute: autocheck autochk * SmartDefragBootTime.exe

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.search.yahoo.com/?type=402027&fr=spigot-yhp-ie

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - DefaultScope {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}

SearchScopes: HKCU - {78CA4453-2964-48D0-9F7D-E7E79C53B942} URL = http://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)

BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: HKLM-x32 {108D3206-846A-4A93-BACB-F0572D043ED7} http://marahu.dvrdns.org:3130/webrec.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1598520 2013-09-23] (Banco Real)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 187.22.0.61 187.22.0.66

Tcpip\..\Interfaces\{A014895A-EA50-48E7-B92D-4BA595890AA7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Tcpip\..\Interfaces\{C87D9D7B-D12F-42F4-B4C5-1659882566C7}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\ACSA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ACSA\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: gastecnologia.com.br/sf/abn - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi

FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\ACSA\AppData\Local\GAS Tecnologia\GBBD\abn\xpi

 

Chrome: 

=======


CHR DefaultSearchKeyword: yahoo.com search

CHR DefaultSearchProvider: Yahoo


CHR DefaultNewTabURL: 

CHR Extension: (Google Docs) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1

CHR Extension: (YouTube) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1

CHR Extension: (Google Search) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1

CHR Extension: (Google Wallet) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR Extension: (Gmail) - C:\Users\ACSA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

 

==================== Services (Whitelisted) =================

 

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-01] (AVAST Software)

R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2013-10-05] (DTS)

R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [409144 2013-08-19] (GAS Tecnologia)

R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-01] ()

R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)

R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)

R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )

 

==================== Drivers (Whitelisted) ====================

 

S3 AIDA64Driver; No ImagePath

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-01] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-01] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-01] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-01] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-01] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-01] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-01] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-01] ()

S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-15] (DT Soft Ltd)

S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()

S0 GbpKm; C:\Windows\SysWow64\drivers\gbpkm.sys [47856 2012-09-18] (GAS Tecnologia)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()

R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()

R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-12-14 21:32 - 2013-12-14 21:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\ACSA\Downloads\HijackThis.exe

2013-12-14 20:31 - 2013-12-14 20:31 - 13086648 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\driverbooster-cnet-setup.exe

2013-12-14 19:26 - 2013-12-14 19:26 - 00000000 ____H C:\ProgramData\cm-lock

2013-12-14 19:00 - 2013-12-15 00:42 - 00000000 ____D C:\Users\ACSA\Desktop\FRST

2013-12-14 17:53 - 2013-12-14 17:53 - 00000000 ____D C:\FRST

2013-12-14 12:30 - 2013-12-14 12:31 - 00000000 ____D C:\AdwCleaner

2013-12-14 11:57 - 2013-12-14 11:58 - 05154339 _____ (Swearware) C:\Users\ACSA\Downloads\ComboFix.exe

2013-12-14 11:32 - 2013-12-14 17:50 - 01927796 _____ (Farbar) C:\Users\ACSA\Downloads\FRST64.exe

2013-12-14 10:11 - 2013-12-14 10:11 - 04101441 _____ C:\Users\ACSA\Downloads\tdsskiller.zip

2013-12-14 09:50 - 2013-12-15 00:17 - 00001176 _____ C:\Windows\setupact.log

2013-12-14 09:50 - 2013-12-15 00:16 - 00008500 _____ C:\Windows\PFRO.log

2013-12-14 09:50 - 2013-12-14 09:50 - 00000000 _____ C:\Windows\setuperr.log

2013-12-14 09:18 - 2013-12-14 09:28 - 00000000 ____D C:\ProgramData\HitmanPro

2013-12-14 09:18 - 2013-12-14 09:19 - 00000000 ____D C:\Program Files\HitmanPro

2013-12-14 09:16 - 2013-12-14 09:17 - 10264904 _____ (SurfRight B.V.) C:\Users\ACSA\Downloads\HitmanPro_x64.exe

2013-12-13 11:14 - 2013-12-14 11:35 - 00891200 _____ C:\Users\ACSA\Downloads\SecurityCheck.exe

2013-12-13 11:10 - 2013-12-13 11:10 - 04050563 _____ C:\Users\ACSA\Downloads\zoek.zip

2013-12-13 10:03 - 2013-12-13 10:03 - 00002330 _____ C:\Users\ACSA\Downloads\RKreport0_S_08182013_083750.txt

2013-12-12 16:38 - 2013-12-12 16:39 - 00000000 ___SD C:\ComboFix

2013-12-12 16:35 - 2013-12-12 17:55 - 00000000 ___DC C:\Users\ACSA\AppData\Local\MigWiz

2013-12-12 16:04 - 2013-12-14 11:58 - 00001081 _____ C:\Users\ACSA\Downloads\yahoo search.txt

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2013-12-12 00:21 - 2013-12-12 00:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2013-12-12 00:18 - 2013-12-12 00:19 - 00184704 _____ (Kaspersky Lab) C:\Users\ACSA\Downloads\kss12.0.1.117mlg_en_de_es_fr_it_ja_pt-br_ru_zh-Hans-br.exe

2013-12-11 21:40 - 2013-12-15 00:29 - 00419690 _____ C:\Windows\WindowsUpdate.log

2013-12-11 21:39 - 2013-12-11 21:39 - 00011960 _____ C:\Users\ACSA\Documents\cc_20131211_213941.reg

2013-12-10 21:53 - 2013-05-10 03:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2013-12-10 21:53 - 2013-05-10 03:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2013-12-10 21:53 - 2013-05-10 02:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2013-12-10 21:53 - 2013-05-10 02:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2013-12-10 21:52 - 2013-11-26 09:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-12-10 21:52 - 2013-11-26 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-12-10 21:52 - 2013-11-26 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-12-10 21:52 - 2013-11-26 08:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-12-10 21:52 - 2013-11-26 07:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-12-10 21:52 - 2013-11-26 07:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-12-10 21:52 - 2013-11-26 07:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-12-10 21:52 - 2013-11-26 07:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-12-10 21:52 - 2013-11-26 07:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-12-10 21:52 - 2013-11-26 07:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-12-10 21:52 - 2013-11-26 07:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-12-10 21:52 - 2013-11-26 07:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-12-10 21:52 - 2013-11-26 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-12-10 21:52 - 2013-11-26 07:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-12-10 21:52 - 2013-11-26 06:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-12-10 21:52 - 2013-11-26 06:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-12-10 21:52 - 2013-11-26 06:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-12-10 21:52 - 2013-11-26 06:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-12-10 21:52 - 2013-11-26 06:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-12-10 21:52 - 2013-11-26 06:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-12-10 21:52 - 2013-11-26 06:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-12-10 21:52 - 2013-11-26 06:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-12-10 21:52 - 2013-11-26 05:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-12-10 21:52 - 2013-11-26 05:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-12-10 21:52 - 2013-11-26 05:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-12-10 21:52 - 2013-11-26 05:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-12-10 21:52 - 2013-11-26 04:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-12-10 21:52 - 2013-11-26 04:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-12-10 21:52 - 2013-11-26 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-12-10 21:52 - 2013-11-26 04:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-12-10 21:52 - 2013-11-26 04:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-12-10 21:49 - 2013-11-23 16:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-12-10 21:49 - 2013-11-23 15:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-12-10 21:49 - 2013-10-30 00:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2013-12-10 21:49 - 2013-10-30 00:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2013-12-10 21:49 - 2013-10-29 23:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-12-10 21:49 - 2013-10-19 00:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-12-10 21:49 - 2013-10-18 23:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-12-10 21:48 - 2013-11-12 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-12-10 21:48 - 2013-11-12 00:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-12-10 21:48 - 2013-10-12 00:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2013-12-10 21:48 - 2013-10-12 00:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2013-12-10 21:48 - 2013-10-12 00:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2013-12-10 21:48 - 2013-10-12 00:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2013-12-10 21:48 - 2013-10-11 23:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2013-12-10 21:48 - 2013-10-11 23:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2013-12-10 21:48 - 2013-10-11 23:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2013-12-10 21:48 - 2013-10-11 23:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2013-12-10 21:48 - 2013-10-04 00:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2013-12-10 21:48 - 2013-10-03 23:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\ProgramData\Sophos

2013-12-10 18:39 - 2013-12-10 18:39 - 00000000 ____D C:\Program Files (x86)\Sophos

2013-12-10 18:38 - 2013-12-10 18:38 - 00000031 _____ C:\Windows\Model.txt

2013-12-10 18:37 - 2013-12-10 18:37 - 00000260 _____ C:\Users\ACSA\Downloads\fsbl-20131210203734.log

2013-12-10 18:36 - 2013-12-10 18:36 - 01137360 _____ (F-Secure Corporation) C:\Users\ACSA\Downloads\fsbl.exe

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2013-12-10 18:28 - 2013-12-10 18:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro

2013-12-10 18:24 - 2013-12-10 18:27 - 80777032 _____ (Sophos Limited) C:\Users\ACSA\Downloads\Sophos Virus Removal Tool.exe

2013-12-10 18:24 - 2013-12-10 18:24 - 01402880 _____ C:\Users\ACSA\Downloads\HiJackThis.msi

2013-12-10 11:55 - 2013-12-10 11:55 - 00000000 ____D C:\Windows\ERUNT

2013-12-10 11:55 - 2013-12-10 11:42 - 01034531 _____ (Thisisu) C:\Users\ACSA\Downloads\JRT.exe

2013-12-10 11:45 - 2013-12-13 10:22 - 01226802 _____ C:\Users\ACSA\Downloads\adwcleaner.exe

2013-12-10 11:30 - 2013-12-10 11:31 - 04166144 _____ C:\Users\ACSA\Downloads\RogueKillerX64.exe

2013-12-10 07:58 - 2013-12-10 07:58 - 07363640 _____ C:\Users\ACSA\Downloads\SCX5600_x86_6.5aS_GM.exe

2013-12-07 19:12 - 2013-12-08 07:44 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AudioGate

2013-12-07 19:11 - 2013-12-07 19:11 - 00000000 ____D C:\Program Files (x86)\KORG

2013-12-07 19:10 - 2013-12-07 19:10 - 00000000 ____D C:\Windows\Downloaded Installations

2013-12-07 19:08 - 2013-12-07 19:09 - 17754289 _____ C:\Users\ACSA\Downloads\KORG_AudioGate_2_3_3.zip

2013-12-07 09:51 - 2013-06-06 18:41 - 00489392 _____ (Ask Partner Network) C:\Users\ACSA\Documents\APNSetup1.exe

2013-12-07 09:21 - 2013-12-07 09:21 - 00000023 _____ C:\Users\ACSA\Downloads\DNS.txt

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\RealHideIP

2013-12-07 09:12 - 2013-12-07 09:12 - 00000000 ____D C:\ProgramData\RealHideIP

2013-12-07 08:53 - 2013-12-07 08:53 - 00000000 ____D C:\Users\ACSA\Downloads\Real Hide IP v4.2.9.6 (1-click run)(registered)

2013-12-06 18:31 - 2013-12-06 18:31 - 00018685 _____ C:\Users\ACSA\Downloads\REL_1026.HTM

2013-12-06 11:53 - 2013-12-06 11:53 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada (1).txt

2013-12-05 21:19 - 2013-12-05 21:19 - 00003119 _____ C:\Users\ACSA\Downloads\Conclamacao Arquitetos Baixada.txt

2013-12-04 10:10 - 2013-12-04 11:00 - 25095200 _____ (IObit                                                       ) C:\Users\ACSA\Downloads\imf-setup.exe

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Windows\en

2013-12-04 08:11 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-12-04 08:10 - 2013-12-04 08:11 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-12-04 08:10 - 2013-12-04 08:10 - 00000000 ____D C:\Windows\PCHEALTH

2013-12-04 08:04 - 2013-12-04 08:28 - 00000000 ____D C:\Users\ACSA\AppData\Local\Windows Live

2013-12-04 08:04 - 2013-12-04 08:04 - 01242112 _____ (Microsoft Corporation) C:\Users\ACSA\Downloads\wlsetup-web.exe

2013-12-03 00:03 - 2013-10-30 15:03 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2013-12-03 00:03 - 2013-10-30 15:02 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2013-12-01 13:53 - 2013-12-01 13:53 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\AVAST Software

2013-12-01 11:00 - 2013-12-01 11:00 - 00000000 ____D C:\Users\ACSA\Downloads\rebolsodoitarar

2013-12-01 08:30 - 2013-12-01 08:30 - 00000000 ____D C:\Users\ACSA\.MCTranscodingSDK

2013-12-01 08:22 - 2013-12-01 08:22 - 00000000 ____D C:\ProgramData\Geevs

2013-12-01 08:21 - 2013-12-10 09:11 - 00000000 ____D C:\Users\Public\Documents\Lightworks

2013-12-01 08:21 - 2013-12-01 08:30 - 00000000 ____D C:\Program Files (x86)\Lightworks

2013-12-01 08:14 - 2013-12-01 08:16 - 154323168 _____ (Online Media Technologies Ltd.                              ) C:\Users\ACSA\Downloads\AVSVideoEditor.exe

2013-11-29 23:26 - 2013-12-01 07:35 - 00000000 ____D C:\Users\ACSA\Downloads\Cine Marahu

2013-11-29 20:43 - 2013-11-29 20:43 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit (1).zip

2013-11-29 20:43 - 2013-11-29 20:43 - 00000000 ____D C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit

2013-11-29 20:38 - 2013-12-02 15:42 - 00000000 ____D C:\Users\ACSA\AppData\Roaming\Abvent_Artlantis5

2013-11-29 20:30 - 2013-12-02 10:57 - 00000000 ____D C:\ProgramData\Abvent

2013-11-29 20:30 - 2013-11-29 20:30 - 00000000 ____D C:\Users\Public\Documents\Abvent

2013-11-29 20:08 - 2013-11-29 20:37 - 00000000 ____D C:\Program Files\Artlantis Studio 5

2013-11-26 18:53 - 2013-11-26 18:53 - 00002848 _____ C:\Windows\System32\Tasks\ASC7_SkipUac_ACSA

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\ProductData

2013-11-26 18:43 - 2013-11-26 18:43 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

2013-11-23 20:34 - 2013-11-23 20:36 - 00000000 ____D C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64

2013-11-23 18:23 - 2013-11-23 19:18 - 517767020 _____ C:\Users\ACSA\Downloads\Artlantis 5.0.2.3 Win64.rar

2013-11-23 18:21 - 2013-11-23 18:21 - 00518455 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_64-bit.zip

2013-11-23 18:21 - 2013-11-23 18:21 - 00446633 _____ C:\Users\ACSA\Downloads\ArchiCAD_16_to_ATL5-Win_32-bit.zip

2013-11-21 10:40 - 2013-11-21 10:41 - 00014015 _____ C:\Users\ACSA\AppData\Roaming\unins000.dat

2013-11-21 10:40 - 2013-11-21 10:40 - 00717985 _____ C:\Users\ACSA\AppData\Roaming\unins000.exe

2013-11-21 10:40 - 2013-11-21 10:40 - 00000000 ____D C:\Users\ACSA\AppData\Local\GAS Tecnologia

2013-11-21 10:38 - 2013-11-21 10:38 - 03357248 _____ (GAS Tecnologia                                              ) C:\Users\ACSA\Downloads\gbplugin2.exe

2013-11-20 17:41 - 2013-11-20 17:41 - 00004762 _____ C:\Users\ACSA\Downloads\al_barbecue1.zip

2013-11-20 13:23 - 2013-11-11 13:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2013-11-20 13:23 - 2013-11-11 13:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2013-11-20 13:23 - 2013-11-11 13:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin

2013-11-20 13:23 - 2013-11-11 13:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2013-11-20 13:23 - 2013-11-11 13:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2013-11-20 13:23 - 2013-11-11 13:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2013-11-20 13:21 - 2013-11-14 09:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2013-11-20 13:21 - 2013-11-14 09:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2013-11-20 13:21 - 2013-11-14 09:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb

2013-11-19 13:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-11-19 13:13 - 2013-11-19 13:13 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-19 13:13 - 2013-11-19 13:13 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-19 13:13 - 2013-11-19 13:13 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-19 13:13 - 2013-11-19 13:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-19 13:13 - 2013-11-19 13:13 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-19 13:13 - 2013-11-19 13:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-18 13:11 - 2013-11-18 13:11 - 00024317 _____ C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey.htm

2013-11-18 13:11 - 2013-11-18 13:11 - 00000000 ____D C:\Users\ACSA\Downloads\Conexão com a Internet ficou mais lenta  A culpa pode ser do DNS   Rodrigo Rey_files

2013-11-18 13:08 - 2013-11-18 13:09 - 05227019 _____ C:\Users\ACSA\Downloads\namebench-1.3.1-Windows.exe

2013-11-16 11:44 - 2013-11-16 11:45 - 11423642 _____ C:\Users\ACSA\Downloads\fotosdolixonascaladasdapraiadosmilionriosem16nov.zip

2013-11-16 10:57 - 2013-11-16 10:58 - 23742698 _____ C:\Users\ACSA\Downloads\Fugazi - Peel Session 1988.mp4

2013-11-16 10:41 - 2013-12-15 00:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-11-16 09:51 - 2013-11-16 09:51 - 00000000 ____D C:\Users\ACSA\Downloads\badernadoitarar

2013-11-15 13:57 - 2013-11-15 13:57 - 00000000 ____D C:\Users\ACSA\Downloads\revocgostariadeacordarassim

2013-11-15 13:53 - 2013-11-15 13:53 - 17914792 _____ C:\Users\ACSA\Downloads\006.AVI

2013-11-15 08:02 - 2013-11-15 08:03 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp (1).xls

2013-11-15 07:59 - 2013-11-15 07:59 - 00453120 _____ C:\Users\ACSA\Downloads\filiacao_sasp.xls

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.