Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
ibrain666

possivel virus

Recommended Posts

ola,no meu drive E: esta aparecendo uma pasta com o nome (System Volume Information) e uma outra como (recycle bin)

abaixo segue os logs

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16660

Run by henrique at 23:00:10 on 2013-09-06

Microsoft Windows 8 6.2.9200.0.932.81.1041.18.3978.2224 [GMT 9:00]

.

AV: ウイルスバスター クラウド *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ウイルスバスター クラウド *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe

C:\windows\SysWow64\IntelCpHeciSvc.exe

C:\Program Files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Windows\SysWOW64\SMITSC.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe

C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe

C:\Program Files\TOSHIBA\Teco\TecoService.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\dashost.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\windows\System32\dwm.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\windows\system32\taskhostex.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\windows\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe

C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe

C:\Program Files\TOSHIBA\Teco\TecoResident.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe

C:\Program Files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe

C:\Program Files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe

C:\Users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\System32\IME\SHARED\imebroker.exe

C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k defragsvc

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg32.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe32.dll

BHO: i-フィルター 6.0 ブラウザーヘルパー: {BE920B15-1DCA-450e-87D0-C1EEA491F3DD} - C:\Program Files (x86)\Digital Arts\IFP6\app\bin\ifp6toolbar32.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TKRTL] "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe" -h

mRun: [ToshibaPlacesGadget] "C:\Program Files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe" -atboottime

mRun: [MediaSyncAgent] "C:\Program Files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe"

mRun: [CLMSTrayIcon] "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"

StartupFolder: C:\Users\henrique\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe

IE: Microsoft Excel にエクスポート(&X) - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: OneNote に送る(&N) - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{5FC544A5-BB12-44EF-B432-1A2E7DB21A46} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg32.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = about:blank

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe64.dll

x64-BHO: i-フィルター 6.0 ブラウザーヘルパー: {BE920B15-1DCA-450e-87D0-C1EEA491F3DD} - C:\Program Files (x86)\Digital Arts\IFP6\app\bin\ifp6toolbar64.dll

x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe

x64-Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe

x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [sRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h

x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe

x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-1-13 645952]

R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-1-13 56336]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2013-1-13 499096]

R1 tmevtmgr;tmevtmgr;C:\windows\System32\Drivers\tmevtmgr.sys [2013-1-13 77184]

R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-1-13 313536]

R2 CLHNServiceForToshiba;CLHNServiceForToshiba;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe [2013-8-17 89864]

R2 DJM-900nexus_AutoSetup;DJM-900nexus_AutoSetup;C:\Program Files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe [2013-8-25 57344]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-8-11 409640]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-1-13 2451456]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-1-13 129856]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-1-13 166720]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-7-11 6891312]

R2 ntk3_Toshiba;ntk3_Toshiba;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys [2013-8-17 81904]

R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2013-9-1 201872]

R2 SMITS;SMITS;C:\Windows\SysWOW64\SMITSC.exe [2013-8-17 12800]

R2 tmusa;Trend Micro Osprey Driver;C:\windows\System32\Drivers\tmusa.sys [2013-1-13 92456]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\Teco\TecoService.exe [2012-8-24 291240]

R2 Toshiba Media Server Monitor Service;Toshiba Media Server Monitor Service;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe [2013-8-17 81672]

R2 Toshiba Media Server Service;Toshiba Media Server Service;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe [2013-8-17 302856]

R2 TPCHKarteSVC;TPCHKarteSVC;C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [2012-3-16 227280]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-21 16768]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-1-13 365376]

R3 FwLnk;FwLnk Driver;C:\windows\System32\Drivers\FwLnk.sys [2012-8-30 9216]

R3 IntcDAud;インテル® ディスプレイ用オーディオ;C:\windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]

R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-7-13 103936]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-1-13 315536]

R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\Drivers\rtwlane.sys [2012-6-30 1498256]

R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-16 43832]

R3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 53384]

R3 tmeevw;tmeevw;C:\windows\System32\Drivers\tmeevw.sys [2013-1-13 94520]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-7-28 458152]

S0 tmel;tmel;C:\windows\System32\Drivers\tmel.sys [2013-1-13 34224]

S2 OEMRegistrationProgram;OEMRegistrationProgram;C:\Program Files (x86)\TOSHIBA\OEM Registration Program\OEMRegistrationProgram.exe [2012-8-10 15360]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]

S3 kx1avs;Traktor Kontrol X1 Midi;C:\windows\System32\Drivers\kx1avs.sys [2011-7-7 357968]

S3 kx1usb_svc;Traktor Kontrol X1;C:\windows\System32\Drivers\kx1usb.sys [2011-7-7 70224]

S3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series アダプター ドライバー (64 ビット版 Windows 7 用);C:\windows\System32\Drivers\NETwNe64.sys [2012-6-2 11400192]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-30 1498256]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]

S3 ta6avs;Traktor Audio 6 WDM Audio;C:\windows\System32\Drivers\ta6avs.sys [2012-12-18 359784]

S3 ta6usb_svc;Traktor Audio 6;C:\windows\System32\Drivers\ta6usb.sys [2012-12-18 78696]

S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;C:\windows\System32\Drivers\tascusb2.sys [2013-8-11 409664]

S3 TASCAM_US122L_MK2_MIDI;TASCAM US-122L mk2 WDM MIDI Device;C:\windows\System32\Drivers\tscusb2m.sys [2013-8-11 31296]

S3 TASCAM_US122L_MK2_WDM;TASCAM US-122L mk2 WDM;C:\windows\System32\Drivers\tscusb2a.sys [2013-8-11 50240]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]

.

=============== Created Last 30 ================

.

2013-09-06 12:11:54 -------- d-----w- C:\Program Files\CCleaner

2013-09-03 20:55:23 270512 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10215.bin

2013-09-01 02:52:30 234544 ----a-w- C:\windows\RegBootClean64.exe

2013-08-25 14:49:53 -------- dc-h--w- C:\ProgramData\{18E5420F-B6DC-45F1-9618-C199435ED6E3}

2013-08-25 14:44:31 -------- d-----w- C:\Program Files (x86)\Common Files\Native Instruments

2013-08-25 14:44:04 -------- dc-h--w- C:\ProgramData\{F2610326-6A40-4BBC-9FBC-7F05356A912A}

2013-08-25 14:39:06 -------- d-----w- C:\Program Files (x86)\Pioneer

2013-08-25 14:37:06 46968 ----a-w- C:\windows\System32\drivers\DJM-900nexusAudio64.sys

2013-08-25 14:37:06 106496 ----a-w- C:\windows\SysWow64\DJM-900nexus_ASIO.dll

2013-08-20 18:03:30 -------- d-----w- C:\ProgramData\boost_interprocess

2013-08-18 15:18:52 -------- dc-h--w- C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}

2013-08-18 15:18:19 -------- dc-h--w- C:\ProgramData\{9477ED15-E4A3-4984-9B76-31F573D8EAAF}

2013-08-17 04:52:47 -------- dc-h--w- C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}

2013-08-17 02:01:58 -------- d-----w- C:\Users\henrique\AppData\Local\MediaServer

2013-08-17 01:33:21 53760 ----a-w- C:\windows\SysWow64\svccontrol.exe

2013-08-17 01:33:21 51712 ----a-w- C:\windows\SysWow64\svcconfig.exe

2013-08-17 01:33:21 12800 ----a-w- C:\windows\SysWow64\SMITSC.exe

2013-08-17 01:30:21 -------- d-----w- C:\Users\henrique\AppData\Roaming\WinBatch

2013-08-14 10:35:36 -------- d-----w- C:\windows\System32\MRT

2013-08-14 10:25:43 1314816 ----a-w- C:\windows\System32\rpcrt4.dll

2013-08-14 10:25:42 694272 ----a-w- C:\windows\SysWow64\rpcrt4.dll

2013-08-14 10:25:40 2233168 ----a-w- C:\windows\System32\drivers\tcpip.sys

2013-08-11 14:57:16 31088 ----a-w- C:\windows\SysWow64\drivers\gbpndisrd.sys

2013-08-11 14:56:46 -------- d-----w- C:\ProgramData\GbPlugin

2013-08-11 14:56:46 -------- d-----w- C:\Program Files (x86)\GbPlugin

2013-08-11 14:54:48 717985 ----a-w- C:\Users\henrique\AppData\Roaming\unins000.exe

2013-08-11 14:54:48 -------- d-----w- C:\Users\henrique\AppData\Local\GAS Tecnologia

2013-08-11 14:54:48 -------- d-----w- C:\ProgramData\GAS Tecnologia

2013-08-11 09:12:47 -------- d-----w- C:\ProgramData\Native Instruments

2013-08-11 09:12:47 -------- d-----w- C:\Program Files\Native Instruments

2013-08-11 09:12:47 -------- d-----w- C:\Program Files\Common Files\Native Instruments

2013-08-11 08:44:21 205376 ------w- C:\windows\System32\US-122_MKII_US-144_MKII.CPL

2013-08-11 08:44:19 -------- d-----w- C:\windows\usb-audio.deTascam

2013-08-11 08:41:35 50240 ----a-w- C:\windows\System32\drivers\tscusb2a.sys

2013-08-11 08:41:35 31296 ----a-w- C:\windows\System32\drivers\tscusb2m.sys

2013-08-11 08:41:34 409664 ----a-w- C:\windows\System32\drivers\tascusb2.sys

2013-08-09 08:04:09 -------- d-----w- C:\Users\henrique\AppData\Local\WmaMp3-Converter.com

2013-08-09 08:03:39 -------- d-----w- C:\Program Files (x86)\Efficient WMA MP3 Converter

2013-08-07 14:14:27 -------- d-----w- C:\Program Files (x86)\Audio Converter

.

==================== Find3M ====================

.

2013-07-26 05:13:37 2241024 ----a-w- C:\windows\System32\wininet.dll

2013-07-26 05:13:28 915968 ----a-w- C:\windows\System32\uxtheme.dll

2013-07-26 05:13:28 53760 ----a-w- C:\windows\System32\UXInit.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\windows\SysWow64\wininet.dll

2013-07-26 03:13:15 44032 ----a-w- C:\windows\SysWow64\UXInit.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-07-26 00:54:34 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll

2013-07-13 06:18:21 337408 ----a-w- C:\windows\System32\wintrust.dll

2013-07-13 06:16:06 68096 ----a-w- C:\windows\System32\cryptsvc.dll

2013-07-13 06:16:06 1889280 ----a-w- C:\windows\System32\crypt32.dll

2013-07-13 06:15:53 98304 ----a-w- C:\windows\System32\apprepsync.dll

2013-07-13 06:15:53 124416 ----a-w- C:\windows\System32\apprepapi.dll

2013-07-13 04:24:58 261120 ----a-w- C:\windows\SysWow64\wintrust.dll

2013-07-13 04:23:11 1568256 ----a-w- C:\windows\SysWow64\crypt32.dll

2013-07-13 04:23:03 87040 ----a-w- C:\windows\SysWow64\apprepapi.dll

2013-07-13 04:23:03 74240 ----a-w- C:\windows\SysWow64\apprepsync.dll

2013-07-09 08:04:07 120144 ----a-w- C:\windows\System32\drivers\msgpioclx.sys

2013-07-09 06:18:21 439488 ----a-w- C:\windows\System32\WerFault.exe

2013-07-09 04:25:45 385768 ----a-w- C:\windows\SysWow64\WerFault.exe

2013-07-09 03:57:19 245760 ----a-w- C:\windows\SysWow64\LocationApi.dll

2013-07-08 22:46:00 543744 ----a-w- C:\windows\System32\wwanmm.dll

2013-07-08 22:46:00 414208 ----a-w- C:\windows\System32\wwanconn.dll

2013-07-08 22:46:00 370688 ----a-w- C:\windows\System32\Wwanadvui.dll

2013-07-08 22:45:16 312832 ----a-w- C:\windows\System32\LocationApi.dll

2013-07-06 00:16:17 1025024 ----a-w- C:\windows\System32\localspl.dll

2013-07-03 00:23:43 391168 ----a-w- C:\windows\System32\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:23:12 778752 ----a-w- C:\windows\System32\oleaut32.dll

2013-07-03 00:22:26 1300480 ----a-w- C:\windows\System32\gdi32.dll

2013-07-03 00:11:23 268800 ----a-w- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:11:02 551424 ----a-w- C:\windows\SysWow64\oleaut32.dll

2013-07-02 23:51:03 4039680 ----a-w- C:\windows\System32\win32k.sys

2013-07-02 00:44:14 36288 ----a-w- C:\windows\System32\drivers\WdBoot.sys

2013-07-01 22:08:49 247216 ----a-w- C:\windows\System32\drivers\WdFilter.sys

2013-06-30 22:30:14 67072 ----a-w- C:\windows\SysWow64\openfiles.exe

2013-06-30 22:29:22 77312 ----a-w- C:\windows\System32\openfiles.exe

2013-06-29 06:15:54 195416 ----a-w- C:\windows\System32\drivers\sdbus.sys

2013-06-29 06:15:47 125784 ----a-w- C:\windows\System32\drivers\dumpsd.sys

2013-06-29 05:43:16 327512 ----a-w- C:\windows\System32\drivers\Classpnp.sys

2013-06-29 01:12:01 1022464 ----a-w- C:\windows\SysWow64\gdi32.dll

2013-06-27 22:04:51 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-27 22:04:51 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-06-26 03:01:38 321536 ----a-w- C:\windows\System32\drivers\udfs.sys

2013-06-26 02:59:34 341504 ----a-w- C:\windows\System32\drivers\HdAudio.sys

2013-06-24 22:54:52 447488 ----a-w- C:\windows\System32\wwansvc.dll

2013-06-24 22:54:45 74240 ----a-w- C:\windows\System32\wcmcsp.dll

2013-06-24 22:54:45 263680 ----a-w- C:\windows\System32\wcmsvc.dll

2013-06-19 05:36:21 183808 ----a-w- C:\windows\System32\winmmbase.dll

2013-06-19 05:36:21 115712 ----a-w- C:\windows\System32\winmm.dll

2013-06-19 03:23:58 1246680 ----a-w- C:\windows\System32\pcnsl.exe

2013-06-19 03:23:56 2231808 ----a-w- C:\windows\System32\dimudywi.dll

2013-06-18 22:38:00 160256 ----a-w- C:\windows\SysWow64\winmmbase.dll

2013-06-18 22:38:00 125440 ----a-w- C:\windows\SysWow64\winmm.dll

2013-06-16 22:41:31 997632 ----a-w- C:\windows\System32\drivers\ndis.sys

2013-06-11 23:43:37 154112 ----a-w- C:\windows\SysWow64\WinSCard.dll

2013-06-11 23:26:20 230912 ----a-w- C:\windows\System32\WinSCard.dll

2013-06-10 21:17:46 96512 ----a-w- C:\windows\System32\drivers\wfplwfs.sys

2013-06-10 19:16:07 888832 ----a-w- C:\windows\System32\nshwfp.dll

2013-06-10 19:15:42 1156096 ----a-w- C:\windows\System32\IKEEXT.DLL

2013-06-10 19:15:38 381952 ----a-w- C:\windows\System32\FWPUCLNT.DLL

2013-06-10 19:15:25 723968 ----a-w- C:\windows\System32\BFE.DLL

2013-06-10 19:10:58 702464 ----a-w- C:\windows\SysWow64\nshwfp.dll

2013-06-10 19:10:37 245248 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL

.

============= FINISH: 23:00:33.77 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume2

Install Date: 2013/08/04 19:18:38

System Uptime: 2013/09/02 19:11:43 (100 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: Intel® Celeron® CPU B830 @ 1.80GHz | U3E1 | 1800/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 530 GiB total, 364.221 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 50 GiB total, 38.441 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP5: 2013/09/01 17:33:46 - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Reader X (10.1.3) - Japanese

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

BookPlaceReader

CCleaner

Contents

Corel VideoStudio X5

CyberLink MediaShow 6

CyberLink MediaSync

DigiBookBrowser Version 1.5.1.4

Dropbox

dynabookランチャー用バナー

ebi.BookReader4

ebi.SampleContents

Efficient WMA MP3 Converter version 0.99.9.3

Express Burn

GBBD Banco do Brasil

Google Chrome

Google Update Helper

i-フィルター 6.0

ICA

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

IntelR Trusted Connect Service Client

IPM_VS_Pro

ISCOM

LoiLoScope 2

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Essentials 2010

Microsoft Office Excel MUI (Japanese) 2010

Microsoft Office IME (Japanese) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Japanese) 2010

Microsoft Office Outlook MUI (Japanese) 2010

Microsoft Office PowerPoint MUI (Japanese) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Japanese) 2010

Microsoft Office Proofing (Japanese) 2010

Microsoft Office Shared 32-bit MUI (Japanese) 2010

Microsoft Office Shared MUI (Japanese) 2010

Microsoft Office Word MUI (Japanese) 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語

MPC-HC 1.6.8 (64-bit)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

music.jp PLAY 4.0

Native Instruments Controller Editor

Native Instruments Service Center

Native Instruments Traktor 2

Native Instruments Traktor Audio 6 Driver

Native Instruments Traktor Kontrol X1

Native Instruments Traktor Kontrol X1 Driver

OEM Registration Program

PCあんしん点検ユーティリティ

PC引越ナビ

PhotoWizard

Pioneer DJM-900nexus Driver

PlayReady PC Runtime x86

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

Roxio Creator LJ

RZスイート express

Setup

Share

Share64

SPG Audio Converter 1.0

SRS Premium Sound Control Panel

Synaptics Pointing Device Driver

TOSHIBA Active Display Off

TOSHIBA Blu-ray Disc Player

TOSHIBA Desktop Assist

TOSHIBA eco Utility

TOSHIBA Function Key

TOSHIBA Manual

TOSHIBA PalaDouga

TOSHIBA Password Utility

TOSHIBA PC Health Monitor

TOSHIBA Recovery Media Creator

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA SD-Video PLAYER

TOSHIBA Service Station

TOSHIBA Speech Synthesis

TOSHIBA System Driver

TOSHIBA System Settings

Trend Micro Titanium

Update for Japanese Microsoft IME Postal Code Dictionary

Update for Japanese Microsoft IME Standard Dictionary

Update for Japanese Microsoft IME Standard Extended Dictionary

US-122 MKII / US-144 MKII

VSClassic

VSHelp

VSPro

Windows Media Encoder 9 Series

WinRAR 4.20 (64-bit)

μTorrent

いつもNAVI PC

ウイルスバスター クラウド

ウイルスバスター登録ツール

おたすけナビ

てぶらナビ

ぱらちゃんV2.3

楽しもう!Office ライフ

新しい Office の入手

東芝ジェスチャコントローラ

東芝プレイスガジェット

動画で解決!操作ガイド

動画で解決!操作ガイド-コンテンツ-

筆ぐるめ Ver.19

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-09-06 23:12:15

Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000036 TOSHIBA_MK6475GSX rev.GT001M 596.17GB

Running: gmer.exe; Driver: C:\Users\henrique\AppData\Local\Temp\axliipob.sys

---- Kernel code sections - GMER 2.1 ----

.text C:\windows\System32\win32k.sys!W32pServiceTable fffff96000132900 7 bytes [40, 5C, 82, 01, 00, 57, F2]

.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000132908 7 bytes [01, 7E, C0, FF, 00, 1B, DB]

---- User code sections - GMER 2.1 ----

.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3360] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3360] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3360] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\windows\Explorer.EXE[6248] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\windows\Explorer.EXE[6248] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\windows\Explorer.EXE[6248] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[7760] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[7760] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[7760] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[7620] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[7620] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[7620] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\Windows\System32\igfxpers.exe[3176] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd44c8177a 4 bytes [C8, 44, FD, 07]

.text C:\Windows\System32\igfxpers.exe[3176] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd44c81782 4 bytes [C8, 44, FD, 07]

---- Threads - GMER 2.1 ----

Thread C:\windows\system32\csrss.exe [3976:4420] fffff9600099f5e8

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

desde ja obrigado:rolleyes:

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola,perdao pelo atraso,segue abaixo os logs ;)

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16660

Run by henrique at 0:10:02 on 2013-09-12

Microsoft Windows 8 6.2.9200.0.932.81.1041.18.3978.2266 [GMT 9:00]

.

AV: ウイルスバスター クラウド *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ウイルスバスター クラウド *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe

C:\windows\SysWow64\IntelCpHeciSvc.exe

C:\Program Files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Windows\SysWOW64\SMITSC.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe

C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe

C:\Program Files\TOSHIBA\Teco\TecoService.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\dashost.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\SearchProtocolHost.exe

C:\windows\System32\LogonUI.exe

C:\windows\system32\dwm.exe

C:\windows\System32\dwm.exe

C:\windows\system32\taskhostex.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\windows\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe

C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe

C:\Program Files\TOSHIBA\Teco\TecoResident.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe

C:\Program Files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe

C:\Program Files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe

C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe

C:\Users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\System32\IME\SHARED\imebroker.exe

C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\System32\svchost.exe -k WerSvcGroup

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg32.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe32.dll

BHO: i-フィルター 6.0 ブラウザーヘルパー: {BE920B15-1DCA-450e-87D0-C1EEA491F3DD} - C:\Program Files (x86)\Digital Arts\IFP6\app\bin\ifp6toolbar32.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TKRTL] "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe" -h

mRun: [ToshibaPlacesGadget] "C:\Program Files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe" -atboottime

mRun: [MediaSyncAgent] "C:\Program Files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe"

mRun: [CLMSTrayIcon] "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"

StartupFolder: C:\Users\henrique\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe

IE: Microsoft Excel にエクスポート(&X) - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: OneNote に送る(&N) - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{5FC544A5-BB12-44EF-B432-1A2E7DB21A46} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg32.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = about:blank

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe64.dll

x64-BHO: i-フィルター 6.0 ブラウザーヘルパー: {BE920B15-1DCA-450e-87D0-C1EEA491F3DD} - C:\Program Files (x86)\Digital Arts\IFP6\app\bin\ifp6toolbar64.dll

x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe

x64-Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe

x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [sRS Premium Sound 3D] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h

x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe

x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-1-13 645952]

R0 PxHlpa64;PxHlpa64;C:\windows\System32\Drivers\PxHlpa64.sys [2013-1-13 56336]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2013-1-13 499096]

R1 tmevtmgr;tmevtmgr;C:\windows\System32\Drivers\tmevtmgr.sys [2013-1-13 77184]

R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-1-13 313536]

R2 CLHNServiceForToshiba;CLHNServiceForToshiba;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe [2013-8-17 89864]

R2 DJM-900nexus_AutoSetup;DJM-900nexus_AutoSetup;C:\Program Files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe [2013-8-25 57344]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-8-11 409640]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-1-13 2451456]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-1-13 129856]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-1-13 166720]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-7-11 6891312]

R2 ntk3_Toshiba;ntk3_Toshiba;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys [2013-8-17 81904]

R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2013-9-1 201872]

R2 SMITS;SMITS;C:\Windows\SysWOW64\SMITSC.exe [2013-8-17 12800]

R2 tmusa;Trend Micro Osprey Driver;C:\windows\System32\Drivers\tmusa.sys [2013-1-13 92456]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\Teco\TecoService.exe [2012-8-24 291240]

R2 Toshiba Media Server Monitor Service;Toshiba Media Server Monitor Service;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe [2013-8-17 81672]

R2 Toshiba Media Server Service;Toshiba Media Server Service;C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe [2013-8-17 302856]

R2 TPCHKarteSVC;TPCHKarteSVC;C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [2012-3-16 227280]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-21 16768]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-1-13 365376]

R3 FwLnk;FwLnk Driver;C:\windows\System32\Drivers\FwLnk.sys [2012-8-30 9216]

R3 IntcDAud;インテル® ディスプレイ用オーディオ;C:\windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]

R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-7-13 103936]

R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2013-1-13 315536]

R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\Drivers\rtwlane.sys [2012-6-30 1498256]

R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-16 43832]

R3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 53384]

R3 tmeevw;tmeevw;C:\windows\System32\Drivers\tmeevw.sys [2013-1-13 94520]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-7-28 458152]

S0 tmel;tmel;C:\windows\System32\Drivers\tmel.sys [2013-1-13 34224]

S2 OEMRegistrationProgram;OEMRegistrationProgram;C:\Program Files (x86)\TOSHIBA\OEM Registration Program\OEMRegistrationProgram.exe [2012-8-10 15360]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-6-4 103448]

S3 kx1avs;Traktor Kontrol X1 Midi;C:\windows\System32\Drivers\kx1avs.sys [2011-7-7 357968]

S3 kx1usb_svc;Traktor Kontrol X1;C:\windows\System32\Drivers\kx1usb.sys [2011-7-7 70224]

S3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series アダプター ドライバー (64 ビット版 Windows 7 用);C:\windows\System32\Drivers\NETwNe64.sys [2012-6-2 11400192]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-30 1498256]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-6-4 203672]

S3 ta6avs;Traktor Audio 6 WDM Audio;C:\windows\System32\Drivers\ta6avs.sys [2012-12-18 359784]

S3 ta6usb_svc;Traktor Audio 6;C:\windows\System32\Drivers\ta6usb.sys [2012-12-18 78696]

S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;C:\windows\System32\Drivers\tascusb2.sys [2013-8-11 409664]

S3 TASCAM_US122L_MK2_MIDI;TASCAM US-122L mk2 WDM MIDI Device;C:\windows\System32\Drivers\tscusb2m.sys [2013-8-11 31296]

S3 TASCAM_US122L_MK2_WDM;TASCAM US-122L mk2 WDM;C:\windows\System32\Drivers\tscusb2a.sys [2013-8-11 50240]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]

.

=============== Created Last 30 ================

.

2013-09-06 12:11:54 -------- d-----w- C:\Program Files\CCleaner

2013-09-03 20:55:23 270512 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10215.bin

2013-09-01 02:52:30 234544 ----a-w- C:\windows\RegBootClean64.exe

2013-08-25 14:49:53 -------- dc-h--w- C:\ProgramData\{18E5420F-B6DC-45F1-9618-C199435ED6E3}

2013-08-25 14:44:31 -------- d-----w- C:\Program Files (x86)\Common Files\Native Instruments

2013-08-25 14:44:04 -------- dc-h--w- C:\ProgramData\{F2610326-6A40-4BBC-9FBC-7F05356A912A}

2013-08-25 14:39:06 -------- d-----w- C:\Program Files (x86)\Pioneer

2013-08-25 14:37:06 46968 ----a-w- C:\windows\System32\drivers\DJM-900nexusAudio64.sys

2013-08-25 14:37:06 106496 ----a-w- C:\windows\SysWow64\DJM-900nexus_ASIO.dll

2013-08-20 18:03:30 -------- d-----w- C:\ProgramData\boost_interprocess

2013-08-18 15:18:52 -------- dc-h--w- C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}

2013-08-18 15:18:19 -------- dc-h--w- C:\ProgramData\{9477ED15-E4A3-4984-9B76-31F573D8EAAF}

2013-08-17 04:52:47 -------- dc-h--w- C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}

2013-08-17 02:01:58 -------- d-----w- C:\Users\henrique\AppData\Local\MediaServer

2013-08-17 01:33:21 53760 ----a-w- C:\windows\SysWow64\svccontrol.exe

2013-08-17 01:33:21 51712 ----a-w- C:\windows\SysWow64\svcconfig.exe

2013-08-17 01:33:21 12800 ----a-w- C:\windows\SysWow64\SMITSC.exe

2013-08-17 01:30:21 -------- d-----w- C:\Users\henrique\AppData\Roaming\WinBatch

2013-08-14 10:35:36 -------- d-----w- C:\windows\System32\MRT

2013-08-14 10:25:43 1314816 ----a-w- C:\windows\System32\rpcrt4.dll

2013-08-14 10:25:42 694272 ----a-w- C:\windows\SysWow64\rpcrt4.dll

2013-08-14 10:25:40 2233168 ----a-w- C:\windows\System32\drivers\tcpip.sys

.

==================== Find3M ====================

.

2013-09-02 10:12:52 31088 ----a-w- C:\windows\SysWow64\drivers\gbpndisrd.sys

2013-08-11 14:54:46 717985 ----a-w- C:\Users\henrique\AppData\Roaming\unins000.exe

2013-07-26 05:13:37 2241024 ----a-w- C:\windows\System32\wininet.dll

2013-07-26 05:13:28 915968 ----a-w- C:\windows\System32\uxtheme.dll

2013-07-26 05:13:28 53760 ----a-w- C:\windows\System32\UXInit.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\windows\SysWow64\wininet.dll

2013-07-26 03:13:15 44032 ----a-w- C:\windows\SysWow64\UXInit.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-07-26 00:54:34 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll

2013-07-13 06:18:21 337408 ----a-w- C:\windows\System32\wintrust.dll

2013-07-13 06:16:06 68096 ----a-w- C:\windows\System32\cryptsvc.dll

2013-07-13 06:16:06 1889280 ----a-w- C:\windows\System32\crypt32.dll

2013-07-13 06:15:53 98304 ----a-w- C:\windows\System32\apprepsync.dll

2013-07-13 06:15:53 124416 ----a-w- C:\windows\System32\apprepapi.dll

2013-07-13 04:24:58 261120 ----a-w- C:\windows\SysWow64\wintrust.dll

2013-07-13 04:23:11 1568256 ----a-w- C:\windows\SysWow64\crypt32.dll

2013-07-13 04:23:03 87040 ----a-w- C:\windows\SysWow64\apprepapi.dll

2013-07-13 04:23:03 74240 ----a-w- C:\windows\SysWow64\apprepsync.dll

2013-07-09 08:04:07 120144 ----a-w- C:\windows\System32\drivers\msgpioclx.sys

2013-07-09 06:18:21 439488 ----a-w- C:\windows\System32\WerFault.exe

2013-07-09 04:25:45 385768 ----a-w- C:\windows\SysWow64\WerFault.exe

2013-07-09 03:57:19 245760 ----a-w- C:\windows\SysWow64\LocationApi.dll

2013-07-08 22:46:00 543744 ----a-w- C:\windows\System32\wwanmm.dll

2013-07-08 22:46:00 414208 ----a-w- C:\windows\System32\wwanconn.dll

2013-07-08 22:46:00 370688 ----a-w- C:\windows\System32\Wwanadvui.dll

2013-07-08 22:45:16 312832 ----a-w- C:\windows\System32\LocationApi.dll

2013-07-06 00:16:17 1025024 ----a-w- C:\windows\System32\localspl.dll

2013-07-03 00:23:43 391168 ----a-w- C:\windows\System32\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:23:12 778752 ----a-w- C:\windows\System32\oleaut32.dll

2013-07-03 00:22:26 1300480 ----a-w- C:\windows\System32\gdi32.dll

2013-07-03 00:11:23 268800 ----a-w- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:11:02 551424 ----a-w- C:\windows\SysWow64\oleaut32.dll

2013-07-02 23:51:03 4039680 ----a-w- C:\windows\System32\win32k.sys

2013-07-02 00:44:14 36288 ----a-w- C:\windows\System32\drivers\WdBoot.sys

2013-07-01 22:08:49 247216 ----a-w- C:\windows\System32\drivers\WdFilter.sys

2013-06-30 22:30:14 67072 ----a-w- C:\windows\SysWow64\openfiles.exe

2013-06-30 22:29:22 77312 ----a-w- C:\windows\System32\openfiles.exe

2013-06-29 06:15:54 195416 ----a-w- C:\windows\System32\drivers\sdbus.sys

2013-06-29 06:15:47 125784 ----a-w- C:\windows\System32\drivers\dumpsd.sys

2013-06-29 05:43:16 327512 ----a-w- C:\windows\System32\drivers\Classpnp.sys

2013-06-29 01:12:01 1022464 ----a-w- C:\windows\SysWow64\gdi32.dll

2013-06-27 22:04:51 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-27 22:04:51 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-06-26 03:01:38 321536 ----a-w- C:\windows\System32\drivers\udfs.sys

2013-06-26 02:59:34 341504 ----a-w- C:\windows\System32\drivers\HdAudio.sys

2013-06-24 22:54:52 447488 ----a-w- C:\windows\System32\wwansvc.dll

2013-06-24 22:54:45 74240 ----a-w- C:\windows\System32\wcmcsp.dll

2013-06-24 22:54:45 263680 ----a-w- C:\windows\System32\wcmsvc.dll

2013-06-19 05:36:21 183808 ----a-w- C:\windows\System32\winmmbase.dll

2013-06-19 05:36:21 115712 ----a-w- C:\windows\System32\winmm.dll

2013-06-19 03:23:58 1246680 ----a-w- C:\windows\System32\pcnsl.exe

2013-06-19 03:23:56 2231808 ----a-w- C:\windows\System32\dimudywi.dll

2013-06-18 22:38:00 160256 ----a-w- C:\windows\SysWow64\winmmbase.dll

2013-06-18 22:38:00 125440 ----a-w- C:\windows\SysWow64\winmm.dll

2013-06-16 22:41:31 997632 ----a-w- C:\windows\System32\drivers\ndis.sys

.

============= FINISH: 0:10:54.41 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume2

Install Date: 2013/08/04 19:18:38

System Uptime: 2013/09/02 19:11:43 (221 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: Intel® Celeron® CPU B830 @ 1.80GHz | U3E1 | 1800/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 530 GiB total, 364.278 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 50 GiB total, 37.92 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP5: 2013/09/01 17:33:46 - Windows Update

RP6: 2013/09/10 3:06:16 - スケジュールされたチェックポイント

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Reader X (10.1.3) - Japanese

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

BookPlaceReader

CCleaner

Contents

Corel VideoStudio X5

CyberLink MediaShow 6

CyberLink MediaSync

DigiBookBrowser Version 1.5.1.4

Dropbox

dynabookランチャー用バナー

ebi.BookReader4

ebi.SampleContents

Efficient WMA MP3 Converter version 0.99.9.3

Express Burn

GBBD Banco do Brasil

Google Chrome

Google Update Helper

i-フィルター 6.0

ICA

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

IntelR Trusted Connect Service Client

IPM_VS_Pro

ISCOM

LoiLoScope 2

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Essentials 2010

Microsoft Office Excel MUI (Japanese) 2010

Microsoft Office IME (Japanese) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Japanese) 2010

Microsoft Office Outlook MUI (Japanese) 2010

Microsoft Office PowerPoint MUI (Japanese) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Japanese) 2010

Microsoft Office Proofing (Japanese) 2010

Microsoft Office Shared 32-bit MUI (Japanese) 2010

Microsoft Office Shared MUI (Japanese) 2010

Microsoft Office Word MUI (Japanese) 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語

MPC-HC 1.6.8 (64-bit)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

music.jp PLAY 4.0

Native Instruments Controller Editor

Native Instruments Service Center

Native Instruments Traktor 2

Native Instruments Traktor Audio 6 Driver

Native Instruments Traktor Kontrol X1

Native Instruments Traktor Kontrol X1 Driver

OEM Registration Program

PCあんしん点検ユーティリティ

PC引越ナビ

PhotoWizard

Pioneer DJM-900nexus Driver

PlayReady PC Runtime x86

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

Roxio Creator LJ

RZスイート express

Setup

Share

Share64

SPG Audio Converter 1.0

SRS Premium Sound Control Panel

Synaptics Pointing Device Driver

TOSHIBA Active Display Off

TOSHIBA Blu-ray Disc Player

TOSHIBA Desktop Assist

TOSHIBA eco Utility

TOSHIBA Function Key

TOSHIBA Manual

TOSHIBA PalaDouga

TOSHIBA Password Utility

TOSHIBA PC Health Monitor

TOSHIBA Recovery Media Creator

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA SD-Video PLAYER

TOSHIBA Service Station

TOSHIBA Speech Synthesis

TOSHIBA System Driver

TOSHIBA System Settings

Trend Micro Titanium

Update for Japanese Microsoft IME Postal Code Dictionary

Update for Japanese Microsoft IME Standard Dictionary

Update for Japanese Microsoft IME Standard Extended Dictionary

US-122 MKII / US-144 MKII

VSClassic

VSHelp

VSPro

Windows Media Encoder 9 Series

WinRAR 4.20 (64-bit)

μTorrent

いつもNAVI PC

ウイルスバスター クラウド

ウイルスバスター登録ツール

おたすけナビ

てぶらナビ

ぱらちゃんV2.3

楽しもう!Office ライフ

新しい Office の入手

東芝ジェスチャコントローラ

東芝プレイスガジェット

動画で解決!操作ガイド

動画で解決!操作ガイド-コンテンツ-

筆ぐるめ Ver.19

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-09-12 00:19:09

Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000036 TOSHIBA_MK6475GSX rev.GT001M 596.17GB

Running: gmer.exe; Driver: C:\Users\henrique\AppData\Local\Temp\axliipob.sys

---- Kernel code sections - GMER 2.1 ----

.text C:\windows\System32\win32k.sys!W32pServiceTable fffff96000132900 7 bytes [40, 5C, 82, 01, 00, 57, F2]

.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000132908 7 bytes [01, 7E, C0, FF, 00, 1B, DB]

---- User code sections - GMER 2.1 ----

.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[8920] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[8920] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[8920] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[7704] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[7704] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe[7704] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[11228] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd3c2e1532 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[11228] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd3c2e153a 4 bytes [2E, 3C, FD, 07]

.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[11228] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd3c2e165a 4 bytes [2E, 3C, FD, 07]

.text C:\Windows\System32\igfxpers.exe[10980] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd44c8177a 4 bytes [C8, 44, FD, 07]

.text C:\Windows\System32\igfxpers.exe[10980] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd44c81782 4 bytes [C8, 44, FD, 07]

---- Threads - GMER 2.1 ----

Thread C:\windows\system32\csrss.exe [9280:12164] fffff9600099f5e8

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

>>> É recomendado somente 1 antivírus instalado, por favor, desinstale o outro.

Faça o download Junkware Removal Tool e salve em seu Desktop.

  • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
  • Clique duas vezes JRT.exe
    • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

    [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.

# Etapa nº 2 #

  • Clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Pesquisar
  • No final do scan será aberto um log com o resultado.
  • Caso algo seja detectado, clique então no botão Remover.
  • Novamente, no final do scan será aberto um log com o resultado.
  • Copie todo seu conteúdo e cole em sua próxima resposta.

# Etapa nº 3 #

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Abraços :D
  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,quando fiz o scan com o adwcleaner,ao final do scan apareceu uma mensagem pedindo para desmarcar o que eu nao quisesse excluir,mas nao havia nada para desmarcar.somente essa mensagem,então apertei clean como mandava o adwcleaner.

abaixo os logs ;)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.0 (09.12.2013:1)

OS: Windows 8 x64

Ran by henrique on 2013/09/13 at 19:37:33.94

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google\Chrome\extensioninstallforcelist [blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 2013/09/13 at 19:45:17.88

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.003 - Report created 14/09/2013 at 13:53:17

# Updated 07/09/2013 by Xplode

# Operating System : Windows 8 (64 bits)

# Username : henrique - HENRIQUE

# Running from : C:\Users\henrique\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\henrique\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [742 octets] - [14/09/2013 13:29:04]

AdwCleaner[R1].txt - [860 octets] - [14/09/2013 13:51:35]

AdwCleaner[s0].txt - [802 octets] - [14/09/2013 13:45:36]

AdwCleaner[s1].txt - [782 octets] - [14/09/2013 13:53:17]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [841 octets] ##########

ComboFix 13-09-13.03 - henrique 2013/09/14 14:03:38.1.2 - x64

Microsoft Windows 8 6.2.9200.0.932.81.1041.18.3978.2671 [GMT 9:00]

Running from: c:\users\henrique\Desktop\ComboFix.exe

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: ウイルスバスター クラウド *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ウイルスバスター クラウド *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\henrique\AppData\Local\Google\Chrome\User Data\Default\preferences

c:\users\henrique\AppData\Roaming\unins000.exe

c:\windows\SysWow64\ぱらちゃん.scr

c:\windows\wininit.ini

.

.

((((((((((((((((((((((((( Files Created from 2013-08-14 to 2013-09-14 )))))))))))))))))))))))))))))))

.

.

2013-09-14 05:17 . 2013-09-14 05:17 -------- d-----w- c:\users\henrique\AppData\Local\temp

2013-09-14 05:17 . 2013-09-14 05:17 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-09-14 04:28 . 2013-09-14 04:56 -------- d-----w- C:\AdwCleaner

2013-09-13 10:37 . 2013-09-13 10:37 -------- d-----w- c:\windows\ERUNT

2013-09-12 13:49 . 2013-09-12 13:49 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin

2013-09-06 12:11 . 2013-09-06 12:12 -------- d-----w- c:\program files\CCleaner

2013-09-01 02:52 . 2013-09-01 02:52 234544 ----a-w- c:\windows\RegBootClean64.exe

2013-08-25 14:49 . 2013-08-25 14:49 -------- dc-h--w- c:\programdata\{18E5420F-B6DC-45F1-9618-C199435ED6E3}

2013-08-25 14:44 . 2013-08-25 14:44 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments

2013-08-25 14:44 . 2013-08-25 14:44 -------- dc-h--w- c:\programdata\{F2610326-6A40-4BBC-9FBC-7F05356A912A}

2013-08-25 14:39 . 2013-08-25 14:39 -------- d-----w- c:\program files (x86)\Pioneer

2013-08-25 14:37 . 2011-01-24 03:29 46968 ----a-w- c:\windows\system32\drivers\DJM-900nexusAudio64.sys

2013-08-25 14:37 . 2011-01-24 03:24 106496 ----a-w- c:\windows\SysWow64\DJM-900nexus_ASIO.dll

2013-08-18 15:18 . 2013-08-18 15:18 -------- dc-h--w- c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}

2013-08-18 15:18 . 2013-08-18 15:18 -------- dc-h--w- c:\programdata\{9477ED15-E4A3-4984-9B76-31F573D8EAAF}

2013-08-17 04:52 . 2013-08-17 04:52 -------- dc-h--w- c:\programdata\{018F1C44-00D1-417B-B251-92A5634F74AE}

2013-08-17 03:55 . 2013-08-17 03:55 -------- d-----w- c:\users\henrique\AppData\Roaming\CyberLink

2013-08-17 02:01 . 2013-08-17 02:01 -------- d-----w- c:\users\henrique\AppData\Local\MediaServer

2013-08-17 01:33 . 2013-06-19 03:27 12800 ----a-w- c:\windows\SysWow64\SMITSC.exe

2013-08-17 01:33 . 2013-06-19 03:24 53760 ----a-w- c:\windows\SysWow64\svccontrol.exe

2013-08-17 01:33 . 2013-06-19 03:24 51712 ----a-w- c:\windows\SysWow64\svcconfig.exe

2013-08-17 01:30 . 2013-08-17 01:30 -------- d-----w- c:\users\henrique\AppData\Roaming\WinBatch

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-09-14 04:54 . 2013-08-11 14:57 31088 ----a-w- c:\windows\SysWow64\drivers\gbpndisrd.sys

2013-08-14 10:35 . 2013-08-05 12:30 78161360 ----a-w- c:\windows\system32\MRT.exe

2013-08-05 10:06 . 2013-08-05 10:06 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-08-05 10:06 . 2013-08-05 10:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-08-04 10:18 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-07-26 05:13 . 2013-08-14 10:24 51712 ----a-w- c:\windows\system32\ie4uinit.exe

2013-07-26 05:13 . 2013-08-14 10:24 2241024 ----a-w- c:\windows\system32\wininet.dll

2013-07-26 05:13 . 2013-08-14 10:24 53760 ----a-w- c:\windows\system32\UXInit.dll

2013-07-26 05:13 . 2013-08-14 10:24 915968 ----a-w- c:\windows\system32\uxtheme.dll

2013-07-26 05:13 . 2013-08-14 10:24 1365504 ----a-w- c:\windows\system32\urlmon.dll

2013-07-26 05:12 . 2013-08-14 10:24 19239424 ----a-w- c:\windows\system32\mshtml.dll

2013-07-26 05:12 . 2013-08-14 10:24 603136 ----a-w- c:\windows\system32\msfeeds.dll

2013-07-26 05:12 . 2013-08-14 10:24 53760 ----a-w- c:\windows\system32\jsproxy.dll

2013-07-26 05:12 . 2013-08-14 10:24 855552 ----a-w- c:\windows\system32\jscript.dll

2013-07-26 05:12 . 2013-08-14 10:23 3958784 ----a-w- c:\windows\system32\jscript9.dll

2013-07-26 05:12 . 2013-08-14 10:24 136704 ----a-w- c:\windows\system32\iesysprep.dll

2013-07-26 05:12 . 2013-08-14 10:24 39936 ----a-w- c:\windows\system32\iernonce.dll

2013-07-26 05:12 . 2013-08-14 10:24 67072 ----a-w- c:\windows\system32\iesetup.dll

2013-07-26 05:12 . 2013-08-14 10:24 15405056 ----a-w- c:\windows\system32\ieframe.dll

2013-07-26 05:12 . 2013-08-14 10:23 2647040 ----a-w- c:\windows\system32\iertutil.dll

2013-07-26 03:35 . 2013-08-14 10:24 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-07-26 03:13 . 2013-08-14 10:24 1767936 ----a-w- c:\windows\SysWow64\wininet.dll

2013-07-26 03:13 . 2013-08-14 10:24 44032 ----a-w- c:\windows\SysWow64\UXInit.dll

2013-07-26 03:12 . 2013-08-14 10:23 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll

2013-07-26 03:12 . 2013-08-14 10:24 61440 ----a-w- c:\windows\SysWow64\iesetup.dll

2013-07-26 03:12 . 2013-08-14 10:24 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-07-26 02:49 . 2013-08-14 10:24 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb

2013-07-26 00:54 . 2013-08-14 10:24 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll

2013-07-13 06:18 . 2013-08-14 10:23 337408 ----a-w- c:\windows\system32\wintrust.dll

2013-07-13 06:16 . 2013-08-14 10:23 68096 ----a-w- c:\windows\system32\cryptsvc.dll

2013-07-13 06:16 . 2013-08-14 10:23 1889280 ----a-w- c:\windows\system32\crypt32.dll

2013-07-13 06:15 . 2013-08-14 10:23 124416 ----a-w- c:\windows\system32\apprepapi.dll

2013-07-13 06:15 . 2013-08-14 10:23 98304 ----a-w- c:\windows\system32\apprepsync.dll

2013-07-13 04:24 . 2013-08-14 10:23 261120 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-07-13 04:23 . 2013-08-14 10:23 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-07-13 04:23 . 2013-08-14 10:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll

2013-07-13 04:23 . 2013-08-14 10:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll

2013-07-09 06:07 . 2013-08-14 10:25 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-07-02 00:44 . 2013-08-14 10:27 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys

2013-07-01 22:08 . 2013-08-14 10:27 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys

2013-06-27 22:04 . 2013-08-05 15:30 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-27 22:04 . 2013-08-05 15:30 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-19 03:23 . 2012-08-16 08:46 1246680 ----a-w- c:\windows\system32\pcnsl.exe

2013-06-19 03:23 . 2012-08-16 08:46 2231808 ----a-w- c:\windows\system32\dimudywi.dll

2013-06-16 22:41 . 2013-08-07 09:55 997632 ----a-w- c:\windows\system32\drivers\ndis.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

"TKRTL"="c:\program files (x86)\TOSHIBA\TKRTL\KarteLite.exe" [2012-08-27 706504]

"ToshibaPlacesGadget"="c:\program files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe" [2012-08-07 2187776]

"MediaSyncAgent"="c:\program files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe" [2012-07-13 373320]

"CLMSTrayIcon"="c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe" [2013-03-18 3362568]

.

c:\users\henrique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-6 27370808]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableCursorSuppression"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2013-07-15 02:23 1410088 ------w- c:\program files (x86)\GbPlugin\gbieh.dll

.

R0 tmel;tmel;c:\windows\system32\DRIVERS\tmel.sys;c:\windows\SYSNATIVE\DRIVERS\tmel.sys [x]

R2 OEMRegistrationProgram;OEMRegistrationProgram;c:\program files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe;c:\program files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe [x]

R2 SMITS;SMITS;c:\windows\SysWOW64\SMITSC.exe;c:\windows\SysWOW64\SMITSC.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 kx1avs;Traktor Kontrol X1 Midi;c:\windows\System32\Drivers\kx1avs.sys;c:\windows\SYSNATIVE\Drivers\kx1avs.sys [x]

R3 kx1usb_svc;Traktor Kontrol X1;c:\windows\System32\Drivers\kx1usb.sys;c:\windows\SYSNATIVE\Drivers\kx1usb.sys [x]

R3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series アダプター ドライバー (64 ビット版 Windows 7 用);c:\windows\system32\DRIVERS\NETwNe64.sys;c:\windows\SYSNATIVE\DRIVERS\NETwNe64.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 ta6avs;Traktor Audio 6 WDM Audio;c:\windows\System32\Drivers\ta6avs.sys;c:\windows\SYSNATIVE\Drivers\ta6avs.sys [x]

R3 ta6usb_svc;Traktor Audio 6;c:\windows\System32\Drivers\ta6usb.sys;c:\windows\SYSNATIVE\Drivers\ta6usb.sys [x]

R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\System32\Drivers\tascusb2.sys;c:\windows\SYSNATIVE\Drivers\tascusb2.sys [x]

R3 TASCAM_US122L_MK2_MIDI;TASCAM US-122L mk2 WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys;c:\windows\SYSNATIVE\drivers\tscusb2m.sys [x]

R3 TASCAM_US122L_MK2_WDM;TASCAM US-122L mk2 WDM;c:\windows\system32\drivers\tscusb2a.sys;c:\windows\SYSNATIVE\drivers\tscusb2a.sys [x]

R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]

S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\System32\drivers\tos_sps64.sys;c:\windows\SYSNATIVE\drivers\tos_sps64.sys [x]

S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]

S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

S2 CLHNServiceForToshiba;CLHNServiceForToshiba;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe [x]

S2 DJM-900nexus_AutoSetup;DJM-900nexus_AutoSetup;c:\program files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe;c:\program files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe [x]

S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]

S2 ntk3_Toshiba;ntk3_Toshiba;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys [x]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]

S2 tmusa;Trend Micro Osprey Driver;c:\windows\system32\DRIVERS\tmusa.sys;c:\windows\SYSNATIVE\DRIVERS\tmusa.sys [x]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\Teco\TecoService.exe;c:\program files\TOSHIBA\Teco\TecoService.exe [x]

S2 Toshiba Media Server Monitor Service;Toshiba Media Server Monitor Service;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe [x]

S2 Toshiba Media Server Service;Toshiba Media Server Service;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe [x]

S2 TPCHKarteSVC;TPCHKarteSVC;c:\program files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe;c:\program files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys;c:\windows\SYSNATIVE\drivers\FwLnk.sys [x]

S3 IntcDAud;インテル® ディスプレイ用オーディオ;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]

S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys;c:\windows\SYSNATIVE\DRIVERS\tmeevw.sys [x]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-04 05:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 10:27]

.

2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 10:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TSleepSrv"="c:\program files (x86)\TOSHIBA\System Setting\TSleepSrv.exe" [2012-08-04 1548952]

"TODDMain"="c:\program files (x86)\TOSHIBA\System Setting\TODDMain.exe" [2012-08-04 213136]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-09 13261456]

"SRS Premium Sound 3D"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" [2012-07-27 2170784]

"TecoResident"="c:\program files\TOSHIBA\Teco\TecoResident.exe" [2012-08-13 169896]

"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2013-05-29 1374328]

"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2013-02-04 209712]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-05 171992]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-05 399832]

"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-05 442328]

.

------- Supplementary Scan -------

.

uStart Page = about:blank

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Microsoft Excel にエクスポート(&X) - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: OneNote に送る(&N) - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: DhcpNameServer = 192.168.1.1

obrigado:cool::D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não é aconselhável manter 2 programas de prevenção instalados. Escolha um deles e desinstale o outro:

Windows Defender

Trend Micro Titanium

O log do ComboFix está incompleto... ;)

Veja a configuração do seu Bloco de Notas, pois está com esses quadrados.

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola,fiz conforme pediste,exclui um antivirus e refiz o scan com o combofix

ComboFix 13-09-14.01 - henrique 2013/09/16 13:52:52.2.2 - x64

Microsoft Windows 8 6.2.9200.0.932.81.1041.18.3978.2206 [GMT 9:00]

Running from: c:\users\henrique\Desktop\ComboFix.exe

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\henrique\AppData\Local\Google\Chrome\User Data\Default\Preferences

c:\users\henrique\AppData\Local\Temp\9128.tmp

.

.

((((((((((((((((((((((((( Files Created from 2013-08-16 to 2013-09-16 )))))))))))))))))))))))))))))))

.

.

2013-09-16 04:58 . 2013-09-16 04:58 -------- d-----w- c:\users\henrique\AppData\Local\temp

2013-09-16 04:58 . 2013-09-16 04:58 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-09-14 05:58 . 2013-08-21 04:11 19246592 ----a-w- c:\windows\system32\mshtml.dll

2013-09-14 05:57 . 2013-08-03 04:30 4038144 ----a-w- c:\windows\system32\win32k.sys

2013-09-14 05:57 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll

2013-09-14 05:57 . 2013-08-03 06:40 462336 ----a-w- c:\windows\system32\sysmon.ocx

2013-09-14 05:57 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll

2013-09-14 05:57 . 2013-08-03 06:40 1374208 ----a-w- c:\windows\system32\wdc.dll

2013-09-14 05:57 . 2013-08-03 05:13 1245696 ----a-w- c:\windows\SysWow64\wdc.dll

2013-09-14 05:57 . 2013-08-03 05:14 399360 ----a-w- c:\windows\SysWow64\sysmon.ocx

2013-09-14 05:57 . 2013-08-03 05:13 437248 ----a-w- c:\windows\SysWow64\wvc.dll

2013-09-14 04:28 . 2013-09-14 18:47 -------- d-----w- C:\AdwCleaner

2013-09-13 10:37 . 2013-09-13 10:37 -------- d-----w- c:\windows\ERUNT

2013-09-12 13:49 . 2013-09-12 13:49 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin

2013-09-06 12:11 . 2013-09-06 12:12 -------- d-----w- c:\program files\CCleaner

2013-09-01 02:52 . 2013-09-01 02:52 234544 ----a-w- c:\windows\RegBootClean64.exe

2013-08-25 14:49 . 2013-08-25 14:49 -------- dc-h--w- c:\programdata\{18E5420F-B6DC-45F1-9618-C199435ED6E3}

2013-08-25 14:44 . 2013-08-25 14:44 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments

2013-08-25 14:44 . 2013-08-25 14:44 -------- dc-h--w- c:\programdata\{F2610326-6A40-4BBC-9FBC-7F05356A912A}

2013-08-25 14:39 . 2013-08-25 14:39 -------- d-----w- c:\program files (x86)\Pioneer

2013-08-25 14:37 . 2011-01-24 03:29 46968 ----a-w- c:\windows\system32\drivers\DJM-900nexusAudio64.sys

2013-08-25 14:37 . 2011-01-24 03:24 106496 ----a-w- c:\windows\SysWow64\DJM-900nexus_ASIO.dll

2013-08-18 15:18 . 2013-08-18 15:18 -------- dc-h--w- c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}

2013-08-18 15:18 . 2013-08-18 15:18 -------- dc-h--w- c:\programdata\{9477ED15-E4A3-4984-9B76-31F573D8EAAF}

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-09-14 18:49 . 2013-08-11 14:57 31088 ----a-w- c:\windows\SysWow64\drivers\gbpndisrd.sys

2013-09-14 06:02 . 2013-08-05 12:30 79143768 ----a-w- c:\windows\system32\MRT.exe

2013-09-05 20:09 . 2013-08-05 15:30 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-05 20:09 . 2013-08-05 15:30 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-08-05 10:06 . 2013-08-05 10:06 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-08-05 10:06 . 2013-08-05 10:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-08-04 10:18 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-07-27 03:58 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll

2013-07-13 06:18 . 2013-08-14 10:23 337408 ----a-w- c:\windows\system32\wintrust.dll

2013-07-13 06:16 . 2013-08-14 10:23 68096 ----a-w- c:\windows\system32\cryptsvc.dll

2013-07-13 06:16 . 2013-08-14 10:23 1889280 ----a-w- c:\windows\system32\crypt32.dll

2013-07-13 06:15 . 2013-08-14 10:23 124416 ----a-w- c:\windows\system32\apprepapi.dll

2013-07-13 06:15 . 2013-08-14 10:23 98304 ----a-w- c:\windows\system32\apprepsync.dll

2013-07-13 04:24 . 2013-08-14 10:23 261120 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-07-13 04:23 . 2013-08-14 10:23 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-07-13 04:23 . 2013-08-14 10:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll

2013-07-13 04:23 . 2013-08-14 10:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll

2013-07-02 00:44 . 2013-08-14 10:27 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys

2013-07-01 22:08 . 2013-08-14 10:27 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys

2013-06-19 03:27 . 2013-08-17 01:33 12800 ----a-w- c:\windows\SysWow64\SMITSC.exe

2013-06-19 03:24 . 2013-08-17 01:33 53760 ----a-w- c:\windows\SysWow64\svccontrol.exe

2013-06-19 03:24 . 2013-08-17 01:33 51712 ----a-w- c:\windows\SysWow64\svcconfig.exe

2013-06-19 03:23 . 2012-08-16 08:46 1246680 ----a-w- c:\windows\system32\pcnsl.exe

2013-06-19 03:23 . 2012-08-16 08:46 2231808 ----a-w- c:\windows\system32\dimudywi.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

"TKRTL"="c:\program files (x86)\TOSHIBA\TKRTL\KarteLite.exe" [2012-08-27 706504]

"ToshibaPlacesGadget"="c:\program files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe" [2012-08-07 2187776]

"MediaSyncAgent"="c:\program files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe" [2012-07-13 373320]

"CLMSTrayIcon"="c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe" [2013-03-18 3362568]

.

c:\users\henrique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-6 27370808]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableCursorSuppression"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2013-07-15 02:23 1410088 ------w- c:\program files (x86)\GbPlugin\gbieh.dll

.

R2 OEMRegistrationProgram;OEMRegistrationProgram;c:\program files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe;c:\program files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe [x]

R2 SMITS;SMITS;c:\windows\SysWOW64\SMITSC.exe;c:\windows\SysWOW64\SMITSC.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 kx1avs;Traktor Kontrol X1 Midi;c:\windows\System32\Drivers\kx1avs.sys;c:\windows\SYSNATIVE\Drivers\kx1avs.sys [x]

R3 kx1usb_svc;Traktor Kontrol X1;c:\windows\System32\Drivers\kx1usb.sys;c:\windows\SYSNATIVE\Drivers\kx1usb.sys [x]

R3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series アダプター ドライバー (64 ビット版 Windows 7 用);c:\windows\system32\DRIVERS\NETwNe64.sys;c:\windows\SYSNATIVE\DRIVERS\NETwNe64.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 ta6avs;Traktor Audio 6 WDM Audio;c:\windows\System32\Drivers\ta6avs.sys;c:\windows\SYSNATIVE\Drivers\ta6avs.sys [x]

R3 ta6usb_svc;Traktor Audio 6;c:\windows\System32\Drivers\ta6usb.sys;c:\windows\SYSNATIVE\Drivers\ta6usb.sys [x]

R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\System32\Drivers\tascusb2.sys;c:\windows\SYSNATIVE\Drivers\tascusb2.sys [x]

R3 TASCAM_US122L_MK2_MIDI;TASCAM US-122L mk2 WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys;c:\windows\SYSNATIVE\drivers\tscusb2m.sys [x]

R3 TASCAM_US122L_MK2_WDM;TASCAM US-122L mk2 WDM;c:\windows\system32\drivers\tscusb2a.sys;c:\windows\SYSNATIVE\drivers\tscusb2a.sys [x]

R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]

S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\System32\drivers\tos_sps64.sys;c:\windows\SYSNATIVE\drivers\tos_sps64.sys [x]

S2 CLHNServiceForToshiba;CLHNServiceForToshiba;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe [x]

S2 DJM-900nexus_AutoSetup;DJM-900nexus_AutoSetup;c:\program files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe;c:\program files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe [x]

S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]

S2 ntk3_Toshiba;ntk3_Toshiba;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys [x]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\Teco\TecoService.exe;c:\program files\TOSHIBA\Teco\TecoService.exe [x]

S2 Toshiba Media Server Monitor Service;Toshiba Media Server Monitor Service;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe [x]

S2 Toshiba Media Server Service;Toshiba Media Server Service;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe [x]

S2 TPCHKarteSVC;TPCHKarteSVC;c:\program files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe;c:\program files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys;c:\windows\SYSNATIVE\drivers\FwLnk.sys [x]

S3 IntcDAud;インテル® ディスプレイ用オーディオ;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]

S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-04 05:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 10:27]

.

2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 10:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TCrdMain"="c:\program files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe" [bU]

"TSleepSrv"="c:\program files (x86)\TOSHIBA\System Setting\TSleepSrv.exe" [2012-08-04 1548952]

"TODDMain"="c:\program files (x86)\TOSHIBA\System Setting\TODDMain.exe" [2012-08-04 213136]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-09 13261456]

"SRS Premium Sound 3D"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" [2012-07-27 2170784]

"TecoResident"="c:\program files\TOSHIBA\Teco\TecoResident.exe" [2012-08-13 169896]

"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [bU]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-05 171992]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-05 399832]

"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-05 442328]

.

------- Supplementary Scan -------

.

uStart Page = about:blank

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Microsoft Excel にエクスポート(&X) - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: OneNote に送る(&N) - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-Native Instruments Traktor Kontrol X1 - c:\programdata\{BED8681D-E6A2-4463-8EEA-09588F09C890}\Traktor Kontrol X1 Setup PC.exe

AddRemove-{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 - c:\users\henrique\AppData\Roaming\unins000.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\O*n*e*N*o*t*e* *2*0*1*0* *k0遂0\DsDriver]

"printBinNames"=multi:"\00\00"

"printCollate"=hex:00

"printColor"=hex:01

"printDuplexSupported"=hex:00

"printStaplingSupported"=hex:00

"printMaxXExtent"=dword:00000b9a

"printMaxYExtent"=dword:000010de

"printMinXExtent"=dword:000003d8

"printMinYExtent"=dword:00000771

"printMediaSupported"=multi:"Letter\00Tabloid\00Legal\00Executive\00A3\00A4\00B4 (JIS)\00B5 (JIS)\00Envelope #10\00Envelope Monarch\00\00"

"printMediaReady"=multi:"A4\00\00"

"printNumberUp"=dword:00000000

"printMemory"=dword:00008000

"printOrientationsSupported"=multi:"PORTRAIT\00LANDSCAPE\00\00"

"printMaxResolutionSupported"=dword:000004b0

"printLanguage"=multi:"\00\00"

"printRateUnit"=""

"driverVersion"=dword:00000401

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\O*n*e*N*o*t*e* *2*0*1*0* *k0遂0\DsSpooler]

"driverName"="Send To Microsoft OneNote 2010 Driver"

"portName"=multi:"nul:\00\00"

"printStartTime"=dword:00000000

"printEndTime"=dword:00000000

"printerName"="OneNote 2010 に送る"

"printKeepPrintedJobs"=hex:00

"printSpooling"="PrintAfterSpooled"

"priority"=dword:00000001

"uNCName"="\\\\WIN-78VOT1AQS93\\OneNote 2010 に送る"

"serverName"="WIN-78VOT1AQS93"

"shortServerName"="WIN-78VOT1AQS93"

"versionNumber"=dword:00000004

"flags"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\O*n*e*N*o*t*e* *2*0*1*0* *k0遂0\PrinterDriverData]

"InitDriverVersion"=dword:00000600

"Model"="Send To OneNote Driver"

"FreeMem"=hex:00,80,00,00

"PrinterDataSize"=dword:00000230

"PrinterData"=hex:00,06,30,02,81,08,00,00,00,f8,ba,01,00,00,00,00,00,00,00,00,

64,00,58,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c2,ac,90,51,01,\

"FeatureKeywordSize"=dword:00000012

"FeatureKeyword"=hex:4d,65,6d,6f,72,79,00,33,32,37,36,38,4b,42,00,0a,00,00

"Forms?"=dword:5190acc2

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TOSHIBA Corporation\q0・a0・・V*2*.*3*\{2BF395B8-CFC7-B9D6-7458-5B37EF5A3154}]

"_BEED7CC20C4945B5BDA88A0ECEEAF790"="c:\\Users\\Administrator\\AppData\\Roaming\\Toshiba\\Palachan\\"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TOSHIBA Corporation\q0・a0・・V*2*.*3*\{A7BF0CBE-C164-2BD1-2156-F82B3B163831}]

"_50E6CF6239FF4208954FD48989B896E6"="c:\\Users\\Administrator\\AppData\\Roaming\\Toshiba\\Palachan\\Graphics\\"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TOSHIBA Corporation\q0・a0・・V*2*.*3*\{FCD56C95-9083-C412-39C4-42D1A4B1530D}]

"_F4623A61FC5A4DEF8B01A0AED7BA2CCC"="c:\\Users\\Administrator\\AppData\\Roaming\\Toshiba\\"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

@SACL=(02 0000)

.

Completion time: 2013-09-16 14:01:13

ComboFix-quarantined-files.txt 2013-09-16 05:01

ComboFix2.txt 2013-09-14 05:44

.

Pre-Run: 389,550,931,968 バイトの空き領域

Post-Run: 389,560,238,080 バイトの空き領域

.

- - End Of File - - 778ACDA4BFC7D8B49451CB30BA7A964F

desde ja obrigado;)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

meu drive E: esta aparecendo uma pasta com o nome (System Volume Information) e uma outra como (recycle bin)
São pastas do Windows mesmo, mas normalmente ficam ocultas... Com a execução do ComboFix o o sistema volta para o estado default, pergunto: ainda aparecem as pastas?

Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).

  • Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está dentro do "Código":

Reglock::
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]


  • Salve este arquivo como: CFScript.txt
  • Tal com exemplificado na animação abaixo, arraste o arquivo CFScript.txt para dentro do ComboFix.exe. Quando a ferramenta terminar de rodar, gerará um log. Poste esse arquivo C:\ComboFix.txt.

2872959479_997d4500c4_o.gif

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,somente a pasta recycle bin ainda aparece:confused: sera q tem algum problema ainda?

C:\ComboFix.txt

ComboFix 13-09-19.01 - henrique 2013/09/22 12:50:36.3.2 - x64

Microsoft Windows 8 6.2.9200.0.932.81.1041.18.3978.2412 [GMT 9:00]

Running from: c:\users\henrique\Desktop\ComboFix.exe

Command switches used :: c:\users\henrique\Desktop\CFScript.txt

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2013-08-22 to 2013-09-22 )))))))))))))))))))))))))))))))

.

.

2013-09-22 04:00 . 2013-09-22 04:00 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-09-21 16:12 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91917B31-B05A-4387-8DA4-3A19971332D0}\mpengine.dll

2013-09-16 06:29 . 2013-09-04 12:58 965008 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6073A3A8-C1A0-41D7-B2A3-26B99EEA0FBD}\gapaengine.dll

2013-09-16 06:23 . 2013-05-02 15:29 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-09-16 05:01 . 2013-09-22 04:00 -------- d-----w- c:\users\henrique\AppData\Local\temp

2013-09-14 05:58 . 2013-08-21 04:11 19246592 ----a-w- c:\windows\system32\mshtml.dll

2013-09-14 05:57 . 2013-08-03 04:30 4038144 ----a-w- c:\windows\system32\win32k.sys

2013-09-14 05:57 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll

2013-09-14 05:57 . 2013-08-03 06:40 462336 ----a-w- c:\windows\system32\sysmon.ocx

2013-09-14 05:57 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll

2013-09-14 05:57 . 2013-08-03 06:40 1374208 ----a-w- c:\windows\system32\wdc.dll

2013-09-14 05:57 . 2013-08-03 05:13 1245696 ----a-w- c:\windows\SysWow64\wdc.dll

2013-09-14 05:57 . 2013-08-03 05:14 399360 ----a-w- c:\windows\SysWow64\sysmon.ocx

2013-09-14 05:57 . 2013-08-03 05:13 437248 ----a-w- c:\windows\SysWow64\wvc.dll

2013-09-14 04:28 . 2013-09-14 18:47 -------- d-----w- C:\AdwCleaner

2013-09-13 10:37 . 2013-09-13 10:37 -------- d-----w- c:\windows\ERUNT

2013-09-12 13:49 . 2013-09-12 13:49 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin

2013-09-06 12:11 . 2013-09-06 12:12 -------- d-----w- c:\program files\CCleaner

2013-09-01 02:52 . 2013-09-01 02:52 234544 ----a-w- c:\windows\RegBootClean64.exe

2013-08-25 14:49 . 2013-08-25 14:49 -------- dc-h--w- c:\programdata\{18E5420F-B6DC-45F1-9618-C199435ED6E3}

2013-08-25 14:44 . 2013-08-25 14:44 -------- d-----w- c:\program files (x86)\Common Files\Native Instruments

2013-08-25 14:44 . 2013-08-25 14:44 -------- dc-h--w- c:\programdata\{F2610326-6A40-4BBC-9FBC-7F05356A912A}

2013-08-25 14:39 . 2013-08-25 14:39 -------- d-----w- c:\program files (x86)\Pioneer

2013-08-25 14:37 . 2011-01-24 03:29 46968 ----a-w- c:\windows\system32\drivers\DJM-900nexusAudio64.sys

2013-08-25 14:37 . 2011-01-24 03:24 106496 ----a-w- c:\windows\SysWow64\DJM-900nexus_ASIO.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-09-16 05:19 . 2013-08-11 14:57 31088 ----a-w- c:\windows\SysWow64\drivers\gbpndisrd.sys

2013-09-14 06:02 . 2013-08-05 12:30 79143768 ----a-w- c:\windows\system32\MRT.exe

2013-09-05 20:09 . 2013-08-05 15:30 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-05 20:09 . 2013-08-05 15:30 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-08-05 10:06 . 2013-08-05 10:06 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-08-05 10:06 . 2013-08-05 10:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-08-04 10:18 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-07-27 03:58 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll

2013-07-13 06:18 . 2013-08-14 10:23 337408 ----a-w- c:\windows\system32\wintrust.dll

2013-07-13 06:16 . 2013-08-14 10:23 68096 ----a-w- c:\windows\system32\cryptsvc.dll

2013-07-13 06:16 . 2013-08-14 10:23 1889280 ----a-w- c:\windows\system32\crypt32.dll

2013-07-13 06:15 . 2013-08-14 10:23 124416 ----a-w- c:\windows\system32\apprepapi.dll

2013-07-13 06:15 . 2013-08-14 10:23 98304 ----a-w- c:\windows\system32\apprepsync.dll

2013-07-13 04:24 . 2013-08-14 10:23 261120 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-07-13 04:23 . 2013-08-14 10:23 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-07-13 04:23 . 2013-08-14 10:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll

2013-07-13 04:23 . 2013-08-14 10:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll

2013-07-02 00:44 . 2013-08-14 10:27 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys

2013-07-01 22:08 . 2013-08-14 10:27 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 130736 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]

"TKRTL"="c:\program files (x86)\TOSHIBA\TKRTL\KarteLite.exe" [2012-08-27 706504]

"ToshibaPlacesGadget"="c:\program files (x86)\Toshiba Places Gadget\ToshibaPlacesGadget.exe" [2012-08-07 2187776]

"MediaSyncAgent"="c:\program files (x86)\CyberLink\MediaSync\MediaSyncAgent.exe" [2012-07-13 373320]

"CLMSTrayIcon"="c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe" [2013-03-18 3362568]

.

c:\users\henrique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\henrique\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-6 27370808]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableCursorSuppression"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2013-07-15 02:23 1410088 ------w- c:\program files (x86)\GbPlugin\gbieh.dll

.

R2 OEMRegistrationProgram;OEMRegistrationProgram;c:\program files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe;c:\program files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe [x]

R2 SMITS;SMITS;c:\windows\SysWOW64\SMITSC.exe;c:\windows\SysWOW64\SMITSC.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 kx1avs;Traktor Kontrol X1 Midi;c:\windows\System32\Drivers\kx1avs.sys;c:\windows\SYSNATIVE\Drivers\kx1avs.sys [x]

R3 kx1usb_svc;Traktor Kontrol X1;c:\windows\System32\Drivers\kx1usb.sys;c:\windows\SYSNATIVE\Drivers\kx1usb.sys [x]

R3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel® Wireless WiFi Link 5000 Series アダプター ドライバー (64 ビット版 Windows 7 用);c:\windows\system32\DRIVERS\NETwNe64.sys;c:\windows\SYSNATIVE\DRIVERS\NETwNe64.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 ta6avs;Traktor Audio 6 WDM Audio;c:\windows\System32\Drivers\ta6avs.sys;c:\windows\SYSNATIVE\Drivers\ta6avs.sys [x]

R3 ta6usb_svc;Traktor Audio 6;c:\windows\System32\Drivers\ta6usb.sys;c:\windows\SYSNATIVE\Drivers\ta6usb.sys [x]

R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;c:\windows\System32\Drivers\tascusb2.sys;c:\windows\SYSNATIVE\Drivers\tascusb2.sys [x]

R3 TASCAM_US122L_MK2_MIDI;TASCAM US-122L mk2 WDM MIDI Device;c:\windows\system32\drivers\tscusb2m.sys;c:\windows\SYSNATIVE\drivers\tscusb2m.sys [x]

R3 TASCAM_US122L_MK2_WDM;TASCAM US-122L mk2 WDM;c:\windows\system32\drivers\tscusb2a.sys;c:\windows\SYSNATIVE\drivers\tscusb2a.sys [x]

S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\System32\drivers\tos_sps64.sys;c:\windows\SYSNATIVE\drivers\tos_sps64.sys [x]

S2 CLHNServiceForToshiba;CLHNServiceForToshiba;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe [x]

S2 DJM-900nexus_AutoSetup;DJM-900nexus_AutoSetup;c:\program files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe;c:\program files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe [x]

S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]

S2 ntk3_Toshiba;ntk3_Toshiba;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys [x]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\Teco\TecoService.exe;c:\program files\TOSHIBA\Teco\TecoService.exe [x]

S2 Toshiba Media Server Monitor Service;Toshiba Media Server Monitor Service;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe [x]

S2 Toshiba Media Server Service;Toshiba Media Server Service;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe;c:\program files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe [x]

S2 TPCHKarteSVC;TPCHKarteSVC;c:\program files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe;c:\program files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys;c:\windows\SYSNATIVE\drivers\FwLnk.sys [x]

S3 IntcDAud;インテル® ディスプレイ用オーディオ;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]

S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]

S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-21 15:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 10:27]

.

2013-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04 10:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-06-05 17:17 164016 ----a-w- c:\users\henrique\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TCrdMain"="c:\program files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe" [bU]

"TSleepSrv"="c:\program files (x86)\TOSHIBA\System Setting\TSleepSrv.exe" [2012-08-04 1548952]

"TODDMain"="c:\program files (x86)\TOSHIBA\System Setting\TODDMain.exe" [2012-08-04 213136]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-09 13261456]

"SRS Premium Sound 3D"="c:\program files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" [2012-07-27 2170784]

"TecoResident"="c:\program files\TOSHIBA\Teco\TecoResident.exe" [2012-08-13 169896]

"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [bU]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-05 171992]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-05 399832]

"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-05 442328]

.

------- Supplementary Scan -------

.

uStart Page = about:blank

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Microsoft Excel にエクスポート(&X) - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

IE: OneNote に送る(&N) - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: DhcpNameServer = 192.168.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-Native Instruments Traktor Kontrol X1 - c:\programdata\{BED8681D-E6A2-4463-8EEA-09588F09C890}\Traktor Kontrol X1 Setup PC.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\O*n*e*N*o*t*e* *2*0*1*0* *k0遂0\DsDriver]

"printBinNames"=multi:"\00\00"

"printCollate"=hex:00

"printColor"=hex:01

"printDuplexSupported"=hex:00

"printStaplingSupported"=hex:00

"printMaxXExtent"=dword:00000b9a

"printMaxYExtent"=dword:000010de

"printMinXExtent"=dword:000003d8

"printMinYExtent"=dword:00000771

"printMediaSupported"=multi:"Letter\00Tabloid\00Legal\00Executive\00A3\00A4\00B4 (JIS)\00B5 (JIS)\00Envelope #10\00Envelope Monarch\00\00"

"printMediaReady"=multi:"A4\00\00"

"printNumberUp"=dword:00000000

"printMemory"=dword:00008000

"printOrientationsSupported"=multi:"PORTRAIT\00LANDSCAPE\00\00"

"printMaxResolutionSupported"=dword:000004b0

"printLanguage"=multi:"\00\00"

"printRateUnit"=""

"driverVersion"=dword:00000401

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\O*n*e*N*o*t*e* *2*0*1*0* *k0遂0\DsSpooler]

"driverName"="Send To Microsoft OneNote 2010 Driver"

"portName"=multi:"nul:\00\00"

"printStartTime"=dword:00000000

"printEndTime"=dword:00000000

"printerName"="OneNote 2010 に送る"

"printKeepPrintedJobs"=hex:00

"printSpooling"="PrintAfterSpooled"

"priority"=dword:00000001

"uNCName"="\\\\WIN-78VOT1AQS93\\OneNote 2010 に送る"

"serverName"="WIN-78VOT1AQS93"

"shortServerName"="WIN-78VOT1AQS93"

"versionNumber"=dword:00000004

"flags"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\O*n*e*N*o*t*e* *2*0*1*0* *k0遂0\PrinterDriverData]

"InitDriverVersion"=dword:00000600

"Model"="Send To OneNote Driver"

"FreeMem"=hex:00,80,00,00

"PrinterDataSize"=dword:00000230

"PrinterData"=hex:00,06,30,02,81,08,00,00,00,f8,ba,01,00,00,00,00,00,00,00,00,

64,00,58,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c2,ac,90,51,01,\

"FeatureKeywordSize"=dword:00000012

"FeatureKeyword"=hex:4d,65,6d,6f,72,79,00,33,32,37,36,38,4b,42,00,0a,00,00

"Forms?"=dword:5190acc2

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TOSHIBA Corporation\q0・a0・・V*2*.*3*\{2BF395B8-CFC7-B9D6-7458-5B37EF5A3154}]

"_BEED7CC20C4945B5BDA88A0ECEEAF790"="c:\\Users\\Administrator\\AppData\\Roaming\\Toshiba\\Palachan\\"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TOSHIBA Corporation\q0・a0・・V*2*.*3*\{A7BF0CBE-C164-2BD1-2156-F82B3B163831}]

"_50E6CF6239FF4208954FD48989B896E6"="c:\\Users\\Administrator\\AppData\\Roaming\\Toshiba\\Palachan\\Graphics\\"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TOSHIBA Corporation\q0・a0・・V*2*.*3*\{FCD56C95-9083-C412-39C4-42D1A4B1530D}]

"_F4623A61FC5A4DEF8B01A0AED7BA2CCC"="c:\\Users\\Administrator\\AppData\\Roaming\\Toshiba\\"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

@SACL=(02 0000)

.

Completion time: 2013-09-22 13:14:57

ComboFix-quarantined-files.txt 2013-09-22 04:14

ComboFix2.txt 2013-09-16 05:01

ComboFix3.txt 2013-09-14 05:44

.

Pre-Run: 387,334,987,776 バイトの空き領域

Post-Run: 387,277,238,272 バイトの空き領域

.

- - End Of File - - 5341C5E78BBA38F9A211D09A64174FDD

obrigado :);)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

a pasta recycle bin ainda aparece sera q tem algum problema ainda?
Creio que não... é a lixeira :) Mas se quiser pode ocultá-la ;)

Faça o download do MBRscan e salve em seu Desktop

  • Clique duas vezes no MbrScan.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Na janela que abrir clique no botão Scan e aguarde
  • Quando o scan finalizar clique no botão Report... será aberto um relatório
  • Copie todo o conteúdo e cole em sua próxima resposta

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,abaixo o log do mbrscan;)


MBRScan v1.1.1

OS : Windows 8 (64 bit)
PROCESSOR : Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
BOOT : Normal Boot
DATE : 2013/09/23 (ISO 8601) at 12:59:21
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __TOSHIBA MK6475GSX (GT001M)
BUS_TYPE : (0x0B) S-ATA
USE_PIO : YES
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : dword aligned
________________________________________________________________________________

Device\Harddisk0\DR0 596.2 Go [Fixed] ==> Unknown MBR Code...

MBR_MD5 : A84DD93B5B19931CEADDBCCC47850486
MBR_SHA1 : B0944268147995B9E49E326C04D7E26FE43632AA

Device\Harddisk0\Partition1 2.00 To 0xEE EFI GPT[1]
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\windows\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0x59C0D000
SIZE : 7.30 Mo

DRIVER : C:\windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x5A359000
SIZE : 432.0 Ko

DRIVER : C:\windows\system32\kd.dll => Invisible on the disk
ADDRESS : 0x58EBD000
SIZE : 36.0 Ko

DRIVER : C:\windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CA5000
SIZE : 380.0 Ko

DRIVER : C:\windows\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D04000
SIZE : 368.0 Ko

DRIVER : C:\windows\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0x00D60000
SIZE : 140.0 Ko

DRIVER : C:\windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 508.0 Ko

DRIVER : C:\windows\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01064000
SIZE : 396.0 Ko

DRIVER : C:\windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x010C7000
SIZE : 776.0 Ko

DRIVER : C:\windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x01189000
SIZE : 64.0 Ko

DRIVER : C:\windows\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0x01199000
SIZE : 92.0 Ko

DRIVER : C:\windows\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0x011B0000
SIZE : 44.0 Ko

DRIVER : C:\windows\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00E01000
SIZE : 436.0 Ko

DRIVER : C:\windows\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00E6E000
SIZE : 40.0 Ko

DRIVER : C:\windows\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00E78000
SIZE : 40.0 Ko

DRIVER : C:\windows\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00E82000
SIZE : 244.0 Ko

DRIVER : C:\windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x00EBF000
SIZE : 560.0 Ko

DRIVER : C:\windows\system32\drivers\tpm.sys => Invisible on the disk
ADDRESS : 0x00F4B000
SIZE : 160.0 Ko

DRIVER : C:\windows\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00F7E000
SIZE : 52.0 Ko

DRIVER : C:\windows\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0x00F8B000
SIZE : 92.0 Ko

DRIVER : C:\windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FA2000
SIZE : 104.0 Ko

DRIVER : C:\windows\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE : 292.0 Ko

DRIVER : C:\windows\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00FBC000
SIZE : 96.0 Ko

DRIVER : C:\windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x0127B000
SIZE : 384.0 Ko

DRIVER : C:\windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x012DB000
SIZE : 104.0 Ko

DRIVER : C:\windows\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0x01445000
SIZE : 2.79 Mo

DRIVER : C:\windows\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x0170F000
SIZE : 340.0 Ko

DRIVER : C:\windows\System32\drivers\EhStorClass.sys => Invisible on the disk
ADDRESS : 0x01764000
SIZE : 104.0 Ko

DRIVER : C:\windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0177E000
SIZE : 384.0 Ko

DRIVER : C:\windows\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x017DE000
SIZE : 80.0 Ko

DRIVER : C:\windows\system32\drivers\WdFilter.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE : 244.0 Ko

DRIVER : C:\windows\System32\Drivers\PxHlpa64.sys => Invisible on the disk
ADDRESS : 0x017F2000
SIZE : 52.0 Ko

DRIVER : C:\windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01A9A000
SIZE : 1.89 Mo

DRIVER : C:\windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01C7D000
SIZE : 108.0 Ko

DRIVER : C:\windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01C98000
SIZE : 68.0 Ko

DRIVER : C:\windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01CA9000
SIZE : 40.0 Ko

DRIVER : C:\windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01CB3000
SIZE : 1004.0 Ko

DRIVER : C:\windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01A00000
SIZE : 444.0 Ko

DRIVER : C:\windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01DAE000
SIZE : 188.0 Ko

DRIVER : C:\windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01EFF000
SIZE : 2.22 Mo

DRIVER : C:\windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x02138000
SIZE : 416.0 Ko

DRIVER : C:\windows\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0x021A0000
SIZE : 108.0 Ko

DRIVER : C:\windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01E00000
SIZE : 472.0 Ko

DRIVER : C:\windows\System32\drivers\wd.sys => Invisible on the disk
ADDRESS : 0x01E76000
SIZE : 36.0 Ko

DRIVER : C:\windows\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01E7F000
SIZE : 336.0 Ko

DRIVER : C:\windows\System32\drivers\tos_sps64.sys => Invisible on the disk
ADDRESS : 0x012F5000
SIZE : 504.0 Ko

DRIVER : C:\windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x021BB000
SIZE : 236.0 Ko

DRIVER : C:\windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01ED3000
SIZE : 92.0 Ko

DRIVER : C:\windows\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01DDD000
SIZE : 112.0 Ko

DRIVER : C:\windows\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01373000
SIZE : 336.0 Ko

DRIVER : C:\windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x01EEA000
SIZE : 80.0 Ko

DRIVER : C:\windows\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x03CEF000
SIZE : 196.0 Ko

DRIVER : C:\windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x03D20000
SIZE : 36.0 Ko

DRIVER : C:\windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x03D29000
SIZE : 32.0 Ko

DRIVER : C:\windows\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0x03D31000
SIZE : 52.0 Ko

DRIVER : C:\windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x03E4F000
SIZE : 1.41 Mo

DRIVER : C:\windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x03FB8000
SIZE : 68.0 Ko

DRIVER : C:\windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE : 312.0 Ko

DRIVER : C:\windows\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0x03FC9000
SIZE : 68.0 Ko

DRIVER : C:\windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x03FDA000
SIZE : 72.0 Ko

DRIVER : C:\windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x03FEC000
SIZE : 48.0 Ko

DRIVER : C:\windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x03D3E000
SIZE : 136.0 Ko

DRIVER : C:\windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x03D60000
SIZE : 56.0 Ko

DRIVER : C:\windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x03D6E000
SIZE : 48.0 Ko

DRIVER : C:\windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03D7A000
SIZE : 352.0 Ko

DRIVER : C:\windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03614000
SIZE : 584.0 Ko

DRIVER : C:\windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x036A6000
SIZE : 168.0 Ko

DRIVER : C:\windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x036D0000
SIZE : 88.0 Ko

DRIVER : C:\windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x036E6000
SIZE : 64.0 Ko

DRIVER : C:\windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x036F6000
SIZE : 460.0 Ko

DRIVER : C:\windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03769000
SIZE : 104.0 Ko

DRIVER : C:\windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03783000
SIZE : 56.0 Ko

DRIVER : C:\windows\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0x03791000
SIZE : 48.0 Ko

DRIVER : C:\windows\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x0379D000
SIZE : 48.0 Ko

DRIVER : C:\windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x037A9000
SIZE : 68.0 Ko

DRIVER : C:\windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x037BA000
SIZE : 132.0 Ko

DRIVER : C:\windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x037ED000
SIZE : 48.0 Ko

DRIVER : C:\windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x013C7000
SIZE : 188.0 Ko

DRIVER : C:\windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x03DD2000
SIZE : 120.0 Ko

DRIVER : C:\windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x01A7C000
SIZE : 96.0 Ko

DRIVER : C:\windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE : 176.0 Ko

DRIVER : C:\windows\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x03600000
SIZE : 60.0 Ko

DRIVER : C:\windows\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0x037DB000
SIZE : 44.0 Ko

DRIVER : C:\windows\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x0122C000
SIZE : 72.0 Ko

DRIVER : C:\windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x042D9000
SIZE : 5.11 Mo

DRIVER : C:\windows\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0x04200000
SIZE : 348.0 Ko

DRIVER : C:\windows\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0x04257000
SIZE : 224.0 Ko

DRIVER : C:\windows\System32\drivers\HECIx64.sys => Invisible on the disk
ADDRESS : 0x0428F000
SIZE : 76.0 Ko

DRIVER : C:\windows\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x042A2000
SIZE : 88.0 Ko

DRIVER : C:\windows\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x04041000
SIZE : 492.0 Ko

DRIVER : C:\windows\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x040BC000
SIZE : 88.0 Ko

DRIVER : C:\windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x040D2000
SIZE : 220.0 Ko

DRIVER : C:\windows\system32\DRIVERS\L1C63x64.sys => Invisible on the disk
ADDRESS : 0x04109000
SIZE : 120.0 Ko

DRIVER : C:\windows\system32\DRIVERS\rtwlane.sys => Invisible on the disk
ADDRESS : 0x04A92000
SIZE : 1.52 Mo

DRIVER : C:\windows\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0x04C16000
SIZE : 52.0 Ko

DRIVER : C:\windows\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x04C23000
SIZE : 128.0 Ko

DRIVER : C:\windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0x04C43000
SIZE : 460.0 Ko

DRIVER : C:\windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x04CB6000
SIZE : 44.0 Ko

DRIVER : C:\windows\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04CC1000
SIZE : 60.0 Ko

DRIVER : C:\windows\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x04CD0000
SIZE : 60.0 Ko

DRIVER : C:\windows\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x04CDF000
SIZE : 28.0 Ko

DRIVER : C:\windows\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x04CE6000
SIZE : 48.0 Ko

DRIVER : C:\windows\system32\DRIVERS\tdcmdpst.sys => Invisible on the disk
ADDRESS : 0x04CF2000
SIZE : 48.0 Ko

DRIVER : C:\windows\system32\DRIVERS\Smb_driver_Intel.sys => Invisible on the disk
ADDRESS : 0x04CFE000
SIZE : 60.0 Ko

DRIVER : C:\windows\System32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x04D0D000
SIZE : 40.0 Ko

DRIVER : C:\windows\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x04D17000
SIZE : 112.0 Ko

DRIVER : C:\windows\System32\drivers\FwLnk.sys => Invisible on the disk
ADDRESS : 0x04D33000
SIZE : 36.0 Ko

DRIVER : C:\windows\System32\drivers\TVALZ_O.SYS => Invisible on the disk
ADDRESS : 0x04D3C000
SIZE : 48.0 Ko

DRIVER : C:\windows\system32\DRIVERS\TVALZFL.sys => Invisible on the disk
ADDRESS : 0x04D48000
SIZE : 32.0 Ko

DRIVER : C:\windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x04D50000
SIZE : 132.0 Ko

DRIVER : C:\windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04D71000
SIZE : 148.0 Ko

DRIVER : C:\windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x04D96000
SIZE : 104.0 Ko

DRIVER : C:\windows\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x04DB0000
SIZE : 8.0 Ko

DRIVER : C:\windows\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE : 316.0 Ko

DRIVER : C:\windows\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x04A4F000
SIZE : 44.0 Ko

DRIVER : C:\windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x04A5A000
SIZE : 80.0 Ko

DRIVER : C:\windows\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x04127000
SIZE : 504.0 Ko

DRIVER : C:\windows\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0x05435000
SIZE : 460.0 Ko

DRIVER : C:\windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x056F6000
SIZE : 3.09 Mo

DRIVER : C:\windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x05A0D000
SIZE : 300.0 Ko

DRIVER : C:\windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x05A58000
SIZE : 136.0 Ko

DRIVER : C:\windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x05A7A000
SIZE : 24.0 Ko

DRIVER : C:\windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0x05A80000
SIZE : 352.0 Ko

DRIVER : C:\windows\System32\drivers\Thotkey.sys => Invisible on the disk
ADDRESS : 0x05AD8000
SIZE : 52.0 Ko

DRIVER : C:\windows\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0x05AE5000
SIZE : 36.0 Ko

DRIVER : C:\windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x05AEE000
SIZE : 108.0 Ko

DRIVER : C:\windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x05B09000
SIZE : 32.0 Ko

DRIVER : C:\windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x05B11000
SIZE : 52.0 Ko

DRIVER : C:\windows\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0x03A00000
SIZE : 2.79 Mo

DRIVER : C:\windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x05B1E000
SIZE : 80.0 Ko

DRIVER : C:\windows\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0x05B32000
SIZE : 140.0 Ko

DRIVER : C:\windows\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x05B55000
SIZE : 52.0 Ko

DRIVER : C:\windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x0019C000
SIZE : 3.94 Mo

DRIVER : C:\windows\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0x05B62000
SIZE : 48.0 Ko

DRIVER : C:\windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x007F1000
SIZE : 36.0 Ko

DRIVER : C:\windows\System32\drivers\monitor.sys => Invisible on the disk
ADDRESS : 0x05B6E000
SIZE : 56.0 Ko

DRIVER : C:\windows\System32\Drivers\RtsUVStor.sys => Invisible on the disk
ADDRESS : 0x05B7C000
SIZE : 320.0 Ko

DRIVER : C:\windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00872000
SIZE : 216.0 Ko

DRIVER : C:\windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x05BCC000
SIZE : 208.0 Ko

DRIVER : C:\windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x05600000
SIZE : 160.0 Ko

DRIVER : C:\windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x05628000
SIZE : 80.0 Ko

DRIVER : C:\windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x0563C000
SIZE : 440.0 Ko

DRIVER : C:\windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x056AA000
SIZE : 80.0 Ko

DRIVER : C:\windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x056BE000
SIZE : 96.0 Ko

DRIVER : C:\windows\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0x056D6000
SIZE : 52.0 Ko

DRIVER : C:\windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x054A8000
SIZE : 892.0 Ko

DRIVER : C:\windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x05587000
SIZE : 128.0 Ko

DRIVER : C:\windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x055A7000
SIZE : 92.0 Ko

DRIVER : C:\windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x0EE21000
SIZE : 396.0 Ko

DRIVER : C:\windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x0EE84000
SIZE : 300.0 Ko

DRIVER : C:\windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x0EECF000
SIZE : 236.0 Ko

DRIVER : C:\windows\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0x0EF0A000
SIZE : 112.0 Ko

DRIVER : C:\windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x0EF4A000
SIZE : 40.0 Ko

DRIVER : C:\windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x0F084000
SIZE : 816.0 Ko

DRIVER : C:\windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x0F150000
SIZE : 44.0 Ko

DRIVER : C:\windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x0F15B000
SIZE : 272.0 Ko

DRIVER : C:\windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0F19F000
SIZE : 72.0 Ko

DRIVER : C:\windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x0EF54000
SIZE : 644.0 Ko

DRIVER : C:\windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x0F4EE000
SIZE : 564.0 Ko

DRIVER : C:\windows\system32\drivers\MSPQM.sys => Invisible on the disk
ADDRESS : 0x0F57B000
SIZE : 8.0 Ko

DRIVER : C:\windows\system32\drivers\MSPCLOCK.sys => Invisible on the disk
ADDRESS : 0x0F57D000
SIZE : 8.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions : NOEXECUTE=OPTIN NOVGA

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001C0 02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00 ..î.............
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

Faça o download do RootkitRevealer e salve em seu desktop.

  • Descompacte o arquivo;
  • Clique duas vezes em rootkitrevealer.exe;
  • Clique no botão Agree;
  • Depois clique no botão Scan abaixo e à direita;
  • Não faça nada enquanto o scan estiver sendo executado;
  • Ao término vá em File > Save, escolha Desktop e salve.
  • Abra o log rootkitrevealer.txt que acabou de salvar;
  • Copie todo o conteúdo e poste em sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,esse link para download do RootkitRevealer abre dando error :(

andei pesquisando pela net e andei vendo em alguns foruns que ele nao roda em win64 :( sera que pode ser este o problema???

obrigado:)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

Faça o donwload do RootRepeal e salve em seu Desktop.

Link alternativo

  • Faça um backup de todos arquivos/documento que julgar importante.
  • Desative todos programas de proteção (antivírus, SpyBot etc).
  • Clique duas vezes no ícone 4060533379_3b74fa6c08_o.gif
  • Clique na aba Report abaixo;
  • Clique em 4060533623_ca5a6d858c_o.jpg

  • Deixe tudo selecionado conforme figura abaixo e clique em OK:

4060573227_dddd42043a_o.jpg
  • Selecione a(s) unidade(s) a ser(em) scaneada(s):

4061276756_59b6b98010_o.jpg

  • Clique em OK para dar início ao scan;
  • Aguarde o fim do scan;
  • Ao término aparecerá o relatório;
  • Clique em 4061276844_dab7f45988_o.jpg
  • De o nome de RootRepeal e salve no Desktop;
  • Poste todo conteúdo em sua próxima resposta.
  • Note: irá surgir no desktop um arquivo chamado Settings, ao fim deste tópico pode deletá-lo.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

O problema não está no fato de ser x64 e sim no Windows 8. Mas este aqui funciona ;)

Observação:
leia com atenção todo o procedimento antes de executar a ferramenta.

  • Faça o download aswMBR e salve-o em seu Desktop;
  • Clique duas vezes em aswMBR.exe para iniciar a ferramenta;
    • (usuários do Vista/Windows 7/8 - clique com o botão direito do mouse e execute como administrador)

  • Surgirá uma janela de aviso para atualizar o banco de dados, clique em Sim;
  • Clique em Scan
  • Após a conclusão Scan finished sucessfully, clique em Save log para salvá-lo em seu Desktop,
  • Clique em Exit para sair do programa;
  • Atenção: NÃO clique no botão Fix, apenas aguarde pelos próximos procedimentos.
  • Irá notar no Desktop um outro arquivo chamado MBR.dat.
  • Não delete esse arquivo, pois é um arquivo de backup.
  • Antes de enviar seu log siga os procedimentos abaixo:
    • Clique em cima do arquivo MBR.dat com o botão direito do mouse e compacte-o (zip ou rar);
    • Ao enviar o log anexe esse arquivo também na sua resposta!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,so consegui fazer o scan,na hora de anexar o arquivo,o mesmo da error :(

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-10-01 21:25:48

-----------------------------

21:25:48.261 OS Version: Windows x64 6.2.9200

21:25:48.261 Number of processors: 2 586 0x2A07

21:25:48.276 ComputerName: HENRIQUE UserName: henrique

21:25:48.276 Initialze error 1

21:26:10.653 AVAST engine defs: 13100100

21:27:28.172 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000036

21:27:28.172 Disk 0 Vendor: TOSHIBA_MK6475GSX GT001M Size: 610480MB BusType: 11

21:27:28.188 Disk 0 MBR read successfully

21:27:28.188 Disk 0 MBR scan

21:27:28.203 Disk 0 unknown MBR code

21:27:28.203 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1

21:27:28.203 Disk 0 scanning C:\windows\system32\drivers

21:27:28.203 Service scanning

21:27:28.735 Modules scanning

21:27:28.735 Disk 0 trace - called modules:

21:27:28.750 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys

21:27:28.766 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005e0f420]

21:27:28.766 3 CLASSPNP.SYS[fffff88001374e0a] -> nt!IofCallDriver -> \Device\00000036[0xfffffa80041de060]

21:27:28.782 AVAST engine scan C:\windows

21:27:28.782 AVAST engine scan C:\windows\system32

21:27:28.782 AVAST engine scan C:\windows\system32\drivers

21:27:28.782 AVAST engine scan C:\Users\henrique

21:27:28.797 AVAST engine scan C:\ProgramData

21:27:28.797 Scan finished successfully

21:27:44.595 Disk 0 MBR has been saved successfully to "C:\Users\henrique\Desktop\MBR.dat"

21:27:44.611 The log file has been saved successfully to "C:\Users\henrique\Desktop\aswMBR.txt"

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

Normal... mas quero dar uma verificada em algo particular, vejamos:

  • Faça download do TDSSKiller e salve no seu desktop (área de trabalho).
  • Extraia o conteúdo no próprio desktop e tenha certeza de que o arquivo TDSSKiller.exe (o conteúdo do arquivo zipado) esteja no desktop e não dentro de uma pasta.
  • Vá em Iniciar > Executar e copie e cole o seguinte comando na caixa de texto (inclua as aspas) e depois pressione Ok.

"%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v

  • Se aparecer a seguinte mensagem de texto "Hidden service detected" NÃO digite nada. Apenas pressioner ENTER no teclado para não fazer nada com o arquivo.
  • Quando acabar, um log será criado em sua unidade C: chamado "TDSSKiller.txt", copie e cole o conteúdo deste arquivo em sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,ao fazer o download do tdsskiller o mesmo ja veio descompactado,

apos inserir o comando no executar somente esta janela se abriu com esses dados :)

esta mensagem de texto "Hidden service detected" nao se abriu eo log tambem nao foi criado.

desde ja obrigado ;)

post-1062101-13884966853373_thumb.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

ok,abaixo o log :)

23:31:51.0993 2740 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

23:31:51.0993 2740 UEFI system

23:31:52.0677 2740 ============================================================

23:31:52.0677 2740 Current date / time: 2013/10/06 23:31:52.0677

23:31:52.0677 2740 SystemInfo:

23:31:52.0677 2740

23:31:52.0677 2740 OS Version: 6.2.9200 ServicePack: 0.0

23:31:52.0677 2740 Product type: Workstation

23:31:52.0677 2740 ComputerName: HENRIQUE

23:31:52.0678 2740 UserName: henrique

23:31:52.0678 2740 Windows directory: C:\windows

23:31:52.0678 2740 System windows directory: C:\windows

23:31:52.0678 2740 Running under WOW64

23:31:52.0678 2740 Processor architecture: Intel x64

23:31:52.0678 2740 Number of processors: 2

23:31:52.0678 2740 Page size: 0x1000

23:31:52.0678 2740 Boot type: Normal boot

23:31:52.0678 2740 ============================================================

23:31:53.0694 2740 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

23:31:53.0698 2740 ============================================================

23:31:53.0698 2740 \Device\Harddisk0\DR0:

23:31:53.0698 2740 GPT partitions:

23:31:53.0698 2740 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D774B115-0D11-11E2-B8FA-D4CBC729EBD1}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000

23:31:53.0699 2740 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D774B11D-0D11-11E2-B8FA-D4CBC729EBD1}, Name: Basic data partition, StartLBA 0xE1800, BlocksNum 0x82000

23:31:53.0699 2740 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D774B11F-0D11-11E2-B8FA-D4CBC729EBD1}, Name: Basic data partition, StartLBA 0x163800, BlocksNum 0x40000

23:31:53.0699 2740 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D774B127-0D11-11E2-B8FA-D4CBC729EBD1}, Name: Basic data partition, StartLBA 0x1A3800, BlocksNum 0x42412000

23:31:53.0699 2740 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {14D8AAE9-E5CD-474B-A9C2-78FAD20DB30D}, Name: Basic data partition, StartLBA 0x425B5800, BlocksNum 0x6400000

23:31:53.0699 2740 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2F1055DC-57A4-4708-A262-D86C91A2CCDB}, Name: Basic data partition, StartLBA 0x489B5800, BlocksNum 0x1EA2800

23:31:53.0699 2740 MBR partitions:

23:31:53.0699 2740 ============================================================

23:31:53.0724 2740 C: <-> \Device\Harddisk0\DR0\Partition4

23:31:53.0777 2740 E: <-> \Device\Harddisk0\DR0\Partition5

23:31:53.0777 2740 ============================================================

23:31:53.0777 2740 Initialize success

23:31:53.0777 2740 ============================================================

23:31:56.0421 5744 ============================================================

23:31:56.0421 5744 Scan started

23:31:56.0421 5744 Mode: Manual;

23:31:56.0421 5744 ============================================================

23:31:56.0800 5744 ================ Scan system memory ========================

23:31:56.0800 5744 System memory - ok

23:31:56.0802 5744 ================ Scan services =============================

23:31:56.0959 5744 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys

23:31:56.0963 5744 1394ohci - ok

23:31:56.0980 5744 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\windows\system32\drivers\3ware.sys

23:31:56.0982 5744 3ware - ok

23:31:57.0026 5744 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\windows\system32\drivers\ACPI.sys

23:31:57.0029 5744 ACPI - ok

23:31:57.0047 5744 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\windows\system32\Drivers\acpiex.sys

23:31:57.0048 5744 acpiex - ok

23:31:57.0060 5744 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\windows\System32\drivers\acpipagr.sys

23:31:57.0061 5744 acpipagr - ok

23:31:57.0093 5744 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys

23:31:57.0094 5744 AcpiPmi - ok

23:31:57.0101 5744 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\windows\System32\drivers\acpitime.sys

23:31:57.0101 5744 acpitime - ok

23:31:57.0164 5744 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

23:31:57.0165 5744 AdobeARMservice - ok

23:31:57.0191 5744 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\windows\system32\drivers\adp94xx.sys

23:31:57.0196 5744 adp94xx - ok

23:31:57.0209 5744 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\windows\system32\drivers\adpahci.sys

23:31:57.0212 5744 adpahci - ok

23:31:57.0239 5744 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\windows\system32\drivers\adpu320.sys

23:31:57.0241 5744 adpu320 - ok

23:31:57.0287 5744 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\windows\System32\aelupsvc.dll

23:31:57.0289 5744 AeLookupSvc - ok

23:31:57.0345 5744 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\windows\system32\drivers\afd.sys

23:31:57.0349 5744 AFD - ok

23:31:57.0372 5744 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\windows\system32\drivers\agp440.sys

23:31:57.0373 5744 agp440 - ok

23:31:57.0403 5744 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\windows\System32\alg.exe

23:31:57.0404 5744 ALG - ok

23:31:57.0437 5744 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll

23:31:57.0439 5744 AllUserInstallAgent - ok

23:31:57.0474 5744 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\windows\System32\drivers\amdk8.sys

23:31:57.0475 5744 AmdK8 - ok

23:31:57.0489 5744 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\windows\System32\drivers\amdppm.sys

23:31:57.0490 5744 AmdPPM - ok

23:31:57.0506 5744 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\windows\system32\drivers\amdsata.sys

23:31:57.0507 5744 amdsata - ok

23:31:57.0531 5744 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\windows\system32\drivers\amdsbs.sys

23:31:57.0533 5744 amdsbs - ok

23:31:57.0555 5744 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\windows\system32\drivers\amdxata.sys

23:31:57.0556 5744 amdxata - ok

23:31:57.0575 5744 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\windows\system32\drivers\appid.sys

23:31:57.0576 5744 AppID - ok

23:31:57.0607 5744 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\windows\System32\appidsvc.dll

23:31:57.0608 5744 AppIDSvc - ok

23:31:57.0637 5744 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\windows\System32\appinfo.dll

23:31:57.0638 5744 Appinfo - ok

23:31:57.0658 5744 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\windows\system32\drivers\arc.sys

23:31:57.0659 5744 arc - ok

23:31:57.0683 5744 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\windows\system32\drivers\arcsas.sys

23:31:57.0684 5744 arcsas - ok

23:31:57.0700 5744 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

23:31:57.0701 5744 AsyncMac - ok

23:31:57.0721 5744 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\windows\system32\drivers\atapi.sys

23:31:57.0721 5744 atapi - ok

23:31:57.0770 5744 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll

23:31:57.0771 5744 AudioEndpointBuilder - ok

23:31:57.0813 5744 [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv C:\windows\System32\Audiosrv.dll

23:31:57.0819 5744 Audiosrv - ok

23:31:57.0842 5744 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\windows\System32\AxInstSV.dll

23:31:57.0843 5744 AxInstSV - ok

23:31:57.0867 5744 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

23:31:57.0871 5744 b06bdrv - ok

23:31:57.0899 5744 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys

23:31:57.0900 5744 BasicDisplay - ok

23:31:57.0914 5744 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\windows\System32\drivers\BasicRender.sys

23:31:57.0914 5744 BasicRender - ok

23:31:57.0949 5744 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\windows\System32\bdesvc.dll

23:31:57.0951 5744 BDESVC - ok

23:31:57.0970 5744 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\windows\system32\drivers\Beep.sys

23:31:57.0970 5744 Beep - ok

23:31:58.0026 5744 [ 73133A0C0CA63817BFF2CB9DE65B64E7 ] BFE C:\windows\System32\bfe.dll

23:31:58.0031 5744 BFE - ok

23:31:58.0108 5744 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\windows\system32\qmgr.dll

23:31:58.0124 5744 BITS - ok

23:31:58.0154 5744 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\windows\system32\DRIVERS\bowser.sys

23:31:58.0155 5744 bowser - ok

23:31:58.0211 5744 [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\windows\System32\bisrv.dll

23:31:58.0213 5744 BrokerInfrastructure - ok

23:31:58.0252 5744 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\windows\System32\browser.dll

23:31:58.0253 5744 Browser - ok

23:31:58.0277 5744 [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys

23:31:58.0278 5744 BthAvrcpTg - ok

23:31:58.0336 5744 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys

23:31:58.0337 5744 BthHFEnum - ok

23:31:58.0412 5744 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys

23:31:58.0413 5744 bthhfhid - ok

23:31:58.0461 5744 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys

23:31:58.0462 5744 BTHMODEM - ok

23:31:58.0487 5744 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\windows\system32\bthserv.dll

23:31:58.0488 5744 bthserv - ok

23:31:58.0495 5744 catchme - ok

23:31:58.0511 5744 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

23:31:58.0513 5744 cdfs - ok

23:31:58.0561 5744 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\windows\System32\drivers\cdrom.sys

23:31:58.0563 5744 cdrom - ok

23:31:58.0580 5744 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\windows\System32\certprop.dll

23:31:58.0581 5744 CertPropSvc - ok

23:31:58.0605 5744 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\windows\System32\drivers\circlass.sys

23:31:58.0606 5744 circlass - ok

23:31:58.0635 5744 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\windows\system32\drivers\CLFS.sys

23:31:58.0639 5744 CLFS - ok

23:31:58.0734 5744 [ F54C8ABB9CB9AE8CABE5A13B76910F70 ] CLHNServiceForToshiba C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe

23:31:58.0736 5744 CLHNServiceForToshiba - ok

23:31:58.0811 5744 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\windows\System32\drivers\CmBatt.sys

23:31:58.0812 5744 CmBatt - ok

23:31:58.0852 5744 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\windows\system32\Drivers\cng.sys

23:31:58.0857 5744 CNG - ok

23:31:58.0895 5744 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys

23:31:58.0896 5744 CompositeBus - ok

23:31:58.0901 5744 COMSysApp - ok

23:31:58.0918 5744 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\windows\system32\drivers\condrv.sys

23:31:58.0918 5744 condrv - ok

23:31:59.0011 5744 [ A616A05DC462E07DFC2AC8E495F56391 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe

23:31:59.0015 5744 cphs - ok

23:31:59.0053 5744 [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc C:\windows\system32\cryptsvc.dll

23:31:59.0054 5744 CryptSvc - ok

23:31:59.0096 5744 [ FAEF4C245BE832DB41B15DAAC336AFB7 ] dam C:\windows\system32\drivers\dam.sys

23:31:59.0097 5744 dam - ok

23:31:59.0150 5744 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\windows\system32\rpcss.dll

23:31:59.0160 5744 DcomLaunch - ok

23:31:59.0199 5744 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\windows\System32\defragsvc.dll

23:31:59.0203 5744 defragsvc - ok

23:31:59.0225 5744 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll

23:31:59.0229 5744 DeviceAssociationService - ok

23:31:59.0270 5744 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\windows\system32\umpnpmgr.dll

23:31:59.0273 5744 DeviceInstall - ok

23:31:59.0310 5744 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\windows\system32\Drivers\dfsc.sys

23:31:59.0311 5744 Dfsc - ok

23:31:59.0345 5744 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys

23:31:59.0346 5744 dg_ssudbus - ok

23:31:59.0381 5744 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\windows\system32\dhcpcore.dll

23:31:59.0384 5744 Dhcp - ok

23:31:59.0397 5744 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\windows\system32\drivers\discache.sys

23:31:59.0398 5744 discache - ok

23:31:59.0428 5744 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\windows\system32\drivers\disk.sys

23:31:59.0429 5744 disk - ok

23:31:59.0511 5744 [ 83B903F28572378F9261F119A9DE5F4D ] DJM-900nexus_AutoSetup C:\Program Files (x86)\Pioneer\DJM-900nexus\DJM-900nexus_AutoSetup.exe

23:31:59.0513 5744 DJM-900nexus_AutoSetup - ok

23:31:59.0558 5744 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\windows\System32\drivers\dmvsc.sys

23:31:59.0560 5744 dmvsc - ok

23:31:59.0612 5744 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\windows\System32\dnsrslvr.dll

23:31:59.0615 5744 Dnscache - ok

23:31:59.0657 5744 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\windows\System32\dot3svc.dll

23:31:59.0660 5744 dot3svc - ok

23:31:59.0682 5744 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\windows\system32\dps.dll

23:31:59.0684 5744 DPS - ok

23:31:59.0709 5744 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\windows\system32\drivers\drmkaud.sys

23:31:59.0710 5744 drmkaud - ok

23:31:59.0739 5744 [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc C:\windows\System32\DeviceSetupManager.dll

23:31:59.0741 5744 DsmSvc - ok

23:31:59.0807 5744 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

23:31:59.0826 5744 DXGKrnl - ok

23:31:59.0850 5744 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\windows\System32\eapsvc.dll

23:31:59.0852 5744 Eaphost - ok

23:31:59.0968 5744 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\windows\system32\drivers\evbda.sys

23:31:59.0995 5744 ebdrv - ok

23:32:00.0033 5744 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\windows\System32\lsass.exe

23:32:00.0034 5744 EFS - ok

23:32:00.0065 5744 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys

23:32:00.0066 5744 EhStorClass - ok

23:32:00.0079 5744 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys

23:32:00.0080 5744 EhStorTcgDrv - ok

23:32:00.0108 5744 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\windows\System32\drivers\errdev.sys

23:32:00.0109 5744 ErrDev - ok

23:32:00.0148 5744 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\windows\system32\es.dll

23:32:00.0153 5744 EventSystem - ok

23:32:00.0184 5744 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\windows\system32\drivers\exfat.sys

23:32:00.0185 5744 exfat - ok

23:32:00.0203 5744 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\windows\system32\drivers\fastfat.sys

23:32:00.0204 5744 fastfat - ok

23:32:00.0232 5744 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\windows\system32\fxssvc.exe

23:32:00.0238 5744 Fax - ok

23:32:00.0261 5744 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\windows\System32\drivers\fdc.sys

23:32:00.0262 5744 fdc - ok

23:32:00.0284 5744 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\windows\system32\fdPHost.dll

23:32:00.0285 5744 fdPHost - ok

23:32:00.0302 5744 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\windows\system32\fdrespub.dll

23:32:00.0303 5744 FDResPub - ok

23:32:00.0344 5744 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\windows\system32\fhsvc.dll

23:32:00.0345 5744 fhsvc - ok

23:32:00.0364 5744 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

23:32:00.0365 5744 FileInfo - ok

23:32:00.0395 5744 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\windows\system32\drivers\filetrace.sys

23:32:00.0395 5744 Filetrace - ok

23:32:00.0407 5744 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\windows\System32\drivers\flpydisk.sys

23:32:00.0408 5744 flpydisk - ok

23:32:00.0438 5744 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\windows\system32\drivers\fltmgr.sys

23:32:00.0440 5744 FltMgr - ok

23:32:00.0507 5744 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\windows\system32\FntCache.dll

23:32:00.0517 5744 FontCache - ok

23:32:00.0594 5744 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

23:32:00.0596 5744 FontCache3.0.0.0 - ok

23:32:00.0623 5744 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\windows\system32\drivers\FsDepends.sys

23:32:00.0624 5744 FsDepends - ok

23:32:00.0659 5744 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

23:32:00.0660 5744 Fs_Rec - ok

23:32:00.0701 5744 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

23:32:00.0705 5744 fvevol - ok

23:32:00.0730 5744 [ 40A5690A50D003429E6AF655D765AAF4 ] FwLnk C:\windows\System32\drivers\FwLnk.sys

23:32:00.0730 5744 FwLnk - ok

23:32:00.0759 5744 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\windows\System32\drivers\fxppm.sys

23:32:00.0759 5744 FxPPM - ok

23:32:00.0772 5744 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

23:32:00.0773 5744 gagp30kx - ok

23:32:00.0815 5744 [ 40AF6E444E938BF485B97D97E462AA33 ] GbpSv C:\PROGRA~2\GbPlugin\GbpSv.exe

23:32:00.0818 5744 GbpSv - ok

23:32:00.0860 5744 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\windows\System32\drivers\vmgencounter.sys

23:32:00.0860 5744 gencounter - ok

23:32:00.0922 5744 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys

23:32:00.0923 5744 GPIOClx0101 - ok

23:32:00.0991 5744 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\windows\System32\gpsvc.dll

23:32:01.0001 5744 gpsvc - ok

23:32:01.0047 5744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:32:01.0048 5744 gupdate - ok

23:32:01.0054 5744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:32:01.0055 5744 gupdatem - ok

23:32:01.0109 5744 [ 630555943E5A3FE21010CE91EC7FC84F ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

23:32:01.0112 5744 HdAudAddService - ok

23:32:01.0150 5744 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys

23:32:01.0151 5744 HDAudBus - ok

23:32:01.0183 5744 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\windows\System32\drivers\HidBatt.sys

23:32:01.0183 5744 HidBatt - ok

23:32:01.0228 5744 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\windows\System32\drivers\hidbth.sys

23:32:01.0229 5744 HidBth - ok

23:32:01.0270 5744 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\windows\System32\drivers\hidi2c.sys

23:32:01.0270 5744 hidi2c - ok

23:32:01.0288 5744 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\windows\System32\drivers\hidir.sys

23:32:01.0289 5744 HidIr - ok

23:32:01.0313 5744 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\windows\System32\hidserv.dll

23:32:01.0314 5744 hidserv - ok

23:32:01.0337 5744 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\windows\System32\drivers\hidusb.sys

23:32:01.0337 5744 HidUsb - ok

23:32:01.0369 5744 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\windows\system32\kmsvc.dll

23:32:01.0371 5744 hkmsvc - ok

23:32:01.0404 5744 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll

23:32:01.0407 5744 HomeGroupListener - ok

23:32:01.0436 5744 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll

23:32:01.0441 5744 HomeGroupProvider - ok

23:32:01.0479 5744 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

23:32:01.0480 5744 HpSAMD - ok

23:32:01.0514 5744 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\windows\system32\drivers\HTTP.sys

23:32:01.0520 5744 HTTP - ok

23:32:01.0535 5744 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

23:32:01.0535 5744 hwpolicy - ok

23:32:01.0547 5744 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys

23:32:01.0548 5744 hyperkbd - ok

23:32:01.0563 5744 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys

23:32:01.0563 5744 HyperVideo - ok

23:32:01.0593 5744 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\windows\System32\drivers\i8042prt.sys

23:32:01.0594 5744 i8042prt - ok

23:32:01.0631 5744 [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\windows\system32\drivers\iaStorA.sys

23:32:01.0636 5744 iaStorA - ok

23:32:01.0659 5744 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

23:32:01.0662 5744 iaStorV - ok

23:32:01.0759 5744 [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

23:32:01.0776 5744 IconMan_R - ok

23:32:01.0937 5744 [ C63C32080615F49A4B8CA50523D6AA59 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

23:32:01.0975 5744 igfx - ok

23:32:02.0012 5744 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\windows\system32\drivers\iirsp.sys

23:32:02.0013 5744 iirsp - ok

23:32:02.0076 5744 [ 3884117CE4FEC35E4A1A7A62918B1F34 ] IKEEXT C:\windows\System32\ikeext.dll

23:32:02.0084 5744 IKEEXT - ok

23:32:02.0202 5744 [ 9FEAC097F98F883D0A389C1C36C5DFBD ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

23:32:02.0224 5744 IntcAzAudAddService - ok

23:32:02.0258 5744 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys

23:32:02.0261 5744 IntcDAud - ok

23:32:02.0349 5744 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

23:32:02.0359 5744 Intel® Capability Licensing Service Interface - ok

23:32:02.0420 5744 [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

23:32:02.0423 5744 Intel® ME Service - ok

23:32:02.0474 5744 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\windows\system32\drivers\intelide.sys

23:32:02.0475 5744 intelide - ok

23:32:02.0502 5744 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\windows\System32\drivers\intelppm.sys

23:32:02.0504 5744 intelppm - ok

23:32:02.0523 5744 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

23:32:02.0524 5744 IpFilterDriver - ok

23:32:02.0561 5744 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\windows\System32\iphlpsvc.dll

23:32:02.0568 5744 iphlpsvc - ok

23:32:02.0589 5744 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys

23:32:02.0590 5744 IPMIDRV - ok

23:32:02.0606 5744 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\windows\system32\drivers\ipnat.sys

23:32:02.0607 5744 IPNAT - ok

23:32:02.0644 5744 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\windows\system32\drivers\irenum.sys

23:32:02.0644 5744 IRENUM - ok

23:32:02.0651 5744 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\windows\system32\drivers\isapnp.sys

23:32:02.0652 5744 isapnp - ok

23:32:02.0687 5744 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys

23:32:02.0690 5744 iScsiPrt - ok

23:32:02.0721 5744 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

23:32:02.0722 5744 jhi_service - ok

23:32:02.0736 5744 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\windows\System32\drivers\kbdclass.sys

23:32:02.0736 5744 kbdclass - ok

23:32:02.0766 5744 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\windows\System32\drivers\kbdhid.sys

23:32:02.0767 5744 kbdhid - ok

23:32:02.0789 5744 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\windows\system32\DRIVERS\kdnic.sys

23:32:02.0790 5744 kdnic - ok

23:32:02.0811 5744 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\windows\system32\lsass.exe

23:32:02.0812 5744 KeyIso - ok

23:32:02.0851 5744 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

23:32:02.0852 5744 KSecDD - ok

23:32:02.0894 5744 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

23:32:02.0897 5744 KSecPkg - ok

23:32:02.0924 5744 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

23:32:02.0925 5744 ksthunk - ok

23:32:02.0961 5744 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\windows\system32\msdtckrm.dll

23:32:02.0965 5744 KtmRm - ok

23:32:02.0995 5744 [ 4C0641D4DCDE9A84B9DB537277C2ADF8 ] kx1avs C:\windows\System32\Drivers\kx1avs.sys

23:32:02.0998 5744 kx1avs - ok

23:32:03.0012 5744 [ DF95DF5C8238B5A8C411538A2C834955 ] kx1usb_svc C:\windows\System32\Drivers\kx1usb.sys

23:32:03.0013 5744 kx1usb_svc - ok

23:32:03.0033 5744 [ 917D9184F4D40A64410832CF68AC0508 ] L1C C:\windows\system32\DRIVERS\L1C63x64.sys

23:32:03.0034 5744 L1C - ok

23:32:03.0065 5744 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\windows\System32\srvsvc.dll

23:32:03.0070 5744 LanmanServer - ok

23:32:03.0097 5744 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

23:32:03.0100 5744 LanmanWorkstation - ok

23:32:03.0129 5744 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

23:32:03.0130 5744 lltdio - ok

23:32:03.0168 5744 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\windows\System32\lltdsvc.dll

23:32:03.0171 5744 lltdsvc - ok

23:32:03.0188 5744 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\windows\System32\lmhsvc.dll

23:32:03.0190 5744 lmhosts - ok

23:32:03.0217 5744 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

23:32:03.0219 5744 LMS - ok

23:32:03.0243 5744 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

23:32:03.0245 5744 LSI_SAS - ok

23:32:03.0274 5744 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

23:32:03.0275 5744 LSI_SAS2 - ok

23:32:03.0291 5744 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

23:32:03.0292 5744 LSI_SCSI - ok

23:32:03.0314 5744 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys

23:32:03.0315 5744 LSI_SSS - ok

23:32:03.0365 5744 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\windows\System32\lsm.dll

23:32:03.0369 5744 LSM - ok

23:32:03.0385 5744 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\windows\system32\drivers\luafv.sys

23:32:03.0387 5744 luafv - ok

23:32:03.0414 5744 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\windows\system32\drivers\megasas.sys

23:32:03.0415 5744 megasas - ok

23:32:03.0436 5744 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

23:32:03.0439 5744 MegaSR - ok

23:32:03.0457 5744 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys

23:32:03.0458 5744 MEIx64 - ok

23:32:03.0498 5744 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\windows\system32\mmcss.dll

23:32:03.0500 5744 MMCSS - ok

23:32:03.0517 5744 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\windows\system32\drivers\modem.sys

23:32:03.0518 5744 Modem - ok

23:32:03.0567 5744 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\windows\System32\drivers\monitor.sys

23:32:03.0568 5744 monitor - ok

23:32:03.0592 5744 [ 618446B98C79776654340CE27C73485E ] mouclass C:\windows\System32\drivers\mouclass.sys

23:32:03.0593 5744 mouclass - ok

23:32:03.0641 5744 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\windows\System32\drivers\mouhid.sys

23:32:03.0643 5744 mouhid - ok

23:32:03.0666 5744 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\windows\system32\drivers\mountmgr.sys

23:32:03.0667 5744 mountmgr - ok

23:32:03.0704 5744 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

23:32:03.0705 5744 mpsdrv - ok

23:32:03.0766 5744 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\windows\system32\mpssvc.dll

23:32:03.0775 5744 MpsSvc - ok

23:32:03.0986 5744 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

23:32:03.0989 5744 MRxDAV - ok

23:32:04.0024 5744 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

23:32:04.0027 5744 mrxsmb - ok

23:32:04.0061 5744 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

23:32:04.0063 5744 mrxsmb10 - ok

23:32:04.0088 5744 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

23:32:04.0091 5744 mrxsmb20 - ok

23:32:04.0122 5744 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys

23:32:04.0123 5744 MsBridge - ok

23:32:04.0145 5744 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\windows\System32\msdtc.exe

23:32:04.0148 5744 MSDTC - ok

23:32:04.0173 5744 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\windows\system32\drivers\Msfs.sys

23:32:04.0173 5744 Msfs - ok

23:32:04.0211 5744 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys

23:32:04.0211 5744 msgpiowin32 - ok

23:32:04.0225 5744 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

23:32:04.0226 5744 mshidkmdf - ok

23:32:04.0253 5744 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys

23:32:04.0254 5744 mshidumdf - ok

23:32:04.0264 5744 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\windows\system32\drivers\msisadrv.sys

23:32:04.0265 5744 msisadrv - ok

23:32:04.0294 5744 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\windows\system32\iscsiexe.dll

23:32:04.0296 5744 MSiSCSI - ok

23:32:04.0302 5744 msiserver - ok

23:32:04.0318 5744 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

23:32:04.0318 5744 MSKSSRV - ok

23:32:04.0341 5744 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys

23:32:04.0342 5744 MsLldp - ok

23:32:04.0361 5744 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

23:32:04.0362 5744 MSPCLOCK - ok

23:32:04.0386 5744 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

23:32:04.0386 5744 MSPQM - ok

23:32:04.0408 5744 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\windows\system32\drivers\MsRPC.sys

23:32:04.0411 5744 MsRPC - ok

23:32:04.0427 5744 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\windows\System32\drivers\mssmbios.sys

23:32:04.0427 5744 mssmbios - ok

23:32:04.0445 5744 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

23:32:04.0445 5744 MSTEE - ok

23:32:04.0464 5744 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\windows\System32\drivers\MTConfig.sys

23:32:04.0464 5744 MTConfig - ok

23:32:04.0478 5744 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\windows\system32\Drivers\mup.sys

23:32:04.0479 5744 Mup - ok

23:32:04.0494 5744 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\windows\system32\drivers\mvumis.sys

23:32:04.0495 5744 mvumis - ok

23:32:04.0526 5744 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\windows\system32\qagentRT.dll

23:32:04.0531 5744 napagent - ok

23:32:04.0561 5744 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

23:32:04.0564 5744 NativeWifiP - ok

23:32:04.0589 5744 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\windows\System32\ncasvc.dll

23:32:04.0592 5744 NcaSvc - ok

23:32:04.0605 5744 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll

23:32:04.0607 5744 NcdAutoSetup - ok

23:32:04.0671 5744 [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS C:\windows\system32\drivers\ndis.sys

23:32:04.0685 5744 NDIS - ok

23:32:04.0712 5744 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

23:32:04.0713 5744 NdisCap - ok

23:32:04.0729 5744 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys

23:32:04.0730 5744 NdisImPlatform - ok

23:32:04.0788 5744 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

23:32:04.0789 5744 NdisTapi - ok

23:32:04.0822 5744 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

23:32:04.0823 5744 Ndisuio - ok

23:32:04.0845 5744 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

23:32:04.0847 5744 NdisWan - ok

23:32:04.0853 5744 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys

23:32:04.0855 5744 NDISWANLEGACY - ok

23:32:04.0871 5744 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

23:32:04.0872 5744 NDProxy - ok

23:32:04.0885 5744 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys

23:32:04.0886 5744 Ndu - ok

23:32:04.0930 5744 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

23:32:04.0931 5744 NetBIOS - ok

23:32:04.0966 5744 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

23:32:04.0969 5744 NetBT - ok

23:32:04.0999 5744 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\windows\system32\lsass.exe

23:32:05.0001 5744 Netlogon - ok

23:32:05.0066 5744 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll

23:32:05.0073 5744 Netman - ok

23:32:05.0111 5744 [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm C:\windows\System32\netprofmsvc.dll

23:32:05.0116 5744 netprofm - ok

23:32:05.0166 5744 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:32:05.0167 5744 NetTcpPortSharing - ok

23:32:05.0438 5744 [ 220CB593468EDF943E1CAD9952D257F0 ] NETwNe64 C:\windows\system32\DRIVERS\NETwNe64.sys

23:32:05.0515 5744 NETwNe64 - ok

23:32:05.0536 5744 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

23:32:05.0537 5744 nfrd960 - ok

23:32:05.0763 5744 [ 374F2BB3A4E77C17EA6A696A76F3033A ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

23:32:05.0812 5744 NIHardwareService - ok

23:32:05.0851 5744 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\windows\System32\nlasvc.dll

23:32:05.0855 5744 NlaSvc - ok

23:32:05.0875 5744 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys

23:32:05.0875 5744 Npfs - ok

23:32:05.0910 5744 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys

23:32:05.0911 5744 npsvctrig - ok

23:32:05.0934 5744 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll

23:32:05.0936 5744 nsi - ok

23:32:05.0949 5744 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

23:32:05.0950 5744 nsiproxy - ok

23:32:06.0017 5744 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

23:32:06.0030 5744 Ntfs - ok

23:32:06.0147 5744 [ 0461DD820E3A5BCE72F607331BD9F322 ] ntk3_Toshiba C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys

23:32:06.0149 5744 ntk3_Toshiba - ok

23:32:06.0192 5744 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys

23:32:06.0192 5744 Null - ok

23:32:06.0215 5744 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys

23:32:06.0217 5744 nvraid - ok

23:32:06.0235 5744 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys

23:32:06.0237 5744 nvstor - ok

23:32:06.0258 5744 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

23:32:06.0260 5744 nv_agp - ok

23:32:06.0307 5744 [ 4EFDD1CF53FD1051109489E6C4324C53 ] OEMRegistrationProgram C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe

23:32:06.0308 5744 OEMRegistrationProgram - ok

23:32:06.0394 5744 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

23:32:06.0398 5744 ose64 - ok

23:32:06.0616 5744 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

23:32:06.0649 5744 osppsvc - ok

23:32:06.0698 5744 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll

23:32:06.0706 5744 p2pimsvc - ok

23:32:06.0735 5744 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll

23:32:06.0740 5744 p2psvc - ok

23:32:06.0770 5744 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys

23:32:06.0772 5744 Parport - ok

23:32:06.0812 5744 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\windows\system32\drivers\partmgr.sys

23:32:06.0813 5744 partmgr - ok

23:32:06.0855 5744 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll

23:32:06.0861 5744 PcaSvc - ok

23:32:06.0884 5744 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys

23:32:06.0886 5744 pci - ok

23:32:06.0908 5744 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys

23:32:06.0908 5744 pciide - ok

23:32:06.0923 5744 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys

23:32:06.0925 5744 pcmcia - ok

23:32:06.0940 5744 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys

23:32:06.0941 5744 pcw - ok

23:32:06.0982 5744 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\windows\system32\drivers\pdc.sys

23:32:06.0984 5744 pdc - ok

23:32:07.0014 5744 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\windows\system32\drivers\peauth.sys

23:32:07.0020 5744 PEAUTH - ok

23:32:07.0100 5744 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe

23:32:07.0102 5744 PerfHost - ok

23:32:07.0171 5744 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll

23:32:07.0181 5744 pla - ok

23:32:07.0215 5744 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\windows\system32\umpnpmgr.dll

23:32:07.0218 5744 PlugPlay - ok

23:32:07.0241 5744 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

23:32:07.0243 5744 PNRPAutoReg - ok

23:32:07.0263 5744 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll

23:32:07.0267 5744 PNRPsvc - ok

23:32:07.0306 5744 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

23:32:07.0310 5744 PolicyAgent - ok

23:32:07.0352 5744 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\windows\system32\umpo.dll

23:32:07.0354 5744 Power - ok

23:32:07.0378 5744 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

23:32:07.0379 5744 PptpMiniport - ok

23:32:07.0511 5744 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll

23:32:07.0533 5744 PrintNotify - ok

23:32:07.0559 5744 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\windows\System32\drivers\processr.sys

23:32:07.0560 5744 Processor - ok

23:32:07.0587 5744 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll

23:32:07.0590 5744 ProfSvc - ok

23:32:07.0605 5744 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys

23:32:07.0606 5744 Psched - ok

23:32:07.0673 5744 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

23:32:07.0677 5744 PSI_SVC_2 - ok

23:32:07.0722 5744 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys

23:32:07.0723 5744 PxHlpa64 - ok

23:32:07.0778 5744 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll

23:32:07.0783 5744 QWAVE - ok

23:32:07.0831 5744 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

23:32:07.0832 5744 QWAVEdrv - ok

23:32:07.0860 5744 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

23:32:07.0861 5744 RasAcd - ok

23:32:07.0895 5744 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

23:32:07.0896 5744 RasAgileVpn - ok

23:32:07.0935 5744 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll

23:32:07.0939 5744 RasAuto - ok

23:32:07.0962 5744 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

23:32:07.0964 5744 Rasl2tp - ok

23:32:07.0993 5744 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll

23:32:07.0997 5744 RasMan - ok

23:32:08.0016 5744 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

23:32:08.0017 5744 RasPppoe - ok

23:32:08.0029 5744 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

23:32:08.0030 5744 RasSstp - ok

23:32:08.0070 5744 [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

23:32:08.0074 5744 rdbss - ok

23:32:08.0109 5744 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys

23:32:08.0109 5744 rdpbus - ok

23:32:08.0134 5744 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys

23:32:08.0135 5744 RDPDR - ok

23:32:08.0166 5744 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys

23:32:08.0167 5744 RdpVideoMiniport - ok

23:32:08.0189 5744 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys

23:32:08.0191 5744 RDPWD - ok

23:32:08.0217 5744 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

23:32:08.0219 5744 rdyboost - ok

23:32:08.0247 5744 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll

23:32:08.0249 5744 RemoteAccess - ok

23:32:08.0280 5744 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll

23:32:08.0282 5744 RemoteRegistry - ok

23:32:08.0316 5744 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

23:32:08.0319 5744 RpcEptMapper - ok

23:32:08.0340 5744 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe

23:32:08.0342 5744 RpcLocator - ok

23:32:08.0372 5744 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll

23:32:08.0379 5744 RpcSs - ok

23:32:08.0421 5744 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

23:32:08.0422 5744 rspndr - ok

23:32:08.0452 5744 [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR C:\windows\System32\Drivers\RtsUVStor.sys

23:32:08.0454 5744 RSUSBVSTOR - ok

23:32:08.0519 5744 [ 6831D30B0DB45E25E6C3207247C6EC36 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

23:32:08.0523 5744 RtkAudioService - ok

23:32:08.0587 5744 [ 097AA0B75675862070248796E1CC04D1 ] RTL8192Ce C:\windows\system32\DRIVERS\rtwlane.sys

23:32:08.0600 5744 RTL8192Ce - ok

23:32:08.0624 5744 [ 097AA0B75675862070248796E1CC04D1 ] RTWlanE C:\windows\system32\DRIVERS\rtwlane.sys

23:32:08.0634 5744 RTWlanE - ok

23:32:08.0665 5744 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys

23:32:08.0665 5744 s3cap - ok

23:32:08.0700 5744 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\windows\system32\lsass.exe

23:32:08.0702 5744 SamSs - ok

23:32:08.0729 5744 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys

23:32:08.0732 5744 sbp2port - ok

23:32:08.0773 5744 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll

23:32:08.0777 5744 SCardSvr - ok

23:32:08.0793 5744 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

23:32:08.0794 5744 scfilter - ok

23:32:08.0856 5744 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\windows\system32\schedsvc.dll

23:32:08.0868 5744 Schedule - ok

23:32:08.0901 5744 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll

23:32:08.0903 5744 SCPolicySvc - ok

23:32:08.0928 5744 [ F58B030A0664385C707B8C1C63682041 ] sdbus C:\windows\System32\drivers\sdbus.sys

23:32:08.0930 5744 sdbus - ok

23:32:08.0957 5744 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll

23:32:08.0960 5744 SDRSVC - ok

23:32:08.0988 5744 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\windows\System32\drivers\sdstor.sys

23:32:08.0989 5744 sdstor - ok

23:32:09.0017 5744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

23:32:09.0018 5744 secdrv - ok

23:32:09.0079 5744 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll

23:32:09.0080 5744 seclogon - ok

23:32:09.0124 5744 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\system32\sens.dll

23:32:09.0128 5744 SENS - ok

23:32:09.0157 5744 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll

23:32:09.0160 5744 SensrSvc - ok

23:32:09.0173 5744 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys

23:32:09.0174 5744 SerCx - ok

23:32:09.0197 5744 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys

23:32:09.0198 5744 Serenum - ok

23:32:09.0217 5744 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys

23:32:09.0218 5744 Serial - ok

23:32:09.0248 5744 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys

23:32:09.0249 5744 sermouse - ok

23:32:09.0287 5744 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll

23:32:09.0291 5744 SessionEnv - ok

23:32:09.0307 5744 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys

23:32:09.0308 5744 sfloppy - ok

23:32:09.0345 5744 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll

23:32:09.0349 5744 SharedAccess - ok

23:32:09.0394 5744 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll

23:32:09.0400 5744 ShellHWDetection - ok

23:32:09.0424 5744 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

23:32:09.0425 5744 SiSRaid2 - ok

23:32:09.0442 5744 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

23:32:09.0443 5744 SiSRaid4 - ok

23:32:09.0464 5744 [ 4A2972573225A2DE4DEC0AD68529DF0F ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys

23:32:09.0465 5744 SmbDrvI - ok

23:32:09.0538 5744 [ 4DF4ADFED443319AEC08DBBA2DAB11EA ] SMITS C:\Windows\SysWOW64\SMITSC.exe

23:32:09.0540 5744 SMITS - ok

23:32:09.0571 5744 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe

23:32:09.0573 5744 SNMPTRAP - ok

23:32:09.0608 5744 [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport C:\windows\system32\drivers\spaceport.sys

23:32:09.0610 5744 spaceport - ok

23:32:09.0635 5744 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys

23:32:09.0637 5744 SpbCx - ok

23:32:09.0662 5744 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe

23:32:09.0669 5744 Spooler - ok

23:32:09.0801 5744 [ 061A977C920FBE4BF71FF47C966DDDCA ] sppsvc C:\windows\system32\sppsvc.exe

23:32:09.0835 5744 sppsvc - ok

23:32:09.0868 5744 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys

23:32:09.0872 5744 srv - ok

23:32:09.0919 5744 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

23:32:09.0923 5744 srv2 - ok

23:32:09.0964 5744 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

23:32:09.0966 5744 srvnet - ok

23:32:09.0992 5744 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

23:32:09.0996 5744 SSDPSRV - ok

23:32:10.0009 5744 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll

23:32:10.0011 5744 SstpSvc - ok

23:32:10.0037 5744 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys

23:32:10.0038 5744 ssudmdm - ok

23:32:10.0064 5744 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys

23:32:10.0064 5744 stexstor - ok

23:32:10.0141 5744 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll

23:32:10.0153 5744 stisvc - ok

23:32:10.0199 5744 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\windows\system32\drivers\storahci.sys

23:32:10.0200 5744 storahci - ok

23:32:10.0216 5744 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys

23:32:10.0217 5744 storflt - ok

23:32:10.0248 5744 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll

23:32:10.0250 5744 StorSvc - ok

23:32:10.0276 5744 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys

23:32:10.0277 5744 storvsc - ok

23:32:10.0296 5744 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll

23:32:10.0298 5744 svsvc - ok

23:32:10.0319 5744 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys

23:32:10.0319 5744 swenum - ok

23:32:10.0352 5744 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll

23:32:10.0358 5744 swprv - ok

23:32:10.0423 5744 [ 157DFCD1E83E964A5074742AE2DFA0C1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

23:32:10.0431 5744 SynTP - ok

23:32:10.0525 5744 [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain C:\windows\system32\sysmain.dll

23:32:10.0541 5744 SysMain - ok

23:32:10.0609 5744 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll

23:32:10.0616 5744 SystemEventsBroker - ok

23:32:10.0658 5744 [ 8D3F6CEBDAECDE77DD2A0899AECDE41E ] ta6avs C:\windows\System32\Drivers\ta6avs.sys

23:32:10.0665 5744 ta6avs - ok

23:32:10.0694 5744 [ EE529EEE0D020DE5F6155B76FD5E500B ] ta6usb_svc C:\windows\System32\Drivers\ta6usb.sys

23:32:10.0695 5744 ta6usb_svc - ok

23:32:10.0731 5744 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll

23:32:10.0734 5744 TabletInputService - ok

23:32:10.0759 5744 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll

23:32:10.0763 5744 TapiSrv - ok

23:32:10.0800 5744 [ 40AEF344E856C4FC7DF9A9F3793B2CBE ] TASCAM_US122144 C:\windows\System32\Drivers\tascusb2.sys

23:32:10.0803 5744 TASCAM_US122144 - ok

23:32:10.0816 5744 [ 6E8FBD86A8873193BD7418AEFE04D466 ] TASCAM_US122L_MK2_MIDI C:\windows\system32\drivers\tscusb2m.sys

23:32:10.0817 5744 TASCAM_US122L_MK2_MIDI - ok

23:32:10.0835 5744 [ 2D7944EF798E9276AFFA3A896B97AA11 ] TASCAM_US122L_MK2_WDM C:\windows\system32\drivers\tscusb2a.sys

23:32:10.0836 5744 TASCAM_US122L_MK2_WDM - ok

23:32:10.0925 5744 [ 37D85E873C9531A2F88DD9C63D3F8A9E ] Tcpip C:\windows\system32\drivers\tcpip.sys

23:32:10.0944 5744 Tcpip - ok

23:32:10.0978 5744 [ 37D85E873C9531A2F88DD9C63D3F8A9E ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

23:32:10.0993 5744 TCPIP6 - ok

23:32:11.0020 5744 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

23:32:11.0020 5744 tcpipreg - ok

23:32:11.0058 5744 [ 58480A57ACF2671C343FD1D4BA990E34 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

23:32:11.0059 5744 tdcmdpst - ok

23:32:11.0075 5744 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys

23:32:11.0076 5744 tdx - ok

23:32:11.0093 5744 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys

23:32:11.0094 5744 terminpt - ok

23:32:11.0125 5744 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll

23:32:11.0132 5744 TermService - ok

23:32:11.0149 5744 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll

23:32:11.0151 5744 Themes - ok

23:32:11.0185 5744 [ 16E745743BABAF480B7718442F38B076 ] Thotkey C:\windows\System32\drivers\Thotkey.sys

23:32:11.0185 5744 Thotkey - ok

23:32:11.0221 5744 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\windows\system32\mmcss.dll

23:32:11.0223 5744 THREADORDER - ok

23:32:11.0256 5744 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll

23:32:11.0259 5744 TimeBroker - ok

23:32:11.0395 5744 [ 5201342394DD42848027CE96A37043DB ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

23:32:11.0396 5744 TMachInfo - ok

23:32:11.0440 5744 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe

23:32:11.0446 5744 TODDSrv - ok

23:32:11.0493 5744 [ 4D7977197C3EC8C65F533E8A84DE229C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe

23:32:11.0495 5744 TOSHIBA eco Utility Service - ok

23:32:11.0613 5744 [ 3D6FFB37BC2B5E6ADCCCAD13C6133E2F ] Toshiba Media Server Monitor Service C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe

23:32:11.0616 5744 Toshiba Media Server Monitor Service - ok

23:32:11.0647 5744 [ 6358B56296E88271202054BE24C63277 ] Toshiba Media Server Service C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe

23:32:11.0650 5744 Toshiba Media Server Service - ok

23:32:11.0685 5744 [ 36391C3953D191A2AF4556D5D706C641 ] tos_sps64 C:\windows\system32\drivers\tos_sps64.sys

23:32:11.0689 5744 tos_sps64 - ok

23:32:11.0758 5744 [ A389B3EAECA23657D3DFD39217C7FC94 ] TPCHKarteSVC C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe

23:32:11.0762 5744 TPCHKarteSVC - ok

23:32:11.0857 5744 [ 8608681DC6E2975815A593209A6432CD ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

23:32:11.0865 5744 TPCHSrv - ok

23:32:11.0914 5744 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\windows\system32\drivers\tpm.sys

23:32:11.0916 5744 TPM - ok

23:32:11.0950 5744 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll

23:32:11.0953 5744 TrkWks - ok

23:32:12.0010 5744 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

23:32:12.0012 5744 TrustedInstaller - ok

23:32:12.0057 5744 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

23:32:12.0058 5744 TsUsbFlt - ok

23:32:12.0075 5744 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys

23:32:12.0077 5744 TsUsbGD - ok

23:32:12.0100 5744 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

23:32:12.0101 5744 tunnel - ok

23:32:12.0125 5744 [ 54BDBF3D4DED58DA78B702471C68D4CA ] TVALZ C:\windows\system32\drivers\TVALZ_O.SYS

23:32:12.0126 5744 TVALZ - ok

23:32:12.0148 5744 [ 55A9A23DD64EB7781FCAB565B028CD0E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys

23:32:12.0148 5744 TVALZFL - ok

23:32:12.0163 5744 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys

23:32:12.0164 5744 uagp35 - ok

23:32:12.0189 5744 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys

23:32:12.0190 5744 UASPStor - ok

23:32:12.0214 5744 [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000 C:\windows\System32\drivers\ucx01000.sys

23:32:12.0216 5744 UCX01000 - ok

23:32:12.0261 5744 [ 25C50F4EDF70D0A831E0566BD181CCF2 ] udfs C:\windows\system32\DRIVERS\udfs.sys

23:32:12.0264 5744 udfs - ok

23:32:12.0313 5744 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe

23:32:12.0315 5744 UI0Detect - ok

23:32:12.0346 5744 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

23:32:12.0347 5744 uliagpkx - ok

23:32:12.0364 5744 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys

23:32:12.0364 5744 umbus - ok

23:32:12.0376 5744 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys

23:32:12.0377 5744 UmPass - ok

23:32:12.0405 5744 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll

23:32:12.0408 5744 UmRdpService - ok

23:32:12.0468 5744 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

23:32:12.0475 5744 UNS - ok

23:32:12.0524 5744 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll

23:32:12.0537 5744 upnphost - ok

23:32:12.0574 5744 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\windows\System32\drivers\usbccgp.sys

23:32:12.0575 5744 usbccgp - ok

23:32:12.0599 5744 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys

23:32:12.0601 5744 usbcir - ok

23:32:12.0640 5744 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\windows\System32\drivers\usbehci.sys

23:32:12.0641 5744 usbehci - ok

23:32:12.0665 5744 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\windows\System32\drivers\usbhub.sys

23:32:12.0669 5744 usbhub - ok

23:32:12.0698 5744 [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys

23:32:12.0702 5744 USBHUB3 - ok

23:32:12.0720 5744 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\windows\System32\drivers\usbohci.sys

23:32:12.0720 5744 usbohci - ok

23:32:12.0741 5744 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys

23:32:12.0742 5744 usbprint - ok

23:32:12.0772 5744 [ BFC7FE4AAEB61317A921871B4085EF4B ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS

23:32:12.0773 5744 USBSTOR - ok

23:32:12.0793 5744 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\windows\System32\drivers\usbuhci.sys

23:32:12.0794 5744 usbuhci - ok

23:32:12.0834 5744 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys

23:32:12.0836 5744 usbvideo - ok

23:32:12.0862 5744 [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS

23:32:12.0865 5744 USBXHCI - ok

23:32:12.0901 5744 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\windows\system32\lsass.exe

23:32:12.0902 5744 VaultSvc - ok

23:32:12.0929 5744 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

23:32:12.0930 5744 vdrvroot - ok

23:32:12.0989 5744 [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds C:\windows\System32\vds.exe

23:32:13.0003 5744 vds - ok

23:32:13.0023 5744 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys

23:32:13.0024 5744 VerifierExt - ok

23:32:13.0076 5744 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\windows\System32\drivers\vhdmp.sys

23:32:13.0079 5744 vhdmp - ok

23:32:13.0134 5744 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys

23:32:13.0134 5744 viaide - ok

23:32:13.0176 5744 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys

23:32:13.0177 5744 vmbus - ok

23:32:13.0211 5744 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys

23:32:13.0212 5744 VMBusHID - ok

23:32:13.0275 5744 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll

23:32:13.0282 5744 vmicheartbeat - ok

23:32:13.0300 5744 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll

23:32:13.0307 5744 vmickvpexchange - ok

23:32:13.0322 5744 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll

23:32:13.0326 5744 vmicrdv - ok

23:32:13.0335 5744 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll

23:32:13.0338 5744 vmicshutdown - ok

23:32:13.0347 5744 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll

23:32:13.0350 5744 vmictimesync - ok

23:32:13.0359 5744 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll

23:32:13.0362 5744 vmicvss - ok

23:32:13.0384 5744 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys

23:32:13.0385 5744 volmgr - ok

23:32:13.0412 5744 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys

23:32:13.0415 5744 volmgrx - ok

23:32:13.0439 5744 [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap C:\windows\system32\drivers\volsnap.sys

23:32:13.0442 5744 volsnap - ok

23:32:13.0473 5744 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys

23:32:13.0474 5744 vpci - ok

23:32:13.0493 5744 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

23:32:13.0495 5744 vsmraid - ok

23:32:13.0561 5744 [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS C:\windows\system32\vssvc.exe

23:32:13.0573 5744 VSS - ok

23:32:13.0591 5744 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys

23:32:13.0594 5744 VSTXRAID - ok

23:32:13.0624 5744 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys

23:32:13.0625 5744 vwifibus - ok

23:32:13.0639 5744 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

23:32:13.0640 5744 vwififlt - ok

23:32:13.0652 5744 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

23:32:13.0653 5744 vwifimp - ok

23:32:13.0695 5744 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll

23:32:13.0699 5744 W32Time - ok

23:32:13.0715 5744 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys

23:32:13.0716 5744 WacomPen - ok

23:32:13.0758 5744 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys

23:32:13.0759 5744 Wanarp - ok

23:32:13.0765 5744 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

23:32:13.0766 5744 Wanarpv6 - ok

23:32:13.0819 5744 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe

23:32:13.0832 5744 wbengine - ok

23:32:13.0858 5744 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

23:32:13.0862 5744 WbioSrvc - ok

23:32:13.0905 5744 [ AF1349386D4C6786EF4E34FACEF15042 ] Wcmsvc C:\windows\System32\wcmsvc.dll

23:32:13.0909 5744 Wcmsvc - ok

23:32:13.0949 5744 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\windows\System32\wcncsvc.dll

23:32:13.0955 5744 wcncsvc - ok

23:32:13.0981 5744 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

23:32:13.0983 5744 WcsPlugInService - ok

23:32:14.0010 5744 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys

23:32:14.0011 5744 Wd - ok

23:32:14.0033 5744 [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot C:\windows\system32\drivers\WdBoot.sys

23:32:14.0034 5744 WdBoot - ok

23:32:14.0116 5744 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

23:32:14.0129 5744 Wdf01000 - ok

23:32:14.0180 5744 [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter C:\windows\system32\drivers\WdFilter.sys

23:32:14.0182 5744 WdFilter - ok

23:32:14.0212 5744 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll

23:32:14.0215 5744 WdiServiceHost - ok

23:32:14.0220 5744 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll

23:32:14.0223 5744 WdiSystemHost - ok

23:32:14.0247 5744 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll

23:32:14.0251 5744 WebClient - ok

23:32:14.0268 5744 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll

23:32:14.0272 5744 Wecsvc - ok

23:32:14.0290 5744 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll

23:32:14.0293 5744 wercplsupport - ok

23:32:14.0329 5744 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\windows\System32\WerSvc.dll

23:32:14.0331 5744 WerSvc - ok

23:32:14.0371 5744 [ 3F1F31883EAC9DDDF836ACC6D1DAC36C ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys

23:32:14.0372 5744 WFPLWFS - ok

23:32:14.0392 5744 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll

23:32:14.0394 5744 WiaRpc - ok

23:32:14.0427 5744 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys

23:32:14.0428 5744 WIMMount - ok

23:32:14.0463 5744 WinDefend - ok

23:32:14.0558 5744 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll

23:32:14.0565 5744 WinHttpAutoProxySvc - ok

23:32:14.0649 5744 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

23:32:14.0653 5744 Winmgmt - ok

23:32:14.0767 5744 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll

23:32:14.0788 5744 WinRM - ok

23:32:14.0827 5744 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

23:32:14.0828 5744 WinUsb - ok

23:32:14.0902 5744 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\windows\System32\wlansvc.dll

23:32:14.0919 5744 WlanSvc - ok

23:32:15.0015 5744 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\windows\system32\wlidsvc.dll

23:32:15.0040 5744 wlidsvc - ok

23:32:15.0071 5744 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys

23:32:15.0072 5744 WmiAcpi - ok

23:32:15.0109 5744 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

23:32:15.0110 5744 wmiApSrv - ok

23:32:15.0131 5744 WMPNetworkSvc - ok

23:32:15.0144 5744 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys

23:32:15.0145 5744 wpcfltr - ok

23:32:15.0181 5744 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll

23:32:15.0183 5744 WPCSvc - ok

23:32:15.0219 5744 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

23:32:15.0225 5744 WPDBusEnum - ok

23:32:15.0243 5744 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys

23:32:15.0244 5744 WpdUpFltr - ok

23:32:15.0288 5744 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

23:32:15.0288 5744 ws2ifsl - ok

23:32:15.0331 5744 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\windows\system32\wscsvc.dll

23:32:15.0334 5744 wscsvc - ok

23:32:15.0341 5744 WSearch - ok

23:32:15.0424 5744 [ D4D04839F3DFAF09D94BAB1016F7A297 ] WSService C:\windows\System32\WSService.dll

23:32:15.0442 5744 WSService - ok

23:32:15.0560 5744 [ 9DEC60D4783377097014DFCCA31E69F8 ] wuauserv C:\windows\system32\wuaueng.dll

23:32:15.0588 5744 wuauserv - ok

23:32:15.0637 5744 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys

23:32:15.0639 5744 WudfPf - ok

23:32:15.0673 5744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys

23:32:15.0675 5744 WUDFRd - ok

23:32:15.0685 5744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys

23:32:15.0687 5744 WUDFSensorLP - ok

23:32:15.0710 5744 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll

23:32:15.0713 5744 wudfsvc - ok

23:32:15.0722 5744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys

23:32:15.0724 5744 WUDFWpdFs - ok

23:32:15.0733 5744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys

23:32:15.0735 5744 WUDFWpdMtp - ok

23:32:15.0784 5744 [ 6D9E07436B6646EC8F7EFFD39B6BA288 ] WwanSvc C:\windows\System32\wwansvc.dll

23:32:15.0794 5744 WwanSvc - ok

23:32:15.0826 5744 ================ Scan global ===============================

23:32:15.0912 5744 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll

23:32:15.0955 5744 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll

23:32:15.0988 5744 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll

23:32:16.0039 5744 [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe

23:32:16.0045 5744 [Global] - ok

23:32:16.0046 5744 ================ Scan MBR ==================================

23:32:16.0062 5744 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

23:32:16.0072 5744 \Device\Harddisk0\DR0 - ok

23:32:16.0073 5744 ================ Scan VBR ==================================

23:32:16.0087 5744 [ AF4FE7449D37DA5CD4E01619097674FC ] \Device\Harddisk0\DR0\Partition1

23:32:16.0088 5744 \Device\Harddisk0\DR0\Partition1 - ok

23:32:16.0110 5744 [ 2BD4C6238DD7FF28B143F86B720550A5 ] \Device\Harddisk0\DR0\Partition2

23:32:16.0111 5744 \Device\Harddisk0\DR0\Partition2 - ok

23:32:16.0123 5744 [ D5BB72C5C4938C69A34F617C92C2816D ] \Device\Harddisk0\DR0\Partition3

23:32:16.0125 5744 \Device\Harddisk0\DR0\Partition3 - ok

23:32:16.0135 5744 [ 385070D61E3B7C6FFB0691037EE05A3F ] \Device\Harddisk0\DR0\Partition4

23:32:16.0137 5744 \Device\Harddisk0\DR0\Partition4 - ok

23:32:16.0167 5744 [ 183EF7DD3AC37F4163FE4C60C3B475B4 ] \Device\Harddisk0\DR0\Partition5

23:32:16.0168 5744 \Device\Harddisk0\DR0\Partition5 - ok

23:32:16.0193 5744 [ 638844B304645A3EED786EEC2769537B ] \Device\Harddisk0\DR0\Partition6

23:32:16.0194 5744 \Device\Harddisk0\DR0\Partition6 - ok

23:32:16.0196 5744 ============================================================

23:32:16.0196 5744 Scan finished

23:32:16.0196 5744 ============================================================

23:32:16.0209 6824 Detected object count: 0

23:32:16.0209 6824 Actual detected object count: 0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro ibrain666

Ok :)

Faça o download do Malwarebytes Anti-Rootkit e salve em seu Desktop

  • Clique duas vezes no arquivo para extraí-lo no Desktop
  • Entre na pasta mbar
  • Clique duas vezes no arquivo mbar.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Na janela que aparecer clique em Next
  • Clique no botão Update e aguarde
  • Clique em botão Next
  • Certifique que estejam marcadas as caixas:
    • Drivers
    • Sectors
    • System

  • Clique em botão Scan e aguarde
    • Caso tenha encontrado algum malware clique no botão Cleanup
    • Certifique a caixa Create Restore Point esteja marcada
    • Clique em Yes para reinicar o computador

  • Caso nada seja encontrado clique no botão Exit
  • Depois entre na pasta mbar, localize o log mbar-log[...].txt
  • Abra-o, copie todo seu conteúdo e cole em sua próxima resposta

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

ola diego,nada detectado,segue o log ;)

Malwarebytes Anti-Rootkit BETA 1.07.0.1005

www.malwarebytes.org

Database version: v2013.10.08.04

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16688

henrique :: HENRIQUE [administrator]

2013/10/08 22:44:16

mbar-log-2013-10-08 (22-44-16).txt

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled:

Objects scanned: 234904

Time elapsed: 16 minute(s), 25 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×