Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HKLM Group Policy restriction on software "Attention"


  • This topic is locked This topic is locked
3 replies to this topic

#1 Clade

Clade

  • Members
  • 183 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 AM

Posted 26 April 2014 - 02:14 PM

Good afternoon! 
 
We're not sure if this is the right topic to post this area, we believe our equipment is not infected. 
 
With the aim of curiosity yesterday, used the FRST 64 to check on our equipment and we can see through the log, the registry, areas that require attention, specifically in the area HKLM Group Policy restriction on software. 
 
Equipment operating normally. . . Previously we used the most different software (Combofix, Adwcleaner ...) and commands (sfc / scannow, chkdsk c: ...) to see if we could fix this situation. . . What did not occur. 
 
Given the above we would appreciate knowing which one (s) to (s) implication (s) of "attention" in the Goup Policy restriction, since I'm not understand the purpose OS? 
 
Besides Fixlist the FRST, no other way to correct this situation? 
 
No need this fix? 
 
Thanks for your attention! 
 
FRST 64 log:
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 01
Ran by Dell (administrator) on DELL-PC on 26-04-2014 15:33:47
Running from C:\Users\Dell\Desktop
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\PROGRAM FILES (X86)\EASEUS\TODO BACKUP\BIN\TRAYNOTIFY.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Dell\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\synaptics\syntp\syntpenh.exe [3011312 2014-01-24] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\wlandecrypt.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Run: [WinPatrol] => c:\program files (x86)\billp studios\winpatrol\winpatrol.exe [429120 2014-01-23] (BillP Studios)
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk
ShortcutTarget: Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {2AD4F022-665A-4B7A-BD62-EAE068247EBB} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{DD5529F5-1F46-4AC6-9407-30603A3DB7DD}: [NameServer]156.154.70.22,156.154.71.22
 
FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default
FF NewTab: www.google.com.br
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: LastPass - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\support@lastpass.com [2014-02-28]
FF Extension: Forecastfox - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-03-01]
FF Extension: Qualys BrowserCheck - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-01-25]
FF Extension: Ghostery - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\firefox@ghostery.com.xpi [2013-09-16]
FF Extension: Webmail Ad Blocker - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\gmailnoads@mywebber.com.xpi [2013-09-16]
FF Extension: Self-Destructing Cookies - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-09-16]
FF Extension: Lightbeam - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-26]
FF Extension: YSlow - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\yslow@yahoo-inc.com.xpi [2013-09-16]
FF Extension: Adblock Plus - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-16]
FF Extension: User Agent Switcher - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-09-16]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-01-16]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com.br/
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Módulo de Proteção - Caixa Economica Federal) - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CHR Plugin: (Google Update) - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Extension: (Google Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-07-11]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2013-07-11]
CHR Extension: (WOT) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-07-11]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2013-07-11]
CHR Extension: (Adblock Plus) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-26]
CHR Extension: (better Browser - for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cokcmhdapcendeddejjpicpdmngcnhca [2013-10-22]
CHR Extension: (eCorreios - Rastreamentos dos Correios) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\delefjilcjidbcnnfkcebjphcfbokpfb [2013-07-11]
CHR Extension: (Tampermonkey) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-07-11]
CHR Extension: (MaskMe) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2013-09-11]
CHR Extension: (Chromebleed) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-17]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-25]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-07-11]
CHR Extension: (Spotflux Lite) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl [2014-01-31]
CHR Extension: (SiteAdvisor) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-08]
CHR Extension: (Avira Browser Safety) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-09]
CHR Extension: (Click&Clean) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-03-01]
CHR Extension: (AdBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-26]
CHR Extension: (FlashBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-24]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2013-07-11]
CHR Extension: (Unsocialize: The Link Unsocializer) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdogcpghhdcocgdjogbglgejhdeedijn [2013-07-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-26]
CHR Extension: (Cool Relógio) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2014-01-12]
CHR Extension: (instant translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2013-07-11]
CHR Extension: (View Thru) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkncfnbcgbclefkbknfdbngiegdppgdd [2013-07-11]
CHR Extension: (Conversor de PDF para Word) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe [2013-07-11]
CHR Extension: (Motorola Connect) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigmoblgooahdmdibodmcnffgnejlndh [2014-02-08]
CHR Extension: (Skype Click to Call) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-08]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-07-11]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-07-11]
CHR Extension: (Google Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-10-30]
CHR Extension: (Rolagem rápida do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-10-23]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-04-26]
CHR Extension: (Quebrador de Links) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla [2013-07-11]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-03-02]
CHR Extension: (AVG PrivacyFix) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni [2013-07-11]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
 
==================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [135168 2011-02-16] (Atheros)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2013-03-26] (Fork Ltd.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-04-23] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-19] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-26] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [409720 2013-06-28] ()
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-04-22] (Atheros)
S4 a2AntiMalware; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
S3 a2acc; No ImagePath
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-04-07] (Emsisoft GmbH)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-03-17] (Glarysoft Ltd)
S3 catchme; No ImagePath
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-04-07] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
S3 cpuz132; No ImagePath
S3 Delldiag; No ImagePath
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 esgiguard; No ImagePath
S3 EUBAKUP0; No ImagePath
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] ()
S3 EUBKMON0; C:\Windows\system32\drivers\EUBKMON0.sys [48200 2013-09-04] ()
S3 EUFDDISK0; No ImagePath
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-04-19] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-24] (Intel Corporation)
S3 MFE_RR; No ImagePath
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-03-13] (Greatis Software)
S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Resplendence Software Projects Sp.)
S3 SANDRA; No ImagePath
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-08-01] ()
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [38664 2013-04-29] (Spotflux, Inc)
U2 SR; 
U2 srservice; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-04-26 15:33 - 2014-04-26 15:34 - 00049414 _____ () C:\Users\Dell\Desktop\FRST.txt
2014-04-26 15:28 - 2014-04-26 15:28 - 00030912 _____ () C:\Users\Dell\Desktop\dds.txt
2014-04-26 15:28 - 2014-04-26 15:28 - 00009318 _____ () C:\Users\Dell\Desktop\attach.txt
2014-04-26 15:21 - 2014-04-26 15:21 - 00688992 ____R (Swearware) C:\Users\Dell\Downloads\dds.com
2014-04-26 12:39 - 2014-04-26 12:39 - 00005988 _____ () C:\Windows\PFRO.log
2014-04-26 12:39 - 2014-04-26 12:39 - 00000056 _____ () C:\Windows\setupact.log
2014-04-26 12:39 - 2014-04-26 12:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-26 12:38 - 2014-04-26 12:38 - 00003560 ____N () C:\bootsqm.dat
2014-04-26 12:38 - 2014-04-26 12:38 - 00000000 _____ () C:\asc_rdflag
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:01 - 2014-04-26 05:05 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:52 - 2014-04-26 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 04:51 - 2014-04-26 04:52 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-26 04:46 - 2014-04-26 04:47 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-26 04:28 - 2014-04-26 04:28 - 01365865 _____ () C:\Users\Dell\Downloads\AdwCleaner (1).exe
2014-04-25 23:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-25 23:01 - 2014-04-25 23:18 - 00000000 ____D () C:\AdwCleaner
2014-04-25 23:00 - 2014-04-25 22:59 - 01365865 _____ () C:\Users\Dell\Desktop\AdwCleaner.exe
2014-04-25 22:57 - 2014-04-26 05:06 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-25 22:52 - 2014-04-25 22:59 - 01365865 _____ () C:\Users\Dell\Downloads\AdwCleaner.exe
2014-04-25 22:46 - 2014-04-25 22:45 - 02061824 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2014-04-25 22:27 - 2014-04-25 22:27 - 00042865 _____ () C:\ComboFix.txt
2014-04-25 22:03 - 2014-04-25 22:27 - 00000000 ____D () C:\Combofix
2014-04-25 22:03 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-25 22:03 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-25 22:03 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-25 22:03 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-25 22:03 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-25 22:03 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-25 22:03 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-25 22:03 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-25 21:19 - 2014-04-25 22:27 - 00000000 ____D () C:\Qoobox
2014-04-25 20:46 - 2014-04-25 21:05 - 01069776 _____ (Solid State Networks) C:\Users\Dell\Downloads\install_flashplayer13x32_mssd_aaa_aih.exe
2014-04-25 17:34 - 2014-04-25 17:34 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck (1).zip
2014-04-25 11:24 - 2014-04-26 15:33 - 00000000 ____D () C:\FRST
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:09 - 2014-04-13 23:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 11:09 - 2014-04-13 23:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-25 11:01 - 2014-04-25 11:02 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 15:44 - 2014-04-23 15:45 - 00002716 _____ () C:\Users\Dell\Desktop\FSS.txt
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:41 - 2014-04-23 00:45 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:56 - 2014-04-22 16:59 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 09:57 - 2014-04-22 10:04 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 09:56 - 2014-04-22 10:03 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 21:59 - 2014-04-21 22:00 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 21:31 - 2014-04-21 21:31 - 01016261 _____ (Thisisu) C:\Users\Dell\Downloads\JRT (1).exe
2014-04-21 19:19 - 2014-04-21 19:19 - 05196870 ____R (Swearware) C:\Users\Dell\Desktop\Combofix.exe
2014-04-21 19:18 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:17 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 18:54 - 2014-04-21 19:04 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:10 - 2014-04-21 13:11 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-20 19:37 - 2014-04-21 01:04 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 16:50 - 2014-04-20 17:39 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:07 - 2014-04-18 15:08 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:47 - 2014-04-18 10:58 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 08:28 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 08:28 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 08:28 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 08:26 - 2014-04-18 08:28 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-17 15:45 - 2014-04-17 15:45 - 00000000 ____D () C:\Users\Dell\Desktop\Sygic
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 15:31 - 2014-04-16 15:32 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:16 - 2014-04-16 15:17 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:37 - 2014-04-22 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-15 19:28 - 2014-04-15 19:31 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:27 - 2014-04-15 19:30 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 15:04 - 2014-04-15 15:04 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-15 07:38 - 2014-04-15 07:38 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 21:54 - 2014-04-14 22:20 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:19 - 2014-04-14 19:32 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:01 - 2014-04-14 11:02 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:02 - 2014-04-14 07:12 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00002188 _____ () C:\Users\Public\Desktop\Receitanet 1.04 .lnk
2014-04-14 07:01 - 2014-04-14 07:01 - 00002188 _____ () C:\ProgramData\Desktop\Receitanet 1.04 .lnk
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:00 - 2014-04-14 07:00 - 00001731 _____ () C:\Users\Dell\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 06:50 - 2014-04-14 06:51 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:50 - 2014-04-14 06:51 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:38 - 2014-04-13 16:39 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:14 - 2014-04-12 22:14 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 22:14 - 2014-04-12 22:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:51 - 2014-04-12 09:52 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
2014-04-11 22:18 - 2014-04-12 09:14 - 00022302 _____ () C:\Users\Dell\Downloads\Result.txt
2014-04-11 22:15 - 2014-04-11 22:15 - 00982016 _____ (Farbar) C:\Users\Dell\Downloads\MiniToolBox.exe
2014-04-11 17:09 - 2014-04-11 17:09 - 00000710 _____ () C:\Users\Dell\Documents\Comodo - após desinstalação se houver probleamas.txt
2014-04-11 15:14 - 2014-04-11 15:14 - 00589000 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2014-04-11 15:13 - 2014-04-11 15:13 - 03868160 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-11 15:03 - 2014-04-11 15:03 - 00002854 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Dell)
2014-04-11 13:17 - 2014-04-11 13:17 - 00000040 _____ () C:\Users\Dell\Documents\Driver Booster Keys.txt
2014-04-11 12:54 - 2014-02-03 23:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-11 12:54 - 2014-02-03 23:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-11 12:54 - 2014-02-03 23:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-11 12:54 - 2014-02-03 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-11 12:54 - 2014-02-03 23:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-11 12:51 - 2014-03-04 06:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-11 12:51 - 2014-03-04 06:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-11 12:51 - 2014-03-04 06:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-11 12:51 - 2014-03-04 06:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-11 12:51 - 2014-03-04 05:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-11 12:51 - 2014-03-04 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-11 12:51 - 2014-01-23 23:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-11 10:12 - 2014-04-11 10:12 - 05070944 _____ (Emsi Software GmbH ) C:\Users\Dell\Downloads\Proteção zero day MamutuSetup.exe
2014-04-11 09:56 - 2014-04-11 09:57 - 03749640 _____ (PWI, Inc. ) C:\Users\Dell\Downloads\privatefirewall.exe
2014-04-11 09:47 - 2014-04-11 09:48 - 11278928 _____ (COMODO) C:\Users\Dell\Downloads\Comodo limpar software CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe
2014-04-11 09:34 - 2014-04-11 09:34 - 00178683 _____ () C:\Users\Dell\Downloads\CCEnhancer-3.9-Multilanguage.zip
2014-04-10 20:05 - 2014-04-10 20:06 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267.msi
2014-04-10 16:54 - 2014-04-10 16:54 - 00002966 _____ () C:\Users\Dell\Documents\Limpeza a base produtos caseiros.txt
2014-04-10 11:18 - 2014-04-16 15:21 - 00003007 _____ () C:\Users\Dell\Documents\Sygic - tutorial instalação.txt
2014-04-10 10:34 - 2014-04-10 10:41 - 12648749 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.apk
2014-04-10 10:33 - 2014-04-10 10:52 - 221646397 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.zip
2014-04-10 10:33 - 2014-04-10 10:33 - 00664417 _____ () C:\Users\Dell\Downloads\Sygic_MapDownloader_v1.4_(2014-03-13).zip
2014-04-10 10:12 - 2014-04-10 10:12 - 00000147 _____ () C:\Users\Dell\Documents\LG - assistência técnica. .Florianópolis .txt
2014-04-09 13:17 - 2014-04-09 13:17 - 02637388 _____ () C:\Users\Dell\Downloads\27d92b870986d9d44ee87db9cdb6b271.mp4
2014-04-09 12:41 - 2014-04-09 12:42 - 06126911 _____ () C:\Users\Dell\Downloads\Install_Win7_7080_03212014.zip
2014-04-09 11:51 - 2014-04-26 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-09 11:50 - 2014-04-22 10:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-09 11:47 - 2014-04-09 11:47 - 00921000 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u51.exe
2014-04-09 11:45 - 2014-04-09 11:45 - 00405504 _____ () C:\Users\Dell\Downloads\intel_srldetect_4.5.13.0.msi
2014-04-09 11:28 - 2014-04-09 11:29 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-04-07 21:39 - 2014-04-07 21:39 - 00307712 _____ (FileHippo.com) C:\Users\Dell\Downloads\UpdateChecker.exe
2014-04-07 19:13 - 2014-04-07 19:14 - 106403600 ____N (Microsoft Corporation) C:\Users\Dell\Downloads\Microsoft Sec Essentials cada 10 dias 64 bits msert.exe
2014-04-07 17:37 - 2014-04-07 17:37 - 00000038 _____ () C:\Users\Dell\Documents\Bleeping acesso.txt
2014-04-07 09:07 - 2014-04-07 09:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-07 09:07 - 2014-04-07 09:07 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-04-07 08:33 - 2014-04-07 08:33 - 00000553 _____ () C:\Users\Dell\Desktop\Emsisoft Emergency Kit.lnk
2014-04-06 17:15 - 2014-04-06 17:15 - 01016261 _____ (Thisisu) C:\Users\Dell\Downloads\JRT.exe
2014-04-04 10:07 - 2014-04-25 22:45 - 02061824 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-04-03 00:23 - 2014-04-03 00:27 - 00000000 ____D () C:\Windows\system32\config\RRBackups
2014-04-03 00:04 - 2014-04-03 00:04 - 00184745 _____ () C:\Users\Dell\Documents\GMER log complete.log
2014-04-02 21:52 - 2014-04-02 21:53 - 00087360 _____ () C:\Users\Dell\Downloads\gmer.wmv
2014-04-02 14:27 - 2014-04-02 14:28 - 01472131 _____ () C:\Users\Dell\Downloads\vba32arkit.zip
2014-04-02 13:31 - 2014-04-03 17:54 - 00005297 _____ () C:\Users\Dell\Documents\Sal grosso.txt
2014-04-02 12:37 - 2014-04-02 12:37 - 00006759 _____ () C:\Users\Dell\Downloads\gmer.log
2014-04-02 10:22 - 2014-04-02 10:22 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dell\Downloads\mbar-1.07.0.1009.exe
2014-04-02 09:01 - 2014-04-02 09:01 - 18517048 _____ (SUPERAntiSpyware) C:\Users\Dell\Downloads\SUPERAntiSpywarePro.exe
2014-04-02 08:24 - 2014-04-02 08:26 - 134103416 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_02_13_56.exe
2014-04-02 07:34 - 2014-04-01 03:54 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\12778157.sys
2014-04-02 07:16 - 2014-04-26 12:38 - 72810496 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-02 07:16 - 2014-04-26 12:38 - 00311296 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-02 07:16 - 2014-04-26 12:38 - 00053248 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-02 07:16 - 2014-04-26 12:38 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-02 00:39 - 2014-04-02 00:39 - 10971424 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\HitmanPro_x64.exe
2014-04-02 00:37 - 2014-04-02 00:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-01 23:53 - 2014-04-01 23:54 - 10094400 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\HitmanPro.exe
2014-03-31 21:45 - 2014-04-01 03:54 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\52972590.sys
2014-03-31 10:52 - 2014-03-31 10:52 - 05192353 _____ (Swearware) C:\Users\Dell\Downloads\ComboFix.exe
2014-03-31 09:42 - 2014-03-31 09:42 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill.exe
2014-03-31 07:39 - 2014-03-31 07:40 - 03224200 _____ (WiseCleaner.com ) C:\Users\Dell\Downloads\WRCFree.exe
2014-03-30 21:12 - 2014-04-02 06:18 - 00000000 ____D () C:\ProgramData\RegistryReviver.exe
2014-03-30 20:28 - 2014-03-30 20:28 - 00001022 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk
2014-03-30 20:28 - 2014-03-30 20:28 - 00001022 _____ () C:\ProgramData\Desktop\Registry Reviver.lnk
2014-03-30 20:28 - 2014-03-30 20:28 - 00000000 ____D () C:\ProgramData\ReviverSoft
2014-03-30 20:28 - 2014-03-30 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2014-03-30 20:28 - 2014-03-30 20:28 - 00000000 ____D () C:\Program Files\ReviverSoft
2014-03-30 18:52 - 2014-03-30 18:52 - 00000000 ____D () C:\Users\Dell\Downloads\Registry.Reviver.3.0.1.142
2014-03-30 18:50 - 2014-04-21 10:56 - 00000000 ____D () C:\Users\Dell\Downloads\Systweak RegClean Pro v6.21.65.2364 With Key [h33t][iahq76]
2014-03-30 18:40 - 2014-03-30 18:40 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-30 18:39 - 2014-04-03 08:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-30 18:39 - 2014-04-03 07:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-30 18:35 - 2014-03-30 18:36 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.2.exe
2014-03-30 13:54 - 2014-03-30 13:54 - 07195272 _____ (Goversoft LLC) C:\Users\Dell\Downloads\privazer_free.exe
2014-03-30 09:23 - 2014-03-30 09:23 - 00001073 _____ () C:\Users\Dell\Desktop\DllSuite.lnk
2014-03-30 09:23 - 2014-03-30 09:23 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014
2014-03-30 09:23 - 2014-03-30 09:23 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-03-28 16:55 - 2014-03-28 16:56 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2014-03-28 06:59 - 2014-03-29 10:32 - 00003036 _____ () C:\Windows\System32\Tasks\AnVir Task Manager
2014-03-28 06:59 - 2014-03-28 21:50 - 00000000 ____D () C:\Program Files (x86)\AnVir Task Manager Pro
2014-03-28 06:59 - 2014-03-28 06:59 - 00001077 _____ () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Pro.lnk
2014-03-28 06:59 - 2014-03-28 06:59 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Pro
2014-03-28 06:59 - 2014-03-28 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Pro
2014-03-27 10:14 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
 
==================== One Month Modified Files and Folders =======
 
2014-04-26 15:34 - 2014-04-26 15:33 - 00049414 _____ () C:\Users\Dell\Desktop\FRST.txt
2014-04-26 15:33 - 2014-04-25 11:24 - 00000000 ____D () C:\FRST
2014-04-26 15:29 - 2013-03-05 19:11 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-04-26 15:28 - 2014-04-26 15:28 - 00030912 _____ () C:\Users\Dell\Desktop\dds.txt
2014-04-26 15:28 - 2014-04-26 15:28 - 00009318 _____ () C:\Users\Dell\Desktop\attach.txt
2014-04-26 15:21 - 2014-04-26 15:21 - 00688992 ____R (Swearware) C:\Users\Dell\Downloads\dds.com
2014-04-26 15:16 - 2013-07-11 18:05 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 15:05 - 2013-10-15 12:19 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 14:41 - 2013-04-10 23:23 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-04-26 13:13 - 2014-04-26 04:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 12:49 - 2013-05-25 20:37 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-04-26 12:49 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 12:49 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 12:43 - 2013-12-06 08:47 - 00000000 ____D () C:\Users\Dell\AppData\Local\CrashDumps
2014-04-26 12:42 - 2013-12-01 13:17 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Wise Care 365
2014-04-26 12:40 - 2013-07-11 18:05 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 12:40 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 12:39 - 2014-04-26 12:39 - 00005988 _____ () C:\Windows\PFRO.log
2014-04-26 12:39 - 2014-04-26 12:39 - 00000056 _____ () C:\Windows\setupact.log
2014-04-26 12:39 - 2014-04-26 12:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-26 12:38 - 2014-04-26 12:38 - 00003560 ____N () C:\bootsqm.dat
2014-04-26 12:38 - 2014-04-26 12:38 - 00000000 _____ () C:\asc_rdflag
2014-04-26 12:38 - 2014-04-02 07:16 - 72810496 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00311296 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00053248 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-26 12:38 - 2013-02-22 09:47 - 00000000 ____D () C:\Users\Dell
2014-04-26 10:30 - 2014-04-09 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-26 10:29 - 2013-11-18 11:26 - 00000000 ____D () C:\Windows\CryptoGuard
2014-04-26 10:23 - 2013-09-09 13:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 08:40 - 2014-01-12 09:44 - 00000000 ____D () C:\Users\Dell\AppData\Local\Adobe
2014-04-26 05:06 - 2014-04-25 22:57 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-26 05:05 - 2014-04-26 05:01 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 05:01 - 2013-08-06 01:05 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-26 04:52 - 2014-04-26 04:51 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Malwarebytes
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:47 - 2014-04-26 04:46 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-26 04:28 - 2014-04-26 04:28 - 01365865 _____ () C:\Users\Dell\Downloads\AdwCleaner (1).exe
2014-04-25 23:18 - 2014-04-25 23:01 - 00000000 ____D () C:\AdwCleaner
2014-04-25 22:59 - 2014-04-25 23:00 - 01365865 _____ () C:\Users\Dell\Desktop\AdwCleaner.exe
2014-04-25 22:59 - 2014-04-25 22:52 - 01365865 _____ () C:\Users\Dell\Downloads\AdwCleaner.exe
2014-04-25 22:45 - 2014-04-25 22:46 - 02061824 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2014-04-25 22:45 - 2014-04-04 10:07 - 02061824 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-04-25 22:29 - 2013-03-05 09:43 - 00000000 ____D () C:\Users\Dell\AppData\Local\Apps\2.0
2014-04-25 22:27 - 2014-04-25 22:27 - 00042865 _____ () C:\ComboFix.txt
2014-04-25 22:27 - 2014-04-25 22:03 - 00000000 ____D () C:\Combofix
2014-04-25 22:27 - 2014-04-25 21:19 - 00000000 ____D () C:\Qoobox
2014-04-25 22:25 - 2009-07-13 23:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-25 21:18 - 2013-07-09 18:10 - 00000000 ____D () C:\Windows\erdnt
2014-04-25 21:05 - 2014-04-25 20:46 - 01069776 _____ (Solid State Networks) C:\Users\Dell\Downloads\install_flashplayer13x32_mssd_aaa_aih.exe
2014-04-25 21:03 - 2013-04-01 20:19 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Skype
2014-04-25 17:34 - 2014-04-25 17:34 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck (1).zip
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:07 - 2014-03-06 23:53 - 00299712 _____ (Sysinternals - www.sysinternals.com) C:\Users\Dell\Desktop\sigcheck.exe
2014-04-25 11:02 - 2014-04-25 11:01 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-25 09:21 - 2013-03-15 10:32 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-04-25 09:17 - 2013-11-30 00:06 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\DiskDefrag
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 15:48 - 2013-04-02 21:26 - 02230658 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-23 15:45 - 2014-04-23 15:44 - 00002716 _____ () C:\Users\Dell\Desktop\FSS.txt
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:22 - 2013-11-05 18:48 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
2014-04-23 13:22 - 2013-11-05 18:48 - 00000000 ____D () C:\ProgramData\Documents\regruninfo
2014-04-23 13:22 - 2013-07-09 12:52 - 00000000 ____D () C:\Users\Dell\Documents\Limpeza Casas - Margarete Grancoski_files
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:45 - 2014-04-23 00:41 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:59 - 2014-04-22 16:56 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 15:14 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 10:36 - 2014-03-22 02:14 - 00000000 ____D () C:\Program Files\Java
2014-04-22 10:34 - 2014-04-09 11:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 10:24 - 2014-04-15 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-22 10:04 - 2014-04-22 09:57 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 10:03 - 2014-04-22 09:56 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 22:00 - 2014-04-21 21:59 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 21:31 - 2014-04-21 21:31 - 01016261 _____ (Thisisu) C:\Users\Dell\Downloads\JRT (1).exe
2014-04-21 19:19 - 2014-04-21 19:19 - 05196870 ____R (Swearware) C:\Users\Dell\Desktop\Combofix.exe
2014-04-21 19:19 - 2014-04-21 19:18 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:19 - 2014-04-21 19:17 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 19:04 - 2014-04-21 18:54 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:11 - 2014-04-21 13:10 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:56 - 2014-03-30 18:50 - 00000000 ____D () C:\Users\Dell\Downloads\Systweak RegClean Pro v6.21.65.2364 With Key [h33t][iahq76]
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-21 01:04 - 2014-04-20 19:37 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 22:21 - 2014-03-25 15:02 - 00000000 ____D () C:\Users\Dell\AppData\Local\AnVir
2014-04-20 19:28 - 2013-09-09 11:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 17:39 - 2014-04-20 16:50 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-20 14:00 - 2013-12-01 13:19 - 00000400 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-04-20 09:04 - 2013-02-22 05:39 - 00707498 _____ () C:\Windows\system32\prfh0416.dat
2014-04-20 09:04 - 2013-02-22 05:39 - 00148578 _____ () C:\Windows\system32\prfc0416.dat
2014-04-20 09:04 - 2009-07-14 02:13 - 01640864 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 22:30 - 2013-03-26 09:22 - 00417792 ___SH () C:\EUMONBMP.SYS
2014-04-19 20:57 - 2013-08-18 17:27 - 00000286 __RSH () C:\Users\Dell\ntuser.pol
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 18:12 - 2014-01-17 05:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:19 - 2013-12-19 06:30 - 00000000 ____D () C:\ProgramData\RegRun
2014-04-18 15:19 - 2013-11-05 18:48 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 15:08 - 2014-04-18 15:07 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:58 - 2014-04-18 10:47 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-18 08:26 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\ProgramData\Desktop\COMODO Internet Security.lnk
2014-04-17 15:45 - 2014-04-17 15:45 - 00000000 ____D () C:\Users\Dell\Desktop\Sygic
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 18:12 - 2014-03-05 12:54 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-04-16 15:32 - 2014-04-16 15:31 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:21 - 2014-04-10 11:18 - 00003007 _____ () C:\Users\Dell\Documents\Sygic - tutorial instalação.txt
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:17 - 2014-04-16 15:16 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 11:03 - 2013-04-01 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:31 - 2014-04-15 19:28 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:30 - 2014-04-15 19:27 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 15:04 - 2014-04-15 15:04 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-15 07:38 - 2014-04-15 07:38 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 22:20 - 2014-04-14 21:54 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 20:13 - 2014-04-18 08:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 08:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 08:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 08:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 19:32 - 2014-04-14 12:19 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:02 - 2014-04-14 11:01 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:12 - 2014-04-14 07:02 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00002188 _____ () C:\Users\Public\Desktop\Receitanet 1.04 .lnk
2014-04-14 07:01 - 2014-04-14 07:01 - 00002188 _____ () C:\ProgramData\Desktop\Receitanet 1.04 .lnk
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:01 - 2013-04-18 12:24 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2014-04-14 07:00 - 2014-04-14 07:00 - 00001731 _____ () C:\Users\Dell\Desktop\IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 07:00 - 2013-04-18 12:25 - 00000000 ____D () C:\Arquivos de Programas RFB
2014-04-14 06:51 - 2014-04-14 06:50 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:51 - 2014-04-14 06:50 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 23:24 - 2014-04-25 11:09 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-13 23:19 - 2014-04-25 11:09 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 19:45 - 2014-02-09 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:39 - 2014-04-13 16:38 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:16 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 22:14 - 2014-04-12 22:14 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 22:14 - 2014-04-12 22:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:52 - 2014-04-12 09:51 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
2014-04-12 09:14 - 2014-04-11 22:18 - 00022302 _____ () C:\Users\Dell\Downloads\Result.txt
2014-04-11 22:15 - 2014-04-11 22:15 - 00982016 _____ (Farbar) C:\Users\Dell\Downloads\MiniToolBox.exe
2014-04-11 17:09 - 2014-04-11 17:09 - 00000710 _____ () C:\Users\Dell\Documents\Comodo - após desinstalação se houver probleamas.txt
2014-04-11 15:15 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-11 15:14 - 2014-04-11 15:14 - 00589000 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2014-04-11 15:13 - 2014-04-11 15:13 - 03868160 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-11 15:10 - 2013-02-22 10:28 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-11 15:03 - 2014-04-11 15:03 - 00002854 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Dell)
2014-04-11 15:03 - 2013-12-13 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-04-11 13:17 - 2014-04-11 13:17 - 00000040 _____ () C:\Users\Dell\Documents\Driver Booster Keys.txt
2014-04-11 13:09 - 2013-07-17 10:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 12:57 - 2013-03-05 17:29 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-11 10:12 - 2014-04-11 10:12 - 05070944 _____ (Emsi Software GmbH ) C:\Users\Dell\Downloads\Proteção zero day MamutuSetup.exe
2014-04-11 09:57 - 2014-04-11 09:56 - 03749640 _____ (PWI, Inc. ) C:\Users\Dell\Downloads\privatefirewall.exe
2014-04-11 09:48 - 2014-04-11 09:47 - 11278928 _____ (COMODO) C:\Users\Dell\Downloads\Comodo limpar software CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe
2014-04-11 09:34 - 2014-04-11 09:34 - 00178683 _____ () C:\Users\Dell\Downloads\CCEnhancer-3.9-Multilanguage.zip
2014-04-10 20:06 - 2014-04-10 20:05 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267.msi
2014-04-10 16:54 - 2014-04-10 16:54 - 00002966 _____ () C:\Users\Dell\Documents\Limpeza a base produtos caseiros.txt
2014-04-10 10:52 - 2014-04-10 10:33 - 221646397 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.zip
2014-04-10 10:41 - 2014-04-10 10:34 - 12648749 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.apk
2014-04-10 10:33 - 2014-04-10 10:33 - 00664417 _____ () C:\Users\Dell\Downloads\Sygic_MapDownloader_v1.4_(2014-03-13).zip
2014-04-10 10:12 - 2014-04-10 10:12 - 00000147 _____ () C:\Users\Dell\Documents\LG - assistência técnica. .Florianópolis .txt
2014-04-09 13:21 - 2013-11-09 11:47 - 00000000 ____D () C:\ProgramData\Auslogics
2014-04-09 13:18 - 2013-08-10 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-04-09 13:18 - 2013-03-05 19:20 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-04-09 13:17 - 2014-04-09 13:17 - 02637388 _____ () C:\Users\Dell\Downloads\27d92b870986d9d44ee87db9cdb6b271.mp4
2014-04-09 13:06 - 2013-12-01 13:16 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-04-09 12:42 - 2014-04-09 12:41 - 06126911 _____ () C:\Users\Dell\Downloads\Install_Win7_7080_03212014.zip
2014-04-09 12:03 - 2013-03-24 00:03 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-04-09 11:53 - 2013-03-24 00:03 - 00000000 ____D () C:\Users\Dell\SystemRequirementsLab
2014-04-09 11:47 - 2014-04-09 11:47 - 00921000 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u51.exe
2014-04-09 11:45 - 2014-04-09 11:45 - 00405504 _____ () C:\Users\Dell\Downloads\intel_srldetect_4.5.13.0.msi
2014-04-09 11:37 - 2013-11-05 18:49 - 00000000 ____D () C:\Users\Dell\Documents\RegRun2
2014-04-09 11:31 - 2013-11-02 22:36 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-04-09 11:29 - 2014-04-09 11:28 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-04-07 21:57 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-07 21:39 - 2014-04-07 21:39 - 00307712 _____ (FileHippo.com) C:\Users\Dell\Downloads\UpdateChecker.exe
2014-04-07 19:14 - 2014-04-07 19:13 - 106403600 ____N (Microsoft Corporation) C:\Users\Dell\Downloads\Microsoft Sec Essentials cada 10 dias 64 bits msert.exe
2014-04-07 17:37 - 2014-04-07 17:37 - 00000038 _____ () C:\Users\Dell\Documents\Bleeping acesso.txt
2014-04-07 09:08 - 2013-11-03 12:57 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-07 09:07 - 2014-04-07 09:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-07 09:07 - 2014-04-07 09:07 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-04-07 08:33 - 2014-04-07 08:33 - 00000553 _____ () C:\Users\Dell\Desktop\Emsisoft Emergency Kit.lnk
2014-04-07 08:33 - 2013-09-13 20:42 - 00000000 ____D () C:\EEK
2014-04-06 17:15 - 2014-04-06 17:15 - 01016261 _____ (Thisisu) C:\Users\Dell\Downloads\JRT.exe
2014-04-03 17:54 - 2014-04-02 13:31 - 00005297 _____ () C:\Users\Dell\Documents\Sal grosso.txt
2014-04-03 09:51 - 2014-04-26 04:50 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2014-02-09 11:42 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2013-11-07 18:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 08:00 - 2014-03-30 18:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-03 07:58 - 2014-03-30 18:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-03 00:27 - 2014-04-03 00:23 - 00000000 ____D () C:\Windows\system32\config\RRBackups
2014-04-03 00:04 - 2014-04-03 00:04 - 00184745 _____ () C:\Users\Dell\Documents\GMER log complete.log
2014-04-02 21:53 - 2014-04-02 21:52 - 00087360 _____ () C:\Users\Dell\Downloads\gmer.wmv
2014-04-02 15:33 - 2014-03-13 17:24 - 00000328 _____ () C:\Windows\SysWOW64\Partizan.RRI
2014-04-02 14:28 - 2014-04-02 14:27 - 01472131 _____ () C:\Users\Dell\Downloads\vba32arkit.zip
2014-04-02 12:37 - 2014-04-02 12:37 - 00006759 _____ () C:\Users\Dell\Downloads\gmer.log
2014-04-02 10:22 - 2014-04-02 10:22 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Dell\Downloads\mbar-1.07.0.1009.exe
2014-04-02 09:01 - 2014-04-02 09:01 - 18517048 _____ (SUPERAntiSpyware) C:\Users\Dell\Downloads\SUPERAntiSpywarePro.exe
2014-04-02 08:26 - 2014-04-02 08:24 - 134103416 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_02_13_56.exe
2014-04-02 07:15 - 2009-07-13 23:34 - 72089600 _____ () C:\Windows\system32\config\SOFTWARE.bls.bak
2014-04-02 07:15 - 2009-07-13 23:34 - 25427968 _____ () C:\Windows\system32\config\SYSTEM.bls.bak
2014-04-02 07:15 - 2009-07-13 23:34 - 00032768 _____ () C:\Windows\system32\config\SECURITY.bls.bak
2014-04-02 06:55 - 2009-07-13 23:34 - 00364544 _____ () C:\Windows\system32\config\DEFAULT.bls.bak
2014-04-02 06:18 - 2014-03-30 21:12 - 00000000 ____D () C:\ProgramData\RegistryReviver.exe
2014-04-02 00:39 - 2014-04-02 00:39 - 10971424 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\HitmanPro_x64.exe
2014-04-02 00:39 - 2014-04-02 00:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-01 23:54 - 2014-04-01 23:53 - 10094400 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\HitmanPro.exe
2014-04-01 21:56 - 2009-07-13 23:34 - 00053248 _____ () C:\Windows\system32\config\SAM.bls.bak
2014-04-01 19:47 - 2014-03-12 09:02 - 00025222 _____ () C:\Users\Dell\Documents\Preço serviços - Be.ods
2014-04-01 16:44 - 2014-02-16 23:16 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\uTorrent
2014-04-01 03:54 - 2014-04-02 07:34 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\12778157.sys
2014-04-01 03:54 - 2014-03-31 21:45 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\52972590.sys
2014-03-31 19:40 - 2013-09-13 17:59 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-31 10:52 - 2014-03-31 10:52 - 05192353 _____ (Swearware) C:\Users\Dell\Downloads\ComboFix.exe
2014-03-31 09:42 - 2014-03-31 09:42 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill.exe
2014-03-31 07:40 - 2014-03-31 07:39 - 03224200 _____ (WiseCleaner.com ) C:\Users\Dell\Downloads\WRCFree.exe
2014-03-30 21:10 - 2013-08-04 14:32 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-30 20:28 - 2014-03-30 20:28 - 00001022 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk
2014-03-30 20:28 - 2014-03-30 20:28 - 00001022 _____ () C:\ProgramData\Desktop\Registry Reviver.lnk
2014-03-30 20:28 - 2014-03-30 20:28 - 00000000 ____D () C:\ProgramData\ReviverSoft
2014-03-30 20:28 - 2014-03-30 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2014-03-30 20:28 - 2014-03-30 20:28 - 00000000 ____D () C:\Program Files\ReviverSoft
2014-03-30 18:52 - 2014-03-30 18:52 - 00000000 ____D () C:\Users\Dell\Downloads\Registry.Reviver.3.0.1.142
2014-03-30 18:40 - 2014-03-30 18:40 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-30 18:36 - 2014-03-30 18:35 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.2.exe
2014-03-30 14:46 - 2013-09-16 19:41 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-03-30 14:46 - 2013-04-02 19:29 - 00000000 ____D () C:\Windows\pss
2014-03-30 13:54 - 2014-03-30 13:54 - 07195272 _____ (Goversoft LLC) C:\Users\Dell\Downloads\privazer_free.exe
2014-03-30 09:23 - 2014-03-30 09:23 - 00001073 _____ () C:\Users\Dell\Desktop\DllSuite.lnk
2014-03-30 09:23 - 2014-03-30 09:23 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014
2014-03-30 09:23 - 2014-03-30 09:23 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2014-03-30 03:29 - 2014-01-14 18:43 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-30 02:56 - 2014-03-20 17:38 - 00000000 ____D () C:\uninstall
2014-03-30 02:56 - 2014-03-18 22:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 20:29 - 2013-11-29 08:34 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2014-03-29 10:32 - 2014-03-28 06:59 - 00003036 _____ () C:\Windows\System32\Tasks\AnVir Task Manager
2014-03-28 21:50 - 2014-03-28 06:59 - 00000000 ____D () C:\Program Files (x86)\AnVir Task Manager Pro
2014-03-28 20:35 - 2014-01-26 22:53 - 00002884 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-03-28 20:35 - 2014-01-26 21:59 - 00003092 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-03-28 20:35 - 2013-11-09 20:47 - 00002848 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Dell
2014-03-28 20:34 - 2013-11-09 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-03-28 16:56 - 2014-03-28 16:55 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2014-03-28 06:59 - 2014-03-28 06:59 - 00001077 _____ () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Pro.lnk
2014-03-28 06:59 - 2014-03-28 06:59 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Pro
2014-03-28 06:59 - 2014-03-28 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Pro
 
Files to move or delete:
====================
C:\ProgramData\RegistryReviver.exe
 
 
Some content of TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\install_flashplayer13x32_mssd_aaa_aih (1).exe
C:\Users\Dell\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-03-05 10:38
 
==================== End Of Log ============================

Attached Files

  • Attached File  FRST.txt   114.89KB   2 downloads

Edited by Queen-Evie, 26 April 2014 - 02:50 PM.
moved from Windows 7 to MRL, which is the only forum FRST logs are allowed in


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:53 AM

Posted 26 April 2014 - 08:02 PM

Hi Clade,

 

Welcome to the forum.

 

There are various sources of Group Policy restrictions. In some cases malware uses them to enforce restriction on security programs and prevent them from functioning normally. In some cases those restrictions are set by the system administrators to prevent the users or the malware from doing harm. In your case it is the latter.

 

Those restrictions that we see on the log are set by your system administrator by using the following software that is downloaded about 8 days ego:

 

2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip

 

 

The purpose is preventing CryptoLocker Ransomeware from infecting your system.

 

You can read about the infection here: http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

 

Information about the sofware that you are using to prevent the infection is here: http://www.foolishit.com/vb6-projects/cryptoprevent/

 

In short, this is nothing to worry about as those restrictions are set to prevent the known malware files from running. You have already run many security software and don't need to run more.



#3 Clade

Clade
  • Topic Starter

  • Members
  • 183 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 AM

Posted 26 April 2014 - 08:39 PM

Hi Farbar!
 
We appreciate your timely response. . . Were enlightening their placements and thus, learn a little more. . . 
 
Indeed, recall that we installed this software (cryptoPrevent). . . 
 
You can close this post


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:53 AM

Posted 27 April 2014 - 04:44 AM

You are most welcome Clade. :)

 

You may delete FRST tool and its backup folder from C:\FRST.

 

This thread will now be closed since the issue seems to be resolved.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.

 

 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users