Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Log Combo Fix


  • This topic is locked This topic is locked
2 replies to this topic

#1 Devp

Devp

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:26 PM

Posted 20 October 2013 - 11:34 AM

Good afternoon,

Recently I used the combo fix in my computer.

I need an analysis of the log.

Thank you.
 

ComboFix 13-10-19.02 - Diego 20/10/2013  14:00:04.1.4 - x64
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.55.1046.18.3895.2436 [GMT -2:00]
Executando de: c:\users\Diego\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\smartdl
c:\program files (x86)\smartdl\gunzip.exe
c:\program files (x86)\smartdl\status
c:\program files (x86)\smartdl\TorrentSearch.exe
c:\programdata\ntuser.dat
c:\users\Convidado\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\background.html
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\crossriderManifest.json
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\manifest.xml
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins.json
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\1_base.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\101_cortica_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\102_dealply_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\103_intext_5_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\105_corticas_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\107_coupish_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\108_icm_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\116_ads_only_5_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\119_similar_web_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\120_luck_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\125_arcadi2_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\126_revizer_ws_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\127_revizer_p_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\129_widdit_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\135_arcadi3_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\138_getdeal_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\142_intext_fa_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\17_jQuery.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\170_icm1_5_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\21_debug.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\22_resources.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\28_initializer.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\47_resources_background.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\64_appApiMessage.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\7_hooks.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\72_appApiValidation.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\92_superfish_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\userCode\background.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\extensionData\userCode\extension.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\icons\actions\1.png
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\icons\icon128.png
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\icons\icon16.png
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\icons\icon48.png
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\api\chrome.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\api\cookie.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\api\message.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\api\pageAction.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\api\pageActionBG.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\background.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\app_api.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\bg_app_api.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\consts.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\cookie_store.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\crossriderAPI.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\delegate.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\events.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\extensionDataStore.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\installer.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\logFile.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\logging.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\onBGDocumentLoad.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\popupResource\newPopup.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\popupResource\popup.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\reports.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\storageWrapper.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\updateManager.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\util.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\lib\xhr.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\js\main.js
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\manifest.json
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcmldniciaadnhphngjgajcaiddomka\1.25.26_0\popup.html
c:\users\Diego\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Diego\AppData\Roaming\Love
c:\users\Diego\AppData\Roaming\Love\mari0\options.txt
c:\windows\s.bat
c:\windows\SysWow64\ijl11.dll
c:\windows\tmp
c:\windows\tmp\dd_vcredistMSI1117.txt
c:\windows\tmp\dd_vcredistUI1117.txt
c:\windows\tmp\qtsingleapp-koboex-7d5-1-lockfile
c:\windows\wininit.ini
D:\install.exe
.
.
((((((((((((((((   Arquivos/Ficheiros criados de 2013-09-20 to 2013-10-20  ))))))))))))))))))))))))))))
.
.
2013-10-19 02:52 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B09FA708-8268-42E9-9638-2258CBDB64E8}\mpengine.dll
2013-10-12 19:17 . 2013-10-12 19:17	--------	d-----w-	c:\users\Diego\AppData\Roaming\fltk.org
2013-10-09 01:38 . 2013-07-04 12:50	633856	----a-w-	c:\windows\system32\comctl32.dll
2013-10-04 00:09 . 2013-10-04 00:09	--------	d-----w-	c:\programdata\MySQL
2013-10-04 00:09 . 2013-10-04 00:09	--------	d-----w-	c:\program files\MySQL
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 20:25 . 2012-07-01 04:11	80541720	----a-w-	c:\windows\system32\MRT.exe
2013-10-08 20:56 . 2012-06-24 03:12	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 20:56 . 2012-06-24 03:12	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-03 17:35 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 01:38	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-12 22:45	155584	----a-w-	c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-12 22:45	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-12 22:45	424448	----a-w-	c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-12 22:45	1161216	----a-w-	c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-12 22:45	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-12 22:45	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	6656	----a-w-	c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-12 22:45	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 22:45	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-12 22:45	338432	----a-w-	c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-12 22:45	112640	----a-w-	c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-12 22:45	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 22:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 22:45	6144	---ha-w-	c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 22:45	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-12 22:44	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-12 22:44	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-07-25 09:25 . 2013-08-14 20:47	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 20:47	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-09 1813928]
"Memory Improve Master"="c:\program files (x86)\Memory Improve Master\MemoryImproveMaster.exe" [2009-03-16 5095424]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
"Tim"="c:\program files (x86)\Computer\TM\lsass.exe" [2013-08-06 5734400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-03-30 329056]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe"
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" /s
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LG AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 AndNetGps;LG AndroidNet USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandnetgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetgps64.sys [x]
R3 ANDNetModem;LG AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LG AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys;c:\windows\SYSNATIVE\Drivers\lgandadb.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\LevelUp! Games\RagnarokOnline\GameGuard\dump_wmimmc.sys;c:\program files (x86)\LevelUp! Games\RagnarokOnline\GameGuard\dump_wmimmc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 Gun;Gun;c:\game\SoftnyxGame\GunBoundPS\Gun64.sys;c:\game\SoftnyxGame\GunBoundPS\Gun64.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 npkycryp;npkycryp;c:\program files (x86)\LevelUp! Games\RagnarokOnline\npkycryp.sys;c:\program files (x86)\LevelUp! Games\RagnarokOnline\npkycryp.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys;c:\windows\SYSNATIVE\DRIVERS\mfenlfk.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Áudio do vídeo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 20:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-03-30 09:30	1508192	----a-w-	c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 413720]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-05-27 521272]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Anexar a PDF existente - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Anexar destino do link a PDF existente - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converter destino do link em Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converter em Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportar para o Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Enviar imagem para Dispositivo &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar página para Dispositivo &Bluetooth ... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Diego\AppData\Roaming\Mozilla\Firefox\Profiles\jzo6gn5a.default-1365302591760\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br
FF - prefs.js: keyword.URL - 
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extentions.webcake.installId - 931a70ab-d35c-443d-9185-5cf1a12d8b9d
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 19b2741000000000000072de2baaaec0
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15890
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.520:54
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - pt
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=121225&tt=040713_ctrl&tsp=4933
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=radiofm&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0B0A0A0A0E0CtDyByEtCtDtN0D0Tzu0CyCyDzztN1L2XzutBtFtBtFyBtFtCtBtDtCtN1L1Czu1C1T1Q1L1F1O1H&cr=1199857270&ir=
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Funmoods
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=radiofm&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0B0A0A0A0E0CtDyByEtCtDtN0D0Tzu0CyCyDzztN1L2XzutBtFtBtFyBtFtCtBtDtCtN1L1Czu1C1T1Q1L1F1O1H&cr=1199857270&ir=
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=radiofm&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0B0A0A0A0E0CtDyByEtCtDtN0D0Tzu0CyCyDzztN1L2XzutBtFtBtFyBtFtCtBtDtCtN1L1Czu1C1T1Q1L1F1O1H&cr=1199857270&ir=&q=
FF - user.js: extensions.funmoods.id - 74DE2BAAAEC07410
FF - user.js: extensions.funmoods.instlDay - 15997
FF - user.js: extensions.funmoods.vrsn - 1.8.20.0
FF - user.js: extensions.funmoods.vrsni - 1.8.20.0
FF - user.js: extensions.funmoods_i.vrsnTs - 1.8.20.021:27:1
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - radiofm
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - 
FF - user.js: extensions.funmoods.dfltLng - 
FF - user.js: extensions.funmoods.appId - {EA28B360-05E0-4F93-8150-02891F1D8D3C}
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods.cr - 1199857270
FF - user.js: extensions.funmoods.cd - 2XzuyEtN2Y1L1QzuyByE0D0EtB0B0A0A0A0E0CtDyByEtCtDtN0D0Tzu0CyCyDzztN1L2XzutBtFtBtFyBtFtCtBtDtCtN1L1Czu1C1T1Q1L1F1O1H
FF - user.js: extensions.irspeeddial.aflt - radiofm
FF - user.js: extensions.irspeeddial.instlRef - 
FF - user.js: extensions.irspeeddial.cr - 1199857270
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzuyByE0D0EtB0B0A0A0A0E0CtDyByEtCtDtN0D0Tzu0CyCyDzztN1L2XzutBtFtBtFyBtFtCtBtDtCtN1L1Czu1C1T1Q1L1F1O1H
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110311961176} - c:\program files (x86)\Plus-HD-4.4\Plus-HD-4.4-bho64.dll
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 6.0\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 6.0\my.ini\" MySQL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-465522817-1346636043-3001305756-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:47,86,08,78,fb,5a,dc,57,3f,1c,53,1d,64,95,fe,3d,73,b1,a4,97,10,1d,fc,
   92,66,f3,b3,03,c7,fc,e8,7b,d3,d3,55,2a,5e,84,13,c5,e0,6b,ed,cf,26,9b,4d,4a,\
"??"=hex:02,21,2b,0c,dd,be,11,67,e7,90,08,7a,00,8c,80,09
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2013-10-20  14:15:07
ComboFix-quarantined-files.txt  2013-10-20 16:15
.
Pré-execução: 14.410.014.720 bytes disponíveis
Pós execução: 13.903.728.640 bytes disponíveis
.
- - End Of File - - 4EF16ED099CF4B41066533450F0D53A0



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:26 PM

Posted 24 October 2013 - 08:27 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please restart the computer before running this security check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:26 PM

Posted 30 October 2013 - 09:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users