PDA

View Full Version : por favor me ajude não sei se postei corretamente.



thiago
2013-07-16, 23:57
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.25.2
Run by Thiago at 17:46:27 on 2013-07-16
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.3895.866 [GMT -3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\System32\alg.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\3G USB Modem\HSDPALauncher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Q:\140066.ptb\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991
uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000BPVT-24HXZT3_WD-WXL1E91YFAM8YFAM8&ts=1372943223
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000BPVT-24HXZT3_WD-WXL1E91YFAM8YFAM8&ts=1372943223
mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000BPVT-24HXZT3_WD-WXL1E91YFAM8YFAM8&ts=1372943223
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SDHelper: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Auxiliar de Conexão de Conta da Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [wfmaster] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [HSDPALauncher] C:\PROGRA~2\3GUSBM~1\HSDPAL~1.EXE
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [wf] <no file>
dRun: [KurupiraNet] "C:\Program Files (x86)\Kurupira\WebFilter\kurupirawf.exe"
StartupFolder: C:\Users\Thiago\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 201.6.2.173 201.6.2.83
TCP: Interfaces\{683015BF-DFA2-471E-B629-25D268936346} : NameServer = 189.40.224.80 189.40.226.80
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301} : DHCPNameServer = 201.6.2.173 201.6.2.83
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301}\16E646562737F6E6 : DHCPNameServer = 200.162.196.29 200.162.194.244
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301}\46C696E6B6 : DHCPNameServer = 189.7.64.17 189.7.64.26
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301}\4784961676F6 : DHCPNameServer = 189.7.64.17 189.7.64.26
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301}\75C454455434251423 : DHCPNameServer = 192.168.136.3 192.168.136.1
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301}\75C454455434251433 : DHCPNameServer = 192.168.136.3 192.168.136.1
TCP: Interfaces\{8B7375F9-828E-4185-A5DB-30D49C209301}\E6564767962747571613533323 : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000BPVT-24HXZT3_WD-WXL1E91YFAM8YFAM8&ts=1372943223
x64-mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000BPVT-24HXZT3_WD-WXL1E91YFAM8YFAM8&ts=1372943223
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
x64-Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-2-7 822624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-11 13336]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-7-16 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-7-16 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-7-16 168384]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-11 2320920]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2012-4-11 28176]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-28 31088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-4-11 167816]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2012-4-11 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2012-4-11 158976]
R3 IntcDAud;Áudio do vídeo Intel(R);C:\windows\System32\drivers\IntcDAud.sys [2012-4-11 271872]
R3 NisSrv;Inspeção de Rede da Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-11 239616]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfswin7.sys [2011-10-1 765288]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaywin7.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirwin7.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvolwin7.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 btusbflt;Bluetooth USB Filter;C:\windows\System32\drivers\btusbflt.sys [2012-4-11 52264]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2013-3-14 35104]
S3 qcusbser;Mobile Connector;C:\windows\System32\drivers\qcusbser.sys [2008-9-1 118144]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-4-11 242720]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
.
=============== Created Last 30 ================
.
2013-07-16 19:33:50 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2013-07-16 19:33:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-16 19:31:03 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9127505-1BD2-4377-B798-68126FADD155}\mpengine.dll
2013-07-15 20:14:32 -------- d-----w- C:\Users\Thiago\AppData\Roaming\Malwarebytes
2013-07-15 20:14:19 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-15 20:12:31 51496 ----a-w- C:\windows\System32\drivers\stflt.sys
2013-07-15 18:41:38 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-07-15 17:28:03 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-06 18:17:37 -------- d-----w- C:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-07-06 17:23:23 -------- d-----w- C:\Program Files\Enigma Software Group
2013-07-06 17:22:14 -------- d-----w- C:\windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-06 17:22:13 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-07-04 13:06:55 -------- d-----w- C:\Users\Thiago\AppData\Roaming\eIntaller
2013-07-04 13:04:52 -------- d-----w- C:\Users\Thiago\AppData\Local\PutLockerDownloader
2013-07-04 12:56:13 -------- d-----w- C:\Users\Thiago\AppData\Roaming\Python-Eggs
2013-06-30 13:55:55 -------- d-----w- C:\Users\Thiago\AppData\Local\DealPlyLive
2013-06-30 13:55:55 -------- d-----w- C:\ProgramData\DealPlyLive
2013-06-30 13:55:55 -------- d-----w- C:\Program Files (x86)\DealPlyLive
2013-06-30 13:55:53 -------- d-----w- C:\Users\Thiago\AppData\Roaming\Dealply
2013-06-30 13:45:08 372736 ----a-w- C:\windows\SysWow64\wintbr.ocx
2013-06-30 13:45:08 372736 ----a-w- C:\windows\SysWow64\ijl15.dll
2013-06-30 13:45:08 212240 ----a-w- C:\windows\SysWow64\RICHTX32.OCX
2013-06-30 13:45:07 662288 ----a-w- C:\windows\SysWow64\mscomct2.ocx
2013-06-30 13:45:07 608448 ----a-w- C:\windows\SysWow64\comctl32.ocx
2013-06-30 13:45:07 115920 ----a-w- C:\windows\SysWow64\msinet.ocx
2013-06-30 11:24:57 -------- d-----w- C:\windows\SysWow64\wbem\Logs
2013-06-27 17:59:37 -------- d-----w- C:\Users\Thiago\AppData\Roaming\eCyber
2013-06-27 17:59:07 -------- d-----w- C:\Users\Thiago\AppData\Roaming\eDownload
2013-06-27 17:25:55 -------- d-----w- C:\Users\Thiago\AppData\Roaming\Awesomium
2013-06-27 14:17:45 -------- d-----w- C:\Users\Thiago\AppData\Roaming\StarDict
2013-06-27 14:16:48 -------- d-----w- C:\Program Files (x86)\StarDict
2013-06-27 14:14:37 -------- d-----w- C:\Program Files (x86)\Common Files\GTK
2013-06-25 18:40:08 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-06-24 11:12:50 -------- d-----w- C:\Users\Thiago\AppData\Local\B1E
2013-06-22 10:51:50 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D538BA28-75C9-4512-9C2F-AD7AFD9C1BF2}\gapaengine.dll
2013-06-21 19:56:04 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-20 15:48:01 -------- d-----w- C:\Users\Thiago\AppData\Roaming\BabSolution
2013-06-20 15:47:58 -------- d-----w- C:\windows\SysWow64\searchplugins
2013-06-20 15:47:58 -------- d-----w- C:\windows\SysWow64\Extensions
2013-06-20 15:47:54 -------- d-----w- C:\ProgramData\BrowserDefender
2013-06-20 15:47:14 -------- d-----w- C:\Users\Thiago\AppData\Roaming\GoforFiles
2013-06-20 15:47:14 -------- d-----w- C:\Program Files (x86)\GoforFiles
2013-06-20 11:22:42 -------- d-----w- C:\ProgramData\Baidu Security
2013-06-20 11:05:25 -------- d-----w- C:\ProgramData\eSafe
2013-06-17 15:36:45 -------- d-sh--w- C:\ProgramData\Config
2013-06-17 15:36:43 90112 ----a-w- C:\windows\SysWow64\XPMenu.ocx
.
==================== Find3M ====================
.
2013-07-04 13:07:09 773712 ----a-w- C:\windows\SysWow64\msvcr100.dll
2013-07-04 13:07:09 420944 ----a-w- C:\windows\SysWow64\msvcp100.dll
2013-06-21 19:55:56 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-06-21 19:55:56 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-05-02 05:06:08 278800 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 17:47:20,39 ===============