My dad's flash drive was infected with Antivirus Security Pro, yesterday I plugged it into my laptop and it got infected
I tried to remove it as I did on his computer but I just doesn't let me boot into Safe Mode, as it automatically reboots the system
I've googled about this and read some topics on this forum about this
as I read some things about the virus getting smarter, I've already did those FRST things and here is the log, as I know there's one specific way to do to each user
I'm posting on this section cause I realized I could've posted on wrong section before
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by SYSTEM on MININT-2JK5KHB on 28-09-2013 21:05:33
Running from G:\
Windows 7 Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [LifeChat] - C:\Program Files\Microsoft LifeChat\LifeChat.exe [264040 2009-09-28] (Microsoft Corporation)
HKLM\...\Run: [422c] - C:\Program Files\432\422c.js [54744 2013-09-28] ()
HKLM\...\Run: [AS2014] - C:\ProgramData\ragp7aaU\ragp7aaU.exe [589464 2013-09-28] ()
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,C:\ProgramData\ragp7aaU\ragp7aaU.exe -sm,
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\Pedro\...\Run: [Flutter] - "C:\Users\Pedro\AppData\Local\Flutter\Flutter.exe"
HKU\Pedro\...\Run: [Akamai NetSession Interface] - "C:\Users\Pedro\AppData\Local\Akamai\netsession_win.exe"
HKU\Pedro\...\Run: [DAEMON Tools Lite] - C:\Program Files\Daemon\DAEMON Tools Lite\DTLite.exe [ 2013-03-14] (Disc Soft Ltd)
HKU\Pedro\...\Run: [Facebook Update] - C:\Users\Pedro\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2013-06-28] (Facebook Inc.)
HKU\Pedro\...\Run: [Tiny download manager] - "C:\Users\Pedro\AppData\Local\DM\TinyDM.exe" /M
HKU\Pedro\...\Run: [spoolsv32] - "C:\Windows\system32\javaw.exe" -jar "C:\Users\Pedro\AppData\Roaming\Win32\spoolsv32.jar"
HKU\Pedro\...\Run: [btcl] - C:\Users\Pedro\AppData\Roaming\dist12\btcl.exe [ 2013-07-24] ()
HKU\Pedro\...\Run: [4a3] - C:\Users\Pedro\AppData\Roaming\5c25\4a3.js [ 2013-09-28] ()
HKU\Pedro\...\Run: [AS2014] - C:\ProgramData\ragp7aaU\ragp7aaU.exe [ 2013-09-28] ()
HKU\Pedro\...\Policies\system: [DisableRegistryTools] 1
HKU\Pedro\...\Policies\system: [DisableTaskMgr] 1
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ETDCtrl - Shortcut.lnk
ShortcutTarget: ETDCtrl - Shortcut.lnk -> C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
========================== Services (Whitelisted) =================
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
==================== Drivers (Whitelisted) ====================
S0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-15] (Advanced Micro Devices)
S0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-15] (Advanced Micro Devices)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-28] ()
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-06-06] (DT Soft Ltd)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [116008 2013-01-12] (ELAN Microelectronics Corp.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15576 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10200 2012-08-20] ()
S1 SABI; C:\Windows\system32\Drivers\SABI.sys [10752 2009-05-28] (SAMSUNG ELECTRONICS)
S3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [584872 2013-06-26] (Microsoft Corporation)
S3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [197800 2013-06-26] (Microsoft Corporation)
S3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [24232 2013-06-26] (Microsoft Corporation)
S3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [20136 2013-06-26] (Microsoft Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-28 21:05 - 2013-09-28 21:05 - 00000000 ____D C:\FRST
2013-09-28 14:45 - 2013-09-28 14:45 - 00065024 _____ C:\Windows\System32\Compfind.dll
2013-09-28 14:44 - 2013-09-28 15:59 - 00001666 _____ C:\Users\Pedro\Desktop\Antivirus Security Pro.lnk
2013-09-28 14:44 - 2013-09-28 15:59 - 00000118 _____ C:\Users\Pedro\Desktop\Antivirus Security Pro support.url
2013-09-28 14:20 - 2013-09-28 14:45 - 00000000 ____D C:\ProgramData\ragp7aaU
2013-09-28 13:34 - 2013-09-28 13:35 - 04152238 _____ C:\Users\Pedro\Downloads\texto.rar
2013-09-28 13:05 - 2013-09-28 13:53 - 367964016 _____ (Microsoft Corporation) C:\Users\Pedro\Downloads\WindowsServer2003.WindowsXP-KB914961-SP2-x64-ENU (1).exe
2013-09-28 13:04 - 2013-09-28 13:04 - 00000000 __SHD C:\Users\Pedro\AppData\Roaming\5c25
2013-09-28 13:04 - 2013-09-28 13:04 - 00000000 __SHD C:\Program Files\432
2013-09-28 13:04 - 2013-09-28 13:04 - 00000000 __SHD C:\5d0d2
2013-09-28 10:56 - 2013-09-28 11:49 - 316973608 _____ (Microsoft Corporation) C:\Users\Pedro\Downloads\WindowsXP-KB936929-SP3-x86-PTB.exe
2013-09-26 16:14 - 2013-09-26 16:14 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vst
2013-09-23 16:04 - 2013-09-23 16:04 - 00000000 ____D C:\Users\Pedro\Desktop\Lorde - Pure Heroine [2013] 320
2013-09-19 22:01 - 2013-09-19 22:01 - 00284864 _____ C:\Windows\msxml4-KB954430-enu.LOG
2013-09-19 22:01 - 2013-09-19 22:01 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-09-19 22:00 - 2013-09-19 22:01 - 00291022 _____ C:\Windows\msxml4-KB973688-enu.LOG
2013-09-19 16:05 - 2013-09-19 16:06 - 00000000 ____D C:\Users\Pedro\Desktop\Das Racist - Shut Up, Dude
2013-09-18 14:13 - 2013-09-18 14:13 - 00024224 _____ C:\Users\Pedro\Downloads\Linha 4 - Amarela - 080113.kmz
2013-09-18 11:26 - 2013-09-18 12:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 10:35 - 2013-09-18 10:35 - 00000115 _____ C:\Users\Pedro\Documents\plot.log
2013-09-17 16:18 - 2013-09-17 16:18 - 01380491 _____ C:\Users\Pedro\Desktop\Desktop.rar
2013-09-17 16:18 - 2010-09-02 08:53 - 05879216 _____ C:\Users\Pedro\Desktop\3314-142.DXF
2013-09-17 16:18 - 2010-09-02 08:53 - 04864907 _____ C:\Users\Pedro\Desktop\3314-144.DXF
2013-09-17 16:09 - 2013-09-17 16:09 - 00001901 _____ C:\Users\Public\Desktop\AutoCAD 2007.lnk
2013-09-17 16:09 - 2013-09-17 16:09 - 00000000 ____D C:\Program Files\AnswerWorks 4.0
2013-09-17 16:05 - 2013-09-17 16:15 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Autodesk
2013-09-17 16:05 - 2013-09-17 16:12 - 00000000 ____D C:\Program Files\AutoCAD 2007
2013-09-17 16:05 - 2013-09-17 16:05 - 00000000 ____D C:\Users\Pedro\AppData\Local\Autodesk
2013-09-17 16:05 - 2013-09-17 16:05 - 00000000 ____D C:\ProgramData\Autodesk
2013-09-17 16:02 - 2013-09-17 16:02 - 00002090 _____ C:\Users\Public\Desktop\Autodesk DWF Viewer.lnk
2013-09-17 16:01 - 2013-09-17 16:12 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-09-17 16:01 - 2013-09-17 16:01 - 00000000 ____D C:\Program Files\Autodesk
2013-09-17 16:01 - 2005-07-22 14:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-09-17 15:54 - 2013-09-17 15:59 - 00000000 ____D C:\Users\Pedro\Desktop\autocad 2007
2013-09-14 22:08 - 2013-09-14 22:30 - 53173962 _____ C:\Users\Pedro\Desktop\billie.wmv
2013-09-14 21:48 - 2013-09-14 21:48 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\SU Movie Editor
2013-09-14 21:47 - 2013-09-14 21:47 - 00000000 ____D C:\Users\Pedro\Documents\SU Movie Editor
2013-09-14 21:45 - 2013-09-14 21:46 - 04431848 _____ (SProsoft ) C:\Users\Pedro\Downloads\su_movie_editor.exe
2013-09-14 21:37 - 2013-09-14 21:37 - 00000000 ____D C:\Users\Pedro\Documents\FlashIntegro
2013-09-14 21:37 - 2013-09-14 21:37 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\VideoEditor
2013-09-14 21:36 - 2013-08-02 15:56 - 00075264 _____ (Flash-Integro LLC) C:\Windows\System32\mslvddsfilter2.ax
2013-09-14 21:35 - 2013-09-14 21:44 - 00000000 ____D C:\Program Files\Common Files\FlashIntegro
2013-09-14 21:35 - 2004-12-10 05:03 - 00438272 _____ (On2.com) C:\Windows\System32\vp6vfw.dll
2013-09-14 21:35 - 2004-09-06 11:06 - 00053248 _____ C:\Windows\System32\xvid.ax
2013-09-14 21:35 - 2003-05-22 07:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\System32\divx.dll
2013-09-14 21:35 - 2003-05-22 07:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\System32\divxdec.ax
2013-09-14 21:35 - 2003-05-21 18:50 - 01700352 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-09-14 21:35 - 2003-05-21 18:50 - 00261632 _____ (MainConcept) C:\Windows\System32\mcdvd_32.dll
2013-09-14 21:35 - 2003-05-21 18:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
2013-09-14 21:35 - 2003-05-21 18:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\System32\vct3216.acm
2013-09-14 21:35 - 2003-05-21 18:50 - 00038912 _____ (NCT Company) C:\Windows\System32\alf2cd.acm
2013-09-14 21:35 - 2003-05-21 18:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\msxml3a.dll
2013-09-14 21:35 - 2003-03-25 00:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\L3CODECX.AX
2013-09-14 21:35 - 2003-03-18 18:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\System32\msvcp71.dll
2013-09-14 21:35 - 2003-02-20 22:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
2013-09-14 21:35 - 2002-08-19 19:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\System32\mpg4c32.dll
2013-09-14 21:35 - 2000-03-14 15:55 - 00013239 _____ (SHARP Corporation) C:\Windows\System32\Scg726.acm
2013-09-14 21:32 - 2013-09-14 21:32 - 00000000 ____D C:\Program Files\Sonic Foundry
2013-09-14 21:32 - 2013-09-14 21:32 - 00000000 ____D C:\Program Files\Pure Motion
2013-09-14 21:31 - 2013-09-14 21:34 - 00000000 ____D C:\Program Files\DebugMode
2013-09-14 21:30 - 2013-09-14 21:34 - 27922777 _____ (Flash-Integro LLC ) C:\Users\Pedro\Downloads\video_editor.exe
2013-09-14 21:30 - 2013-09-14 21:31 - 02715366 _____ C:\Users\Pedro\Downloads\wax20e.zip
2013-09-14 20:26 - 2013-09-14 20:27 - 00000000 ____D C:\Users\Pedro\Desktop\Blackmore'S Night - Dancer and the Moon (2013)
2013-09-14 14:36 - 2013-09-14 14:38 - 00000000 ____D C:\Users\Pedro\Desktop\Janelle Monae - The Electric Lady (2013 - 320Kbps) [Skytwohigh]
2013-09-12 22:37 - 2013-09-12 22:37 - 00000017 _____ C:\Windows\System32\shortcut_ex.dat
2013-09-12 19:07 - 2013-09-12 19:07 - 00000000 ____D C:\Program Files\Microsoft LifeChat
2013-09-10 17:55 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-09-10 17:55 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-09-10 17:54 - 2013-08-07 17:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-09-10 17:54 - 2013-08-04 17:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-09-10 17:54 - 2013-08-01 17:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-09-10 17:54 - 2013-08-01 17:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-09-10 17:54 - 2013-08-01 17:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 16:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-09-10 17:54 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 17:54 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-09-04 15:55 - 2013-09-04 15:56 - 14916216 _____ (Last.fm ) C:\Users\Pedro\Downloads\Last.fm-2.1.36.exe
2013-08-31 23:03 - 2013-08-31 23:03 - 00000000 ____D C:\ProgramData\FLEXnet
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 ____D C:\Program Files\Bonjour
2013-08-31 22:30 - 2013-08-31 22:30 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
==================== One Month Modified Files and Folders =======
2013-09-28 21:05 - 2013-09-28 21:05 - 00000000 ____D C:\FRST
2013-09-28 16:01 - 2009-07-13 20:34 - 00028128 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-28 16:01 - 2009-07-13 20:34 - 00028128 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-28 15:59 - 2013-09-28 14:44 - 00001666 _____ C:\Users\Pedro\Desktop\Antivirus Security Pro.lnk
2013-09-28 15:59 - 2013-09-28 14:44 - 00000118 _____ C:\Users\Pedro\Desktop\Antivirus Security Pro support.url
2013-09-28 15:56 - 2009-07-13 20:39 - 00052109 _____ C:\Windows\setupact.log
2013-09-28 15:05 - 2013-01-11 17:10 - 01687020 _____ C:\Windows\WindowsUpdate.log
2013-09-28 14:45 - 2013-09-28 14:45 - 00065024 _____ C:\Windows\System32\Compfind.dll
2013-09-28 14:45 - 2013-09-28 14:20 - 00000000 ____D C:\ProgramData\ragp7aaU
2013-09-28 13:53 - 2013-09-28 13:05 - 367964016 _____ (Microsoft Corporation) C:\Users\Pedro\Downloads\WindowsServer2003.WindowsXP-KB914961-SP2-x64-ENU (1).exe
2013-09-28 13:35 - 2013-09-28 13:34 - 04152238 _____ C:\Users\Pedro\Downloads\texto.rar
2013-09-28 13:05 - 2010-11-20 13:01 - 00779724 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-28 13:04 - 2013-09-28 13:04 - 00000000 __SHD C:\Users\Pedro\AppData\Roaming\5c25
2013-09-28 13:04 - 2013-09-28 13:04 - 00000000 __SHD C:\Program Files\432
2013-09-28 13:04 - 2013-09-28 13:04 - 00000000 __SHD C:\5d0d2
2013-09-28 11:49 - 2013-09-28 10:56 - 316973608 _____ (Microsoft Corporation) C:\Users\Pedro\Downloads\WindowsXP-KB936929-SP3-x86-PTB.exe
2013-09-28 10:50 - 2013-01-14 19:46 - 00000000 ___RD C:\Users\Pedro\Dropbox
2013-09-28 10:50 - 2013-01-14 19:43 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Dropbox
2013-09-27 09:31 - 2013-01-28 00:36 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\SoftGrid Client
2013-09-27 07:40 - 2013-03-14 14:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Skype
2013-09-26 16:14 - 2013-09-26 16:14 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vst
2013-09-23 22:08 - 2013-01-12 11:43 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2013-09-23 21:19 - 2013-01-12 11:30 - 00000000 ____D C:\Users\Pedro\AppData\Local\Last.fm
2013-09-23 16:04 - 2013-09-23 16:04 - 00000000 ____D C:\Users\Pedro\Desktop\Lorde - Pure Heroine [2013] 320
2013-09-20 01:30 - 2013-04-22 18:15 - 00000000 ____D C:\Users\Pedro\Documents\FAU
2013-09-19 22:01 - 2013-09-19 22:01 - 00284864 _____ C:\Windows\msxml4-KB954430-enu.LOG
2013-09-19 22:01 - 2013-09-19 22:01 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-09-19 22:01 - 2013-09-19 22:00 - 00291022 _____ C:\Windows\msxml4-KB973688-enu.LOG
2013-09-19 16:06 - 2013-09-19 16:05 - 00000000 ____D C:\Users\Pedro\Desktop\Das Racist - Shut Up, Dude
2013-09-19 15:02 - 2013-02-02 23:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-18 14:13 - 2013-09-18 14:13 - 00024224 _____ C:\Users\Pedro\Downloads\Linha 4 - Amarela - 080113.kmz
2013-09-18 12:25 - 2013-09-18 11:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 10:35 - 2013-09-18 10:35 - 00000115 _____ C:\Users\Pedro\Documents\plot.log
2013-09-17 19:21 - 2009-07-13 20:33 - 01702416 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-17 16:18 - 2013-09-17 16:18 - 01380491 _____ C:\Users\Pedro\Desktop\Desktop.rar
2013-09-17 16:15 - 2013-09-17 16:05 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Autodesk
2013-09-17 16:14 - 2013-01-11 18:53 - 00095808 _____ C:\Users\Pedro\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-17 16:12 - 2013-09-17 16:05 - 00000000 ____D C:\Program Files\AutoCAD 2007
2013-09-17 16:12 - 2013-09-17 16:01 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-09-17 16:09 - 2013-09-17 16:09 - 00001901 _____ C:\Users\Public\Desktop\AutoCAD 2007.lnk
2013-09-17 16:09 - 2013-09-17 16:09 - 00000000 ____D C:\Program Files\AnswerWorks 4.0
2013-09-17 16:09 - 2013-01-27 14:07 - 00000000 ____D C:\Program Files\Microsoft Office
2013-09-17 16:09 - 2013-01-27 14:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-09-17 16:09 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-17 16:08 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Help
2013-09-17 16:05 - 2013-09-17 16:05 - 00000000 ____D C:\Users\Pedro\AppData\Local\Autodesk
2013-09-17 16:05 - 2013-09-17 16:05 - 00000000 ____D C:\ProgramData\Autodesk
2013-09-17 16:02 - 2013-09-17 16:02 - 00002090 _____ C:\Users\Public\Desktop\Autodesk DWF Viewer.lnk
2013-09-17 16:01 - 2013-09-17 16:01 - 00000000 ____D C:\Program Files\Autodesk
2013-09-17 16:01 - 2013-05-17 19:52 - 00016911 _____ C:\Windows\DirectX.log
2013-09-17 16:01 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-17 15:59 - 2013-09-17 15:54 - 00000000 ____D C:\Users\Pedro\Desktop\autocad 2007
2013-09-14 22:30 - 2013-09-14 22:08 - 53173962 _____ C:\Users\Pedro\Desktop\billie.wmv
2013-09-14 21:48 - 2013-09-14 21:48 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\SU Movie Editor
2013-09-14 21:47 - 2013-09-14 21:47 - 00000000 ____D C:\Users\Pedro\Documents\SU Movie Editor
2013-09-14 21:46 - 2013-09-14 21:45 - 04431848 _____ (SProsoft ) C:\Users\Pedro\Downloads\su_movie_editor.exe
2013-09-14 21:44 - 2013-09-14 21:35 - 00000000 ____D C:\Program Files\Common Files\FlashIntegro
2013-09-14 21:37 - 2013-09-14 21:37 - 00000000 ____D C:\Users\Pedro\Documents\FlashIntegro
2013-09-14 21:37 - 2013-09-14 21:37 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\VideoEditor
2013-09-14 21:34 - 2013-09-14 21:31 - 00000000 ____D C:\Program Files\DebugMode
2013-09-14 21:34 - 2013-09-14 21:30 - 27922777 _____ (Flash-Integro LLC ) C:\Users\Pedro\Downloads\video_editor.exe
2013-09-14 21:32 - 2013-09-14 21:32 - 00000000 ____D C:\Program Files\Sonic Foundry
2013-09-14 21:32 - 2013-09-14 21:32 - 00000000 ____D C:\Program Files\Pure Motion
2013-09-14 21:32 - 2013-01-12 10:20 - 00000000 ____D C:\Program Files\Adobe
2013-09-14 21:31 - 2013-09-14 21:30 - 02715366 _____ C:\Users\Pedro\Downloads\wax20e.zip
2013-09-14 20:27 - 2013-09-14 20:26 - 00000000 ____D C:\Users\Pedro\Desktop\Blackmore'S Night - Dancer and the Moon (2013)
2013-09-14 14:38 - 2013-09-14 14:36 - 00000000 ____D C:\Users\Pedro\Desktop\Janelle Monae - The Electric Lady (2013 - 320Kbps) [Skytwohigh]
2013-09-14 14:04 - 2013-01-18 13:09 - 00000000 ____D C:\Users\Pedro\Desktop\Music Wars 3
2013-09-12 22:37 - 2013-09-12 22:37 - 00000017 _____ C:\Windows\System32\shortcut_ex.dat
2013-09-12 19:07 - 2013-09-12 19:07 - 00000000 ____D C:\Program Files\Microsoft LifeChat
2013-09-11 04:03 - 2013-01-27 14:07 - 00000000 ____D C:\Program Files\Microsoft Application Virtualization Client
2013-09-11 04:02 - 2013-06-06 19:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 03:50 - 2013-07-25 22:16 - 00000000 ____D C:\Windows\System32\MRT
2013-09-11 03:49 - 2013-02-13 09:56 - 76725432 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-09-10 18:42 - 2013-02-12 11:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-09-10 18:42 - 2013-02-12 11:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-09-07 12:15 - 2013-05-18 14:17 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Adobe
2013-09-06 21:17 - 2013-01-16 14:06 - 00000000 ____D C:\Users\Pedro\My Movies
2013-09-06 21:14 - 2013-02-22 01:13 - 00000000 ____D C:\Users\Pedro\Downloads\Fight Club 1999 BRrip 720p x264 [Herakler]
2013-09-05 13:10 - 2013-05-18 14:17 - 00000000 ____D C:\Users\Pedro\AppData\Local\Adobe
2013-09-04 17:30 - 2013-06-28 23:54 - 00000000 ____D C:\Users\Pedro\Downloads\Dancer In The Dark
2013-09-04 16:18 - 2013-01-12 11:30 - 00000000 ____D C:\Program Files\Last.fm
2013-09-04 15:56 - 2013-09-04 15:55 - 14916216 _____ (Last.fm ) C:\Users\Pedro\Downloads\Last.fm-2.1.36.exe
2013-09-04 15:54 - 2013-08-10 14:28 - 00000000 ____D C:\Program Files\SC4DatPacker 2008
2013-08-31 23:03 - 2013-08-31 23:03 - 00000000 ____D C:\ProgramData\FLEXnet
2013-08-31 22:54 - 2013-05-18 14:18 - 00000000 ____D C:\ProgramData\Adobe
2013-08-31 22:53 - 2013-08-31 22:53 - 00000000 ____D C:\Program Files\Bonjour
2013-08-31 22:53 - 2013-05-17 19:50 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-31 22:30 - 2013-08-31 22:30 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
Some content of TEMP:
====================
C:\Users\Pedro\AppData\Local\Temp\.gbas.dll
C:\Users\Pedro\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Pedro\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pedro\AppData\Local\Temp\vs.exe
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
9
Restore point made on: 2013-09-04 09:42:56
Restore point made on: 2013-09-10 17:37:26
Restore point made on: 2013-09-11 03:49:22
Restore point made on: 2013-09-17 15:35:57
Restore point made on: 2013-09-17 16:00:57
Restore point made on: 2013-09-17 16:04:55
Restore point made on: 2013-09-19 22:00:41
Restore point made on: 2013-09-23 12:34:27
Restore point made on: 2013-09-28 11:25:53
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 1788.13 MB
Available physical RAM: 1377.94 MB
Total Pagefile: 1788.13 MB
Available Pagefile: 1381.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:280.52 GB) (Free:142.56 GB) NTFS
Drive e: (SAMSUNG_REC) (Fixed) (Total:17.47 GB) (Free:0.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Fixed) (Total:14.89 GB) (Free:14.89 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 941E757C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=27)
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: FF6323B6)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
LastRegBack: 2013-07-29 07:16
==================== End Of Log ============================
via Bleeping Computer Last 20 Posts http://www.bleepingcomputer.com/forums/t/509271/antivirus-security-pro-wont-let-me-boot-into-safe-mode/
Aucun commentaire:
Enregistrer un commentaire