I was trying to install some softwares to unbrick my phone and I didn't pay attention properly to one of the links, which was quite suspicious. After installation, I got infected with adware.gen and now I'm keeping received alerts from AVIRA with the threat "ADWARE/Adware.gen".
Some lines of the log contains messages in Portuguese. The most important ones are in English thought.
DDS.txt
- Code: Select all
DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 Run by godo at 14:48:48 on 2013-05-11 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.55.1046.18.3955.1118 [GMT 2:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs c:\Windows\system32\vcsFPService.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files\DigitalPersona\Bin\DpHostW.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe C:\Program Files\Conexant\SA3\CxUtilSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe c:\Program Files (x86)\Microsoft SQL Server\SQLBounce\MSSQL10_50.SQLBOUNCE\MSSQL\Binn\sqlservr.exe c:\Program Files (x86)\Microsoft SQL Server\ZBDProcessor\MSSQL10_50.ZBDPROCESSOR\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files (x86)\PremierOpinion\pmservice.exe C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files\DigitalPersona\Bin\DPAgent.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Users\godo\AppData\Roaming\Google\Google Talk\googletalk.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files (x86)\Vidyo\Vidyo Desktop\VidyoDesktop.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\prevhost.exe C:\Windows\notepad.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\Program Files (x86)\Notepad++\notepad++.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\godo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe c:\program files (x86)\premieropinion\pmropn.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=NL&userid=04d7552f-d57b-4a47-82f7-cb6883809425&searchtype=hp&installDate={installDate} uSearch Bar = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=NL&userid=04d7552f-d57b-4a47-82f7-cb6883809425&searchtype=ds&q={searchTerms}&installDate={installDate} uSearch Page = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=NL&userid=04d7552f-d57b-4a47-82f7-cb6883809425&searchtype=ds&q={searchTerms}&installDate={installDate} uProxyOverride = local;192.168.*.* uSearchAssistant = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=NL&userid=04d7552f-d57b-4a47-82f7-cb6883809425&searchtype=ds&q={searchTerms}&installDate={installDate} mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll uRun: [googletalk] C:\Users\godo\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart uRun: [Google Update] "C:\Users\godo\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Vidyo Desktop] C:\Program Files (x86)\Vidyo\Vidyo Desktop\VidyoDesktop.exe mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: %windir%\system32\vsocklib.dll TCP: NameServer = 213.160.212.3 213.160.223.35 TCP: Interfaces\{06B09711-1BAF-45BB-94EF-2338127CE5D9} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{06B09711-1BAF-45BB-94EF-2338127CE5D9}\35E454C61626 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{FFA6CA42-D7C4-4CFF-844A-5F48DEEC170E} : DHCPNameServer = 213.160.212.3 213.160.223.35 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: GbPluginAbn - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll LSA: Notification Packages = DPPassFilter scecli x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Driver de comutação do controlador host Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-7-29 16152] R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-7-29 28992] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-7-28 22128] R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2013-1-10 70296] R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-11-6 27760] R2 AntiVirSchedulerService;Avira Programador;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-6 86224] R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-11-6 110032] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2012-3-9 107648] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-11-6 98848] R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-7-28 109184] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-3-9 30848] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-7-28 176000] R3 IntcDAud;Áudio do vídeo Intel(R);C:\Windows\System32\drivers\IntcDAud.sys [2012-7-29 331264] R3 iusb3hub;Driver para hub Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-7-29 356120] R3 iusb3xhc;Driver de controlador host eXtensível Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2012-7-29 787736] R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-7-29 104048] R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2012-7-29 67184] S2 BounceCommV3;BounceCommV3;"C:\Program Files (x86)\ZBD Displays\Bounce\BounceComms\RFV3\BounceCommV3Service.exe" --> C:\Program Files (x86)\ZBD Displays\Bounce\BounceComms\RFV3\BounceCommV3Service.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-3-9 36480] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096] S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-3-9 111232] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-3-9 281472] S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-3-9 551552] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-7-30 102240] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2012-7-29 300864] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-7-29 313448] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] . =============== Created Last 30 ================ . 2013-05-11 12:02:28 -------- d-----w- C:\Program Files (x86)\ESET 2013-05-11 09:55:58 -------- d-----w- C:\Users\godo\AppData\Local\Motosftemp 2013-05-11 09:50:25 -------- d-----w- C:\Program Files (x86)\PremierOpinion 2013-05-11 09:47:18 -------- d-----w- C:\Users\godo\AppData\Roaming\Motorola Mobility 2013-05-11 09:47:02 -------- d-----w- C:\Program Files (x86)\Motorola Mobility 2013-05-11 09:47:02 -------- d-----w- C:\Program Files (x86)\Motorola 2013-05-11 09:47:02 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap 2013-05-11 09:46:51 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-05-11 09:46:04 -------- d-----w- C:\Program Files\Motorola Inc 2013-05-11 09:46:03 -------- d-----w- C:\Program Files\Common Files\Motorola Shared 2013-05-11 09:45:10 -------- d-----w- C:\Users\godo\AppData\Roaming\Motorola 2013-05-10 18:33:31 -------- d-----w- C:\Users\godo\AppData\Local\{13EE6E4F-5FB0-4578-A373-810CFC841FF1} 2013-05-06 14:58:14 -------- d-----w- C:\Program Files (x86)\Ambarella 2013-05-06 13:23:49 -------- d-----w- C:\Users\godo\.zenmap 2013-05-06 13:21:10 -------- d-----w- C:\Program Files (x86)\Nmap 2013-05-06 11:57:02 -------- d-----w- C:\Python27 2013-04-28 21:23:31 -------- d-----w- C:\Program Files (x86)\Vidyo 2013-04-28 21:23:27 -------- d-----w- C:\Users\godo\AppData\Local\Vidyo 2013-04-25 08:30:32 -------- d-----w- C:\ProgramData\GbPlugin 2013-04-25 08:30:32 -------- d-----w- C:\Program Files (x86)\GbPlugin 2013-04-25 08:30:22 824 ----a-w- C:\Windows\System32\drivers\etc\hosts.tmp 2013-04-24 09:35:29 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-22 12:01:05 -------- d-----w- C:\ProgramData\boost_interprocess 2013-04-22 11:54:13 -------- d-----w- C:\Users\godo\AppData\Roaming\Wireshark 2013-04-21 07:40:39 706250 ----a-w- C:\Users\godo\AppData\Roaming\unins000.exe 2013-04-21 07:40:39 -------- d-----w- C:\Users\godo\AppData\Local\GAS Tecnologia 2013-04-21 07:40:39 -------- d-----w- C:\ProgramData\GAS Tecnologia 2013-04-18 19:00:48 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll 2013-04-18 19:00:48 -------- d-----w- C:\usb_driver 2013-04-18 10:05:03 -------- d-----w- C:\Users\godo\irssi 2013-04-16 13:24:45 -------- d-----w- C:\Program Files (x86)\WinPcap 2013-04-16 13:24:05 -------- d-----w- C:\Program Files\Wireshark 2013-04-16 13:23:38 -------- d-----w- C:\Program Files\OpenVPN 2013-04-16 13:22:42 -------- d-----w- C:\Program Files\TAP-Windows 2013-04-16 00:14:51 -------- d-----w- C:\Users\godo\.ssh 2013-04-16 00:13:42 -------- d-----w- C:\Users\godo\AppData\Roaming\GitHub 2013-04-16 00:13:38 -------- d-----w- C:\Users\godo\AppData\Local\GitHub 2013-04-15 10:05:21 -------- d-----w- C:\Users\godo\AppData\Roaming\Hex-Rays 2013-04-12 09:03:14 -------- d-----w- C:\Program Files (x86)\Tableau . ==================== Find3M ==================== . 2013-04-24 07:31:52 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-24 07:31:52 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-04-06 17:55:00 2448384 ----a-w- C:\Windows\SysWow64\python27.dll 2013-04-04 07:11:59 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-04-04 07:11:59 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-03-23 02:04:04 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll 2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-02-15 06:08:40 44032 ----a-w- C:\Windows\System32\tsgqec.dll 2013-02-15 06:06:11 3717632 ----a-w- C:\Windows\System32\mstscax.dll 2013-02-15 06:02:26 158720 ----a-w- C:\Windows\System32\aaclient.dll 2013-02-15 04:37:10 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll 2013-02-15 04:34:10 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll 2013-02-15 03:25:51 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys . ============= FINISH: 14:50:54,72 ===============
Attach.txt
- Code: Select all
. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Basic Boot Device: \Device\HarddiskVolume2 Install Date: 02/08/2012 21:34:01 System Uptime: 11/05/2013 13:29:22 (1 hours ago) . Motherboard: Dell Inc. | | 0C0NHY Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | CPU Socket - U3E1 | 1175/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 307 GiB total, 51,488 GiB free. D: is CDROM () E: is FIXED (NTFS) - 85 GiB total, 47,672 GiB free. F: is FIXED (NTFS) - 466 GiB total, 331,181 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP110: 05/05/2013 21:46:28 - Ponto de Verificação Agendado RP111: 06/05/2013 13:56:15 - Installed Python 2.7.4 RP112: 06/05/2013 16:58:26 - Instalação de Pacote de Driver de Dispositivo: Microsoft Controladores USB (barramento serial universal) RP113: 11/05/2013 11:45:19 - Instalado Motorola Device Manager RP114: 11/05/2013 11:53:07 - Installed RSDLite RP115: 11/05/2013 12:33:13 - Removed RSDLite RP116: 11/05/2013 12:34:00 - Removed Secure Download Manager RP117: 11/05/2013 13:23:20 - Operação de restauração RP118: 11/05/2013 13:37:35 - Removed Java 7 Update 10 (64-bit) RP119: 11/05/2013 13:39:39 - Removed Java 7 Update 17 RP120: 11/05/2013 13:40:26 - Removido JavaFX 2.1.1 . ==== Installed Programs ====================== . . ==== End Of File ===========================
Operação de restauração = Restoration point created.
I've followed the instructions to open this post and the necessary information to be provided. Hope it is enough to assist you guys assisting me!
Best,