Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slowness at startup and slow opening folders (not responding)


  • This topic is locked This topic is locked
16 replies to this topic

#1 Clade

Clade

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 06 May 2014 - 08:25 AM

Good morning !
 
Equipment by submitting the following:
 
. 1 Previous boot was passed for 70 s 153 s ;
 
. 2 In the opening of folders is delayed and usually the message " not responding " .
 
OBS ;
 
We use the most different cleaning software ( Adwcleaner , TDSskiler , RKil , Eset scanner , Kaspersky Removal ... Combofix ) . The Combofix only works in safe mode . In normal mode, is in step 3 hours .
 
With 64 FRST initially used to identify possible " atention " . . . . We use the software on 3 opportunities and in all of them , even using the tools mentioned above , there was no change in the log Addition, where they appear in the "association Exe ( whitelisted ) ," 7 items requiring Attention .
 
Remember that we made use of NTREGOPT at the time that the equipment was working quickly and with the boot 70 s
 
Slowness at startup and slow opening folders : not responding
 
How we test the restore point and was not successful , we chose not to do it again ~ and rather seek help in this forum . . . as the learning objective .
 
I love the technology and the facilities they create in
 
Thanks for your attention.
 
1.DDS txt:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by Dell at 9:25:50 on 2014-05-06
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.55.1046.18.3494.1057 [GMT -3:00]
.
AV: COMODO Antivirus *Enabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\taskeng.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\system32\RunDll32.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Windows\SysWOW64\DllHost.exe
C:\PROGRAM FILES (X86)\EASEUS\TODO BACKUP\BIN\TRAYNOTIFY.EXE
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.br/
uProxyOverride = <local>;192.168.*.*
uSearchURL,(Default) = hxxp://www.oquefazernainternet.com/q/%s
mSearchAssistant = hxxp://www.oquefazernainternet.com/
mCustomizeSearch = hxxp://www.oquefazernainternet.com/
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [WinPatrol] c:\program files (x86)\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
StartupFolder: C:\Users\Dell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~2.LNK - C:\Windows\System32\RunDll32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:181
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
IE: Baixar com Mipony - <no file>
IE: LastPass - C:\Users\Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: Preenchimento de formulários LastPass - C:\Users\Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{260390F7-991C-4195-816D-9BA15A4ED484} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{302D15DD-297B-4CDA-A155-169E342FDE4F} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\05271696160246560224F6D6261637 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\05271696160246560224F6D6261637 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\75C414E4 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\75C414E4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DD5529F5-1F46-4AC6-9407-30603A3DB7DD} : NameServer = 156.154.70.22,156.154.71.22
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\synaptics\syntp\syntpenh.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:\Program Files\AdTrustMedia\PrivDog\1.9.0.22\trustedads.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - 
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
FF - plugin: C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
FF - plugin: C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll
FF - plugin: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
FF - ExtSQL: 2014-03-19 19:39; PrivDog@AdTrustMedia.com; C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\extensions\PrivDog@AdTrustMedia.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 31415875;31415875;C:\Windows\System32\drivers\31415875.sys [2014-5-5 460888]
R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-3-19 17600]
R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubakup.sys [2013-3-26 61000]
R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMON.sys [2013-3-26 48200]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-3-5 155272]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-6 652344]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-6 28216]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2013-9-13 26176]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2014-3-5 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2014-3-5 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2014-3-5 48360]
R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\eudskacs.sys [2013-3-26 18504]
R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFdDisk.sys [2013-3-26 189000]
R2 hmpalert;HitmanPro.Alert Support Driver;C:\Windows\System32\drivers\hmpalert.sys [2014-4-19 93144]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-3-8 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-3-8 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-3-8 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-3-8 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-3-8 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-3-8 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-3-8 281472]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2014-4-11 589000]
R3 IntcDAud;Áudio do vídeo Intel®;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-22 342528]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2013-5-25 222200]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2014-2-23 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2014-2-23 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgandnetndis64.sys [2014-2-23 93184]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-3-8 52352]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-8-15 1256192]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2013-3-20 6144]
S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2013-9-13 57024]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-8-17 17480]
S3 EUBKMON0;EUBKMON0;C:\Windows\System32\drivers\EUBKMON0.sys [2014-2-25 48200]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-8-17 9800]
.
=============== File Associations ===============
.
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-05-06 01:43:08 98816 ----a-w- C:\Windows\sed.exe
2014-05-06 01:43:08 256000 ----a-w- C:\Windows\PEV.exe
2014-05-06 01:43:08 208896 ----a-w- C:\Windows\MBR.exe
2014-05-06 01:42:48 -------- d-s---w- C:\ComboFix
2014-05-05 18:15:58 -------- d-----w- C:\AdwCleaner
2014-05-05 17:09:41 -------- d-----w- C:\FRST
2014-05-05 13:26:21 -------- d-----w- C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 12:02:41 460888 ----a-w- C:\Windows\System32\drivers\31415875.sys
2014-05-03 02:52:55 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-05-02 20:30:33 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-02 20:30:33 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-01 23:17:11 -------- d-----w- C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 22:41:51 -------- d-----w- C:\ProgramData\WRData
2014-04-30 15:15:46 -------- d-----w- C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 15:12:14 -------- d-----w- C:\Program Files (x86)\Secunia
2014-04-30 14:19:19 47632 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2014-04-30 14:18:46 -------- d-----w- C:\Windows\SysWow64\DASBOOT
2014-04-30 14:18:11 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-04-30 02:20:53 -------- d-----w- C:\Users\Dell\AppData\Roaming\ZHP
2014-04-29 15:05:27 17931952 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-04-28 18:20:37 -------- d-----w- C:\Program Files (x86)\SpeedFan
2014-04-27 22:08:53 -------- d-----w- C:\uninstall27732u
2014-04-27 03:35:26 -------- d-----w- C:\uninstall8094u
2014-04-26 07:52:16 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-26 07:50:44 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-04-26 07:50:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 02:06:42 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-04-26 01:57:09 -------- d-----w- C:\Users\Dell\.receitanet
2014-04-25 14:10:47 -------- d-s---w- C:\Windows\System32\CompatTel
2014-04-25 14:09:05 465408 ----a-w- C:\Windows\System32\aepdu.dll
2014-04-25 14:09:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-25 12:22:08 57096 ----a-w- C:\Windows\System32\certsentry.dll
2014-04-25 12:22:08 48392 ----a-w- C:\Windows\SysWow64\certsentry.dll
2014-04-20 22:37:13 460888 ----a-w- C:\Windows\System32\drivers\96123702.sys
2014-04-19 21:18:58 93144 ----a-w- C:\Windows\System32\drivers\hmpalert.sys
2014-04-19 21:18:58 548424 ----a-w- C:\Windows\System32\hmpalert.dll
2014-04-19 21:18:58 477008 ----a-w- C:\Windows\SysWow64\hmpalert.dll
2014-04-19 21:18:58 -------- d-----w- C:\Program Files (x86)\HitmanPro.Alert
2014-04-18 11:28:05 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-15 22:41:45 -------- d-----w- C:\Users\Dell\.jmc
2014-04-15 22:40:42 -------- d-----w- C:\Users\Dell\.eclipse
2014-04-15 20:58:46 -------- d-----w- C:\Users\Dell\AppData\Local\ElevatedDiagnostics
2014-04-14 14:37:55 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2014-04-14 14:04:35 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2014-04-14 10:01:01 -------- d-----w- C:\Program Files (x86)\Programas RFB
2014-04-13 15:28:36 -------- d-sh--w- C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 15:28:35 -------- d-sh--w- C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-11 18:14:59 589000 ----a-w- C:\Windows\System32\drivers\btfilter.sys
2014-04-11 18:13:58 3868160 ----a-w- C:\Windows\System32\drivers\athrx.sys
2014-04-11 18:10:27 901848 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-04-11 18:10:27 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-04-11 15:54:18 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-11 15:54:18 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-11 15:54:18 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-11 15:54:17 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-04-11 15:54:17 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-04-11 15:51:53 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-11 15:51:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-11 15:51:53 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-11 15:51:52 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-11 15:51:51 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-11 15:51:51 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-04-11 15:51:49 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-11 15:51:49 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-11 15:51:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-11 15:51:43 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-09 14:28:51 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-04-07 12:07:18 -------- d-----w- C:\Program Files (x86)\Foxit Software
.
==================== Find3M  ====================
.
2014-05-06 11:32:08 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2014-04-29 15:05:43 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 15:05:43 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-20 01:30:36 417792 --sha-w- C:\EUMONBMP.SYS
2014-04-16 21:12:56 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2014-04-16 21:12:55 738472 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2014-04-16 21:12:55 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2014-04-11 18:10:27 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-04-03 12:51:04 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-04-03 12:50:58 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-04-01 06:54:30 460888 ----a-w- C:\Windows\System32\drivers\52972590.sys
2014-04-01 06:54:30 460888 ----a-w- C:\Windows\System32\drivers\12778157.sys
2014-03-25 19:22:37 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2014-03-25 19:22:36 363504 ----a-w- C:\Windows\SysWow64\guard32.dll
2014-03-25 19:22:35 453680 ----a-w- C:\Windows\System32\guard64.dll
2014-03-25 19:22:29 352984 ----a-w- C:\Windows\System32\cmdvrt64.dll
2014-03-25 19:22:28 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll
2014-03-25 19:22:25 284888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2014-03-25 19:22:23 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2014-03-17 19:25:40 63088 ----a-w- C:\Windows\System32\vsocklib.dll
2014-03-17 18:40:40 50800 ----a-w- C:\Windows\System32\vmhgfs.dll
2014-03-17 18:40:38 34416 ----a-w- C:\Windows\System32\vmGuestLibJava.dll
2014-03-17 18:28:47 63088 ----a-w- C:\Windows\SysWow64\vsocklib.dll
2014-03-17 18:28:44 50800 ----a-w- C:\Windows\SysWow64\vmhgfs.dll
2014-03-17 18:28:41 34416 ----a-w- C:\Windows\SysWow64\vmGuestLibJava.dll
2014-03-17 15:54:09 53360 ----a-w- C:\Windows\System32\vmGuestLib.dll
2014-03-17 14:29:47 18432 ----a-w- C:\Windows\System32\corpol.dll
2014-03-17 13:04:41 73216 ----a-w- C:\Windows\System32\admparse.dll
2014-03-17 12:54:20 53360 ----a-w- C:\Windows\SysWow64\vmGuestLib.dll
2014-03-17 12:54:17 219248 ----a-w- C:\Windows\SysWow64\vm3dum.dll
2014-03-17 12:54:13 3223152 ----a-w- C:\Windows\SysWow64\vm3dgl.dll
2014-03-17 12:53:49 1047552 ----a-w- C:\Windows\SysWow64\mfc71u.dll
2014-03-17 12:53:29 18432 ----a-w- C:\Windows\SysWow64\corpol.dll
2014-03-17 12:53:25 73216 ----a-w- C:\Windows\SysWow64\admparse.dll
2014-03-17 06:22:56 118048 ----a-w- C:\Windows\System32\BootDefrag.exe
2014-03-17 06:07:38 17600 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2014-03-13 20:24:44 40720 ----a-w- C:\Windows\System32\Partizan.exe
2014-03-13 20:19:08 35816 ----a-w- C:\Windows\SysWow64\drivers\Partizan.sys
2014-03-12 10:43:17 2 --shatr- C:\Windows\winstart.bat
2014-03-05 00:31:58 8710656 ----a-w- C:\Windows\SysWow64\Impactor.dll
2014-03-05 00:31:57 943616 ----a-w- C:\Windows\SysWow64\WinSparkle.dll
2014-03-05 00:27:58 96256 ----a-w- C:\Windows\System32\AdbWinApi.dll
2014-03-05 00:27:58 943616 ----a-w- C:\Windows\System32\WinSparkle.dll
2014-03-05 00:27:58 8710656 ----a-w- C:\Windows\System32\Impactor.dll
2014-03-05 00:27:58 60928 ----a-w- C:\Windows\System32\AdbWinUsbApi.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-03 23:37:01 252480 ----atw- C:\Windows\SysWow64\crowdinspect64.exe
2014-03-01 16:58:21 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys
2014-02-18 17:12:01 9889352 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll
2014-02-18 17:12:01 271064 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
2014-02-17 16:41:24 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2014-02-12 00:01:01 528384 ----a-w- C:\Windows\System32\msdrm.dll
2014-02-12 00:01:01 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2014-02-12 00:01:00 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2014-02-12 00:01:00 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2014-02-12 00:01:00 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH:  9:38:54,09 ===============
 
2. DDS Attach:
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Basic 
Boot Device: \Device\HarddiskVolume1
Install Date: 22/02/2013 09:47:17
System Uptime: 06/05/2014 03:29:32 (6 hours ago)
.
Motherboard: Dell Inc. |  | 0X0DC1
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
A Bíblia Sagrada Versão Digital 6.7 Freeware
ACR38/100/122 PC/SC Driver 1.1.2.0
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 7
Aimersoft PDF Converter Pro (Build 3.1.1)
AnVir Task Manager Pro
Atheros Bluetooth Suite (64)
µTorrent
aTube Catcher
Auslogics BoostSpeed
AutoCAD 2013 Language Pack – Português – Brasil (Brazilian Portuguese)
AutoCAD 2013 – Português – Brasil (Brazilian Portuguese)
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Inventor Fusion 2013
Autodesk Inventor Fusion plug-in for AutoCAD 2013
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Sync
BitTorrent
BufferChm
BurnAware Free 6.4
Caesium versão 1.4.1
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Comodo Dragon
COMODO Internet Security Premium
CrystalDiskInfo 5.6.2
D110
Dell DataSafe Local Backup
Dell System Detect
Dell Touchpad
Dell WLAN and Bluetooth Client Installation
Destinations
DeviceDiscovery
DiskMax 4.71
DLL Suite 2013
Driver Booster
EaseUS Partition Master 9.2.2
EaseUS Todo Backup Free 6.5
ESET Online Scanner v3
Everything 1.2.1.371
Everything 1.3.3.658 (x64)
FastStone Photo Resizer 3.1
FormatFactory 2.20
Fotosizer 2.08
Foxit Reader
Free Opener
Glary Utilities PRO 4.8
Google Chrome
Google Talk Plugin
Google Update Helper
GPBaseService2
HitmanPro.Alert
HP Deskjet 3510 series Ajuda
HP Deskjet 3510 series Estudo de aprimoramento de produtos
HP Deskjet 3510 series Software básico do dispositivo
HP Imaging Device Functions 14.0
HP Officejet Pro 8600 Ajuda
HP Officejet Pro 8600 Software básico do dispositivo
HP Unified IO
HP Update
HPAppStudio
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
I.R.I.S. OCR
IDT Audio
ImgBurn
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
IObit Uninstaller
iPrint
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
Java SE Development Kit 7 Update 55 (64-bit)
Java SE Development Kit 8 Update 5 (64-bit)
JetClean
KeyScrambler
LastPass (uninstall only)
LG United Mobile Driver
Módulo Adicional de Segurança CAIXA
Macrium Reflect Free Edition
Malwarebytes Anti-Malware versão 2.0.1.1004
MarketResearch
Megacubo 10
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Português do Brasil)
Microsoft .NET Framework 4.5.1 (PTB)
Microsoft Application Error Reporting
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office com Clique para Executar 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 6.3.0
Mozilla Firefox 29.0 (x86 pt-BR)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Naviextras Toolbox
Naviextras Toolbox Prerequesities
Network64
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
Nokia Suite
NTREGOPT 1.1j
OpenOffice 4.0.1
Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 4.7)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 7.01.0.9)
Pacote de Driver do Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
Pacote de idioma do plug-in Autodesk Inventor Fusion para AutoCAD 2013
PC Connectivity Solution
Photomizer Scan 2
PhrozenSoft VirusTotal Uploader version 3.1
Plug-in Autodesk Inventor Fusion for AutoCAD 2013
PrimoPDF -- brought to you by Nitro PDF Software
PS_AIO_07_D110_SW_Min
Quickset64
QuickTransfer
Realtek Ethernet Controller Driver
Receitanet
Recuva
Registry Reviver
ResScan
Revo Uninstaller Pro 3.0.7
Scan
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Skype Click to Call
Skype™ 6.14
SmartWebPrinting
SolutionCenter
SpeedFan (remove only)
Spybot - Search & Destroy
SpywareBlaster 5.0
Status
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TeraCopy 2.27
The KMPlayer (remove only)
Time Stopper
Toolbox
TrayApp
UnHackMe 7.10 release
UniPDF 1.0.4
Unlocker 1.9.2
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
Vit Registry Fix 12.5 (remove only)
WebReg
Wild Media Server (UPnP, DLNA, HTTP)
WinRAR 4.20 (64-bit)
Wise Care 365 version 2.94
.
==== End Of File ===========================
 
 
 
 
 
 


BC AdBot (Login to Remove)

 


#2 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 06 May 2014 - 08:44 AM

We had to reduce the size of the content due to host error between Miami and site Bleeping.com ???

 

1. FRST 64 txt log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014
Ran by Dell (administrator) on DELL-PC on 06-05-2014 07:55:09
Running from C:\Users\Dell\Desktop
Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Dell\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\synaptics\syntp\syntpenh.exe [3011312 2014-01-24] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\wlandecrypt.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Run: [WinPatrol] => c:\program files (x86)\billp studios\winpatrol\winpatrol.exe [429120 2014-01-23] (BillP Studios)
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk
ShortcutTarget: Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {2AD4F022-665A-4B7A-BD62-EAE068247EBB} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{DD5529F5-1F46-4AC6-9407-30603A3DB7DD}: [NameServer]156.154.70.22,156.154.71.22
 
FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default
FF NewTab: www.google.com.br
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: LastPass - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\support@lastpass.com [2014-02-28]
FF Extension: Forecastfox - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-03-01]
FF Extension: Qualys BrowserCheck - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-01-25]
FF Extension: Ghostery - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\firefox@ghostery.com.xpi [2013-09-16]
FF Extension: Webmail Ad Blocker - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\gmailnoads@mywebber.com.xpi [2013-09-16]
FF Extension: Self-Destructing Cookies - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-09-16]
FF Extension: Lightbeam - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-26]
FF Extension: YSlow - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\yslow@yahoo-inc.com.xpi [2013-09-16]
FF Extension: Adblock Plus - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-16]
FF Extension: User Agent Switcher - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-09-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-29]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-01-16]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com.br/
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Módulo de Proteção - Caixa Economica Federal) - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CHR Plugin: (Google Update) - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Extension: (Google Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-07-11]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2013-07-11]
CHR Extension: (WOT) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-07-11]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2013-07-11]
CHR Extension: (Adblock Plus) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-26]
CHR Extension: (better Browser - for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cokcmhdapcendeddejjpicpdmngcnhca [2013-10-22]
CHR Extension: (eCorreios - Rastreamentos dos Correios) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\delefjilcjidbcnnfkcebjphcfbokpfb [2013-07-11]
CHR Extension: (Tampermonkey) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-07-11]
CHR Extension: (MaskMe) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2013-09-11]
CHR Extension: (Chromebleed) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-17]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-25]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-07-11]
CHR Extension: (Spotflux Lite) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl [2014-01-31]
CHR Extension: (SiteAdvisor) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-08]
CHR Extension: (Avira Browser Safety) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-09]
CHR Extension: (Click&Clean) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-03-01]
CHR Extension: (AdBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-26]
CHR Extension: (FlashBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-24]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2013-07-11]
CHR Extension: (Unsocialize: The Link Unsocializer) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdogcpghhdcocgdjogbglgejhdeedijn [2013-07-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-26]
CHR Extension: (Cool Relógio) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2014-01-12]
CHR Extension: (instant translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2013-07-11]
CHR Extension: (View Thru) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkncfnbcgbclefkbknfdbngiegdppgdd [2013-07-11]
CHR Extension: (Conversor de PDF para Word) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe [2013-07-11]
CHR Extension: (Motorola Connect) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigmoblgooahdmdibodmcnffgnejlndh [2014-02-08]
CHR Extension: (Skype Click to Call) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-08]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-07-11]
CHR Extension: (Ghostery) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-04-30]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-07-11]
CHR Extension: (Google Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-10-30]
CHR Extension: (Rolagem rápida do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-10-23]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-04-26]
CHR Extension: (Quebrador de Links) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla [2013-07-11]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-03-02]
CHR Extension: (AVG PrivacyFix) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni [2013-07-11]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
 
==================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [135168 2011-02-16] (Atheros)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2013-03-26] (Fork Ltd.)
S4 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-04-23] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S4 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-19] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-26] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [409720 2013-06-28] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-04-22] (Atheros)
S4 a2AntiMalware; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
R0 31415875; C:\Windows\System32\DRIVERS\31415875.sys [460888 2014-05-05] (Kaspersky Lab ZAO)
S3 a2acc; No ImagePath
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-04-07] (Emsisoft GmbH)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-03-17] (Glarysoft Ltd)
S3 catchme; No ImagePath
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-04-07] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
S3 cpuz132; No ImagePath
S3 Delldiag; No ImagePath
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 esgiguard; No ImagePath
S3 EUBAKUP0; No ImagePath
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] ()
S3 EUBKMON0; C:\Windows\system32\drivers\EUBKMON0.sys [48200 2013-09-04] ()
S3 EUFDDISK0; No ImagePath
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-04-19] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-24] (Intel Corporation)
S3 MFE_RR; No ImagePath
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-03-13] (Greatis Software)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Resplendence Software Projects Sp.)
S3 SANDRA; No ImagePath
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-08-01] ()
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [38664 2013-04-29] (Spotflux, Inc)
U2 SR; 
U2 srservice; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-06 03:25 - 2014-05-06 03:26 - 04143997 _____ () C:\Users\Dell\Downloads\tdsskiller.zip
2014-05-06 03:24 - 2014-05-06 03:26 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Desktop\iexplorer.exe.exe
2014-05-06 03:09 - 2014-05-06 03:08 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Desktop\rkill(1).exe
2014-05-06 03:07 - 2014-05-06 03:08 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill(1).exe
2014-05-05 22:43 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-05 22:43 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-05 22:43 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-05 22:42 - 2014-05-05 22:50 - 00000000 ___SD () C:\ComboFix
2014-05-05 22:42 - 2014-05-05 22:43 - 00000000 ____D () C:\Qoobox
2014-05-05 22:38 - 2014-05-05 12:33 - 05199940 ____R (Swearware) C:\Users\Dell\Desktop\ComboFix.exe
2014-05-05 15:15 - 2014-05-05 15:18 - 00000000 ____D () C:\AdwCleaner
2014-05-05 15:13 - 2014-05-05 09:47 - 01316991 _____ () C:\Users\Dell\Desktop\AdwCleaner.exe
2014-05-05 14:11 - 2014-05-05 15:13 - 00052550 _____ () C:\Users\Dell\Desktop\Addition.txt
2014-05-05 14:09 - 2014-05-06 07:57 - 00050362 _____ () C:\Users\Dell\Desktop\FRST.txt
2014-05-05 14:09 - 2014-05-06 07:55 - 00000000 ____D () C:\FRST
2014-05-05 14:09 - 2014-05-05 14:08 - 02063872 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2014-05-05 14:07 - 2014-05-05 14:08 - 02063872 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-05-05 12:11 - 2014-05-05 12:11 - 00000000 ____D () C:\Windows\Minidump
2014-05-05 10:26 - 2014-05-05 10:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 10:03 - 2014-05-06 03:17 - 00002432 _____ () C:\Users\Dell\Desktop\Rkill.txt
2014-05-05 09:02 - 2014-05-05 09:47 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\31415875.sys
2014-05-05 08:20 - 2014-05-05 08:20 - 02347384 _____ (ESET) C:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
2014-05-05 04:59 - 2014-05-05 08:59 - 136161520 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_05_05_09_48.exe
2014-05-04 11:47 - 2014-05-06 07:46 - 00081281 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 11:41 - 2014-05-06 03:30 - 00000392 _____ () C:\Windows\setupact.log
2014-05-04 11:41 - 2014-05-06 03:29 - 00003206 _____ () C:\Windows\PFRO.log
2014-05-04 11:41 - 2014-05-04 11:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-04 09:19 - 2014-05-04 09:20 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-03 09:42 - 2014-05-03 09:42 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267 (1).msi
2014-05-03 00:02 - 2014-05-03 00:02 - 00000000 ____D () C:\Users\Dell\Documents\ProcAlyzer Dumps
2014-05-02 23:53 - 2014-05-04 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-02 23:53 - 2014-05-02 23:53 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-02 23:27 - 2014-05-02 23:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.3.exe
2014-05-02 22:59 - 2014-05-02 23:00 - 05616856 _____ () C:\Users\Dell\Downloads\Startups-vf.chm
2014-05-02 22:19 - 2014-05-02 22:19 - 00809692 _____ () C:\Users\Dell\Downloads\WinsockFix_InfoSpyware.zip
2014-05-02 22:18 - 2014-05-02 22:19 - 00791393 _____ (Lars Hederer ) C:\Users\Dell\Downloads\erunt-setup.exe
2014-05-02 22:17 - 2014-05-02 22:17 - 00522240 _____ (OldTimer Tools) C:\Users\Dell\Downloads\OTM.exe
2014-05-02 22:15 - 2014-05-02 22:15 - 00167376 _____ () C:\Users\Dell\Downloads\fileassassin-setup-1.06.esp.exe
2014-05-02 17:30 - 2014-04-29 11:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 17:30 - 2014-04-29 10:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 17:30 - 2014-04-29 09:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 17:30 - 2014-04-29 09:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 15:55 - 2014-05-02 15:55 - 03083248 _____ (Symantec Corporation) C:\Users\Dell\Downloads\NPE Norton Power Erase - anti crimaware.exe
2014-05-02 09:35 - 2014-05-02 09:35 - 00000021 _____ () C:\Users\Dell\Documents\Jiraya.txt
2014-05-02 09:28 - 2014-05-02 09:29 - 08620032 _____ () C:\Users\Dell\Downloads\EMET Setup.msi
2014-05-02 09:23 - 2014-05-02 09:24 - 10868379 _____ () C:\Users\Dell\Downloads\Anti-CryptorBitV2.zip
2014-05-01 23:42 - 2014-05-01 23:37 - 03972608 _____ () C:\Users\Dell\Desktop\RogueKiller.exe
2014-05-01 23:36 - 2014-05-01 23:37 - 03972608 _____ () C:\Users\Dell\Downloads\RogueKiller.exe
2014-05-01 23:35 - 2014-05-01 23:35 - 05698982 _____ () C:\Users\Dell\Downloads\VID-20140305-WA0001.mp4
2014-05-01 20:17 - 2014-05-01 20:17 - 00000975 _____ () C:\Users\Dell\Desktop\NTREGOPT.lnk
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 20:16 - 2014-05-01 20:16 - 00483809 _____ (Lars Hederer ) C:\Users\Dell\Downloads\ntregopt-setup.exe
2014-05-01 20:07 - 2014-05-01 20:07 - 00145237 _____ () C:\Users\Dell\Downloads\ntregopt.zip
2014-05-01 20:07 - 2014-05-01 20:07 - 00000970 _____ () C:\Users\Dell\Downloads\ntregopt-loc_fr.zip
2014-05-01 20:04 - 2014-05-01 20:04 - 00347440 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\MicrosoftFixit-portable.exe
2014-05-01 19:41 - 2014-05-01 19:49 - 00000000 ____D () C:\ProgramData\WRData
2014-05-01 19:35 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Dell\Documents\Simply Super Software
2014-05-01 12:54 - 2014-05-01 12:54 - 00518584 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\MemClean.exe
2014-05-01 12:53 - 2014-05-01 12:54 - 00895184 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\neoSearch.exe
2014-05-01 12:20 - 2014-05-01 12:21 - 26747104 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\Ferramenta Windows software malicioso Windows-KB890830-x64-V5.11.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Setup.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02197440 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Portable.exe
2014-04-30 21:36 - 2014-04-30 21:36 - 00154003 _____ () C:\Users\Dell\Downloads\netcraft_toolbar-1.9-fx.xpi
2014-04-30 17:07 - 2014-04-30 17:07 - 05227019 _____ () C:\Users\Dell\Downloads\namebench-1.3.1-Windows.exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00001036 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-04-30 12:15 - 2014-04-30 12:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 12:12 - 2014-04-30 12:12 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-30 12:03 - 2014-04-30 12:03 - 05329480 _____ (Secunia) C:\Users\Dell\Downloads\Secunia atualizar software PSISetup.exe
2014-04-30 11:19 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-04-30 11:18 - 2014-05-01 10:07 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-04-30 10:12 - 2014-04-30 10:12 - 02405616 _____ (Trend Micro Inc.) C:\Users\Dell\Downloads\HousecallLauncher64.exe
2014-04-29 23:27 - 2014-05-04 11:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-29 23:20 - 2014-04-30 13:56 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ZHP
2014-04-29 12:05 - 2014-04-29 12:05 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 11:43 - 2014-04-29 11:49 - 00337888 _____ () C:\Users\Dell\Downloads\360is_min_5.0.0.5000beta.exe
2014-04-29 01:05 - 2014-04-29 01:05 - 00000067 _____ () C:\Users\Dell\Documents\Pai INSS.txt
2014-04-29 01:04 - 2014-04-29 01:04 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-28 15:37 - 2014-04-28 16:05 - 03018304 _____ () C:\Users\Dell\Downloads\Informações temperatura ManicTime.exe
2014-04-28 15:20 - 2014-04-29 01:04 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000974 _____ () C:\Users\Dell\Desktop\SpeedFan.lnk
2014-04-28 15:20 - 2014-04-28 15:20 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:12 - 2014-04-28 15:13 - 06090265 _____ () C:\Users\Dell\Downloads\ManicTimeUsb.zip
2014-04-28 15:12 - 2014-04-28 15:13 - 02143832 _____ () C:\Users\Dell\Downloads\instsf449.exe
2014-04-28 07:27 - 2014-04-28 07:27 - 00013212 _____ () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda.htm
2014-04-28 07:27 - 2014-04-28 07:27 - 00000000 ____D () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda_files
2014-04-27 19:08 - 2014-04-27 19:08 - 00000000 ____D () C:\uninstall27732u
2014-04-27 15:31 - 2014-04-27 15:32 - 02100736 _____ () C:\Users\Dell\Downloads\RIR E O MELHOR REMEDIO.pps
2014-04-27 00:35 - 2014-05-04 11:51 - 00000000 ____D () C:\uninstall8094u
2014-04-26 22:53 - 2014-04-26 22:53 - 00248714 _____ () C:\Users\Dell\Downloads\OCF_20131025.zip
2014-04-26 15:21 - 2014-04-26 15:21 - 00688992 ____R (Swearware) C:\Users\Dell\Downloads\dds.com
2014-04-26 12:38 - 2014-05-03 08:11 - 06815744 _____ () C:\Users\Dell\ntuser.bak
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:01 - 2014-04-26 05:05 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:52 - 2014-05-06 03:53 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 04:51 - 2014-04-26 04:52 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-26 04:46 - 2014-04-26 04:47 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 23:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-25 22:57 - 2014-04-30 00:11 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:09 - 2014-04-13 23:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 11:09 - 2014-04-13 23:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-25 11:01 - 2014-04-25 11:02 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:41 - 2014-04-23 00:45 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:56 - 2014-04-22 16:59 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 09:57 - 2014-04-22 10:04 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 09:56 - 2014-04-22 10:03 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 21:59 - 2014-04-21 22:00 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 19:18 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:17 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 18:54 - 2014-04-21 19:04 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:10 - 2014-04-21 13:11 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-20 19:37 - 2014-04-21 01:04 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 16:50 - 2014-04-20 17:39 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:07 - 2014-04-18 15:08 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:47 - 2014-04-18 10:58 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 08:28 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 08:28 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 08:28 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 08:26 - 2014-04-18 08:28 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 15:31 - 2014-04-16 15:32 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:16 - 2014-04-16 15:17 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:37 - 2014-05-04 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-15 19:28 - 2014-04-15 19:31 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:27 - 2014-04-15 19:30 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-14 21:54 - 2014-04-14 22:20 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:19 - 2014-04-14 19:32 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:01 - 2014-04-14 11:02 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:02 - 2014-04-14 07:12 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 06:50 - 2014-04-14 06:51 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:50 - 2014-04-14 06:51 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:38 - 2014-04-13 16:39 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:51 - 2014-04-12 09:52 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
2014-04-11 22:18 - 2014-04-12 09:14 - 00022302 _____ () C:\Users\Dell\Downloads\Result.txt
2014-04-11 22:15 - 2014-04-11 22:15 - 00982016 _____ (Farbar) C:\Users\Dell\Downloads\MiniToolBox.exe
2014-04-11 17:09 - 2014-04-11 17:09 - 00000710 _____ () C:\Users\Dell\Documents\Comodo - após desinstalação se houver probleamas.txt
2014-04-11 15:14 - 2014-04-11 15:14 - 00589000 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2014-04-11 15:13 - 2014-04-11 15:13 - 03868160 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-11 15:03 - 2014-04-11 15:03 - 00002854 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Dell)
2014-04-11 13:17 - 2014-04-11 13:17 - 00000040 _____ () C:\Users\Dell\Documents\Driver Booster Keys.txt
2014-04-11 12:54 - 2014-02-03 23:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-11 12:54 - 2014-02-03 23:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-11 12:54 - 2014-02-03 23:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-11 12:54 - 2014-02-03 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-11 12:54 - 2014-02-03 23:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-11 12:51 - 2014-03-04 06:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-11 12:51 - 2014-03-04 06:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-11 12:51 - 2014-03-04 06:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-11 12:51 - 2014-03-04 06:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-11 12:51 - 2014-03-04 06:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-11 12:51 - 2014-03-04 05:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-11 12:51 - 2014-03-04 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-11 12:51 - 2014-01-23 23:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-11 10:12 - 2014-04-11 10:12 - 05070944 _____ (Emsi Software GmbH ) C:\Users\Dell\Downloads\Proteção zero day MamutuSetup.exe
2014-04-11 09:56 - 2014-04-11 09:57 - 03749640 _____ (PWI, Inc. ) C:\Users\Dell\Downloads\privatefirewall.exe
2014-04-11 09:47 - 2014-04-11 09:48 - 11278928 _____ (COMODO) C:\Users\Dell\Downloads\Comodo limpar software CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe
2014-04-11 09:34 - 2014-04-11 09:34 - 00178683 _____ () C:\Users\Dell\Downloads\CCEnhancer-3.9-Multilanguage.zip
2014-04-10 20:05 - 2014-04-10 20:06 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267.msi
2014-04-10 16:54 - 2014-04-10 16:54 - 00002966 _____ () C:\Users\Dell\Documents\Limpeza a base produtos caseiros.txt
2014-04-10 11:18 - 2014-04-16 15:21 - 00003007 _____ () C:\Users\Dell\Documents\Sygic - tutorial instalação.txt
2014-04-10 10:34 - 2014-04-10 10:41 - 12648749 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.apk
2014-04-10 10:33 - 2014-04-10 10:52 - 221646397 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.zip
2014-04-10 10:33 - 2014-04-10 10:33 - 00664417 _____ () C:\Users\Dell\Downloads\Sygic_MapDownloader_v1.4_(2014-03-13).zip
2014-04-10 10:12 - 2014-04-10 10:12 - 00000147 _____ () C:\Users\Dell\Documents\LG - assistência técnica. .Florianópolis .txt
2014-04-09 13:17 - 2014-04-09 13:17 - 02637388 _____ () C:\Users\Dell\Downloads\27d92b870986d9d44ee87db9cdb6b271.mp4
2014-04-09 12:41 - 2014-04-09 12:42 - 06126911 _____ () C:\Users\Dell\Downloads\Install_Win7_7080_03212014.zip
2014-04-09 11:51 - 2014-05-04 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-09 11:50 - 2014-04-22 10:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-09 11:47 - 2014-04-09 11:47 - 00921000 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u51.exe
2014-04-09 11:45 - 2014-04-09 11:45 - 00405504 _____ () C:\Users\Dell\Downloads\intel_srldetect_4.5.13.0.msi
2014-04-09 11:28 - 2014-04-09 11:29 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-04-07 21:39 - 2014-04-07 21:39 - 00307712 _____ (FileHippo.com) C:\Users\Dell\Downloads\UpdateChecker.exe
2014-04-07 19:13 - 2014-04-07 19:14 - 106403600 ____N (Microsoft Corporation) C:\Users\Dell\Downloads\Microsoft Sec Essentials cada 10 dias 64 bits msert.exe
2014-04-07 17:37 - 2014-04-07 17:37 - 00000038 _____ () C:\Users\Dell\Documents\Bleeping acesso.txt
2014-04-07 09:07 - 2014-04-07 09:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-07 09:07 - 2014-04-07 09:07 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-04-07 08:33 - 2014-04-07 08:33 - 00000553 _____ () C:\Users\Dell\Desktop\Emsisoft Emergency Kit.lnk
 
==================== One Month Modified Files and Folders =======
 
2014-05-06 07:57 - 2014-05-05 14:09 - 00050362 _____ () C:\Users\Dell\Desktop\FRST.txt
2014-05-06 07:55 - 2014-05-05 14:09 - 00000000 ____D () C:\FRST
2014-05-06 07:49 - 2013-03-05 19:11 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-05-06 07:46 - 2014-05-04 11:47 - 00081281 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 07:31 - 2013-04-10 23:23 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-05-06 07:16 - 2013-07-11 18:05 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 07:05 - 2013-10-15 12:19 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 03:53 - 2014-04-26 04:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-06 03:39 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 03:39 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 03:32 - 2013-12-01 13:17 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Wise Care 365
2014-05-06 03:30 - 2014-05-04 11:41 - 00000392 _____ () C:\Windows\setupact.log
2014-05-06 03:30 - 2013-07-11 18:05 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 03:30 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-06 03:29 - 2014-05-04 11:41 - 00003206 _____ () C:\Windows\PFRO.log
2014-05-06 03:26 - 2014-05-06 03:25 - 04143997 _____ () C:\Users\Dell\Downloads\tdsskiller.zip
2014-05-06 03:26 - 2014-05-06 03:24 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Desktop\iexplorer.exe.exe
2014-05-06 03:17 - 2014-05-05 10:03 - 00002432 _____ () C:\Users\Dell\Desktop\Rkill.txt
2014-05-06 03:08 - 2014-05-06 03:09 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Desktop\rkill(1).exe
2014-05-06 03:08 - 2014-05-06 03:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill(1).exe
2014-05-05 22:50 - 2014-05-05 22:42 - 00000000 ___SD () C:\ComboFix
2014-05-05 22:43 - 2014-05-05 22:42 - 00000000 ____D () C:\Qoobox
2014-05-05 22:40 - 2013-07-09 18:10 - 00000000 ____D () C:\Windows\erdnt
2014-05-05 22:37 - 2013-08-06 01:05 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 15:18 - 2014-05-05 15:15 - 00000000 ____D () C:\AdwCleaner
2014-05-05 15:15 - 2013-11-18 11:26 - 00000000 ____D () C:\Windows\CryptoGuard
2014-05-05 15:13 - 2014-05-05 14:11 - 00052550 _____ () C:\Users\Dell\Desktop\Addition.txt
2014-05-05 15:11 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-05 15:00 - 2013-03-05 09:43 - 00000000 ____D () C:\Users\Dell\AppData\Local\Apps\2.0
2014-05-05 14:51 - 2009-07-13 23:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-05 14:14 - 2013-04-02 19:29 - 00000000 ____D () C:\Windows\pss
2014-05-05 14:08 - 2014-05-05 14:09 - 02063872 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2014-05-05 14:08 - 2014-05-05 14:07 - 02063872 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-05-05 12:33 - 2014-05-05 22:38 - 05199940 ____R (Swearware) C:\Users\Dell\Desktop\ComboFix.exe
2014-05-05 12:33 - 2014-03-31 10:52 - 05199940 _____ (Swearware) C:\Users\Dell\Downloads\ComboFix.exe
2014-05-05 12:11 - 2014-05-05 12:11 - 00000000 ____D () C:\Windows\Minidump
2014-05-05 12:11 - 2013-02-22 09:40 - 00326565 ____N () C:\Windows\Minidump\050514-32978-01.dmp
2014-05-05 10:26 - 2014-05-05 10:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 09:47 - 2014-05-05 15:13 - 01316991 _____ () C:\Users\Dell\Desktop\AdwCleaner.exe
2014-05-05 09:47 - 2014-05-05 09:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\31415875.sys
2014-05-05 08:59 - 2014-05-05 04:59 - 136161520 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_05_05_09_48.exe
2014-05-05 08:20 - 2014-05-05 08:20 - 02347384 _____ (ESET) C:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
2014-05-04 14:00 - 2013-12-01 13:19 - 00000400 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-05-04 13:46 - 2014-05-02 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-04 13:46 - 2014-03-30 18:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-04 13:46 - 2014-01-26 22:53 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ProductData
2014-05-04 13:46 - 2013-11-09 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-05-04 13:46 - 2013-09-09 11:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-05-04 13:46 - 2013-08-03 23:45 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\TeraCopy
2014-05-04 13:46 - 2013-05-25 19:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\QFX Software
2014-05-04 13:46 - 2013-05-25 19:26 - 00000000 ____D () C:\ProgramData\QFX Software
2014-05-04 13:46 - 2013-03-05 19:11 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-05-04 13:46 - 2013-02-22 09:47 - 00000000 ____D () C:\Users\Dell
2014-05-04 13:46 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2014-05-04 11:51 - 2014-04-29 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-04 11:51 - 2014-04-27 00:35 - 00000000 ____D () C:\uninstall8094u
2014-05-04 11:41 - 2014-05-04 11:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-04 11:37 - 2014-04-15 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-05-04 11:37 - 2014-04-09 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-04 09:20 - 2014-05-04 09:19 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-03 09:42 - 2014-05-03 09:42 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267 (1).msi
2014-05-03 08:11 - 2014-04-26 12:38 - 06815744 _____ () C:\Users\Dell\ntuser.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 24379392 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00053248 _____ () C:\Windows\system32\config\SAM.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-03 00:02 - 2014-05-03 00:02 - 00000000 ____D () C:\Users\Dell\Documents\ProcAlyzer Dumps
2014-05-02 23:53 - 2014-05-02 23:53 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:52 - 2014-03-30 18:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-02 23:36 - 2014-05-02 23:27 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.3.exe
2014-05-02 23:00 - 2014-05-02 22:59 - 05616856 _____ () C:\Users\Dell\Downloads\Startups-vf.chm
2014-05-02 22:19 - 2014-05-02 22:19 - 00809692 _____ () C:\Users\Dell\Downloads\WinsockFix_InfoSpyware.zip
2014-05-02 22:19 - 2014-05-02 22:18 - 00791393 _____ (Lars Hederer ) C:\Users\Dell\Downloads\erunt-setup.exe
2014-05-02 22:17 - 2014-05-02 22:17 - 00522240 _____ (OldTimer Tools) C:\Users\Dell\Downloads\OTM.exe
2014-05-02 22:15 - 2014-05-02 22:15 - 00167376 _____ () C:\Users\Dell\Downloads\fileassassin-setup-1.06.esp.exe
2014-05-02 19:37 - 2014-01-28 17:52 - 00000882 _____ () C:\Users\Dell\Documents\Padre.txt
2014-05-02 15:55 - 2014-05-02 15:55 - 03083248 _____ (Symantec Corporation) C:\Users\Dell\Downloads\NPE Norton Power Erase - anti crimaware.exe
2014-05-02 09:35 - 2014-05-02 09:35 - 00000021 _____ () C:\Users\Dell\Documents\Jiraya.txt
2014-05-02 09:29 - 2014-05-02 09:28 - 08620032 _____ () C:\Users\Dell\Downloads\EMET Setup.msi
2014-05-02 09:24 - 2014-05-02 09:23 - 10868379 _____ () C:\Users\Dell\Downloads\Anti-CryptorBitV2.zip
2014-05-01 23:57 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 23:37 - 2014-05-01 23:42 - 03972608 _____ () C:\Users\Dell\Desktop\RogueKiller.exe
2014-05-01 23:37 - 2014-05-01 23:36 - 03972608 _____ () C:\Users\Dell\Downloads\RogueKiller.exe
2014-05-01 23:35 - 2014-05-01 23:35 - 05698982 _____ () C:\Users\Dell\Downloads\VID-20140305-WA0001.mp4
2014-05-01 20:17 - 2014-05-01 20:17 - 00000975 _____ () C:\Users\Dell\Desktop\NTREGOPT.lnk
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 20:16 - 2014-05-01 20:16 - 00483809 _____ (Lars Hederer ) C:\Users\Dell\Downloads\ntregopt-setup.exe
2014-05-01 20:07 - 2014-05-01 20:07 - 00145237 _____ () C:\Users\Dell\Downloads\ntregopt.zip
2014-05-01 20:07 - 2014-05-01 20:07 - 00000970 _____ () C:\Users\Dell\Downloads\ntregopt-loc_fr.zip
2014-05-01 20:04 - 2014-05-01 20:04 - 00347440 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\MicrosoftFixit-portable.exe
2014-05-01 19:49 - 2014-05-01 19:41 - 00000000 ____D () C:\ProgramData\WRData
2014-05-01 19:35 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Dell\Documents\Simply Super Software
2014-05-01 18:48 - 2013-02-22 05:39 - 00707498 _____ () C:\Windows\system32\prfh0416.dat
2014-05-01 18:48 - 2013-02-22 05:39 - 00148578 _____ () C:\Windows\system32\prfc0416.dat
2014-05-01 18:48 - 2009-07-14 02:13 - 01640864 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 12:54 - 2014-05-01 12:54 - 00518584 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\MemClean.exe
2014-05-01 12:54 - 2014-05-01 12:53 - 00895184 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\neoSearch.exe
2014-05-01 12:48 - 2013-12-06 08:47 - 00000000 ____D () C:\Users\Dell\AppData\Local\CrashDumps
2014-05-01 12:21 - 2014-05-01 12:20 - 26747104 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\Ferramenta Windows software malicioso Windows-KB890830-x64-V5.11.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Setup.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02197440 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Portable.exe
2014-05-01 10:07 - 2014-04-30 11:18 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-05-01 09:54 - 2013-11-30 00:06 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\DiskDefrag
2014-04-30 21:36 - 2014-04-30 21:36 - 00154003 _____ () C:\Users\Dell\Downloads\netcraft_toolbar-1.9-fx.xpi
2014-04-30 17:07 - 2014-04-30 17:07 - 05227019 _____ () C:\Users\Dell\Downloads\namebench-1.3.1-Windows.exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00001036 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-04-30 13:56 - 2014-04-29 23:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ZHP
2014-04-30 12:15 - 2014-04-30 12:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 12:12 - 2014-04-30 12:12 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-30 12:03 - 2014-04-30 12:03 - 05329480 _____ (Secunia) C:\Users\Dell\Downloads\Secunia atualizar software PSISetup.exe
2014-04-30 11:01 - 2013-11-05 21:01 - 00323826 _____ () C:\Users\Dell\AppData\Local\census.cache
2014-04-30 11:01 - 2013-11-05 21:01 - 00000000 _____ () C:\Users\Dell\AppData\Local\ars.cache
2014-04-30 10:12 - 2014-04-30 10:12 - 02405616 _____ (Trend Micro Inc.) C:\Users\Dell\Downloads\HousecallLauncher64.exe
2014-04-30 08:59 - 2013-04-27 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 00:11 - 2014-04-25 22:57 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-30 00:05 - 2013-04-01 20:19 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Skype
2014-04-29 12:05 - 2014-04-29 12:05 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 12:05 - 2013-12-11 11:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 12:05 - 2013-10-15 12:19 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 12:05 - 2013-03-05 23:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 11:49 - 2014-04-29 11:43 - 00337888 _____ () C:\Users\Dell\Downloads\360is_min_5.0.0.5000beta.exe
2014-04-29 11:01 - 2014-05-02 17:30 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 10:40 - 2014-05-02 17:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 09:48 - 2014-05-02 17:30 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 09:34 - 2014-05-02 17:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 01:05 - 2014-04-29 01:05 - 00000067 _____ () C:\Users\Dell\Documents\Pai INSS.txt
2014-04-29 01:04 - 2014-04-29 01:04 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-29 01:04 - 2014-04-28 15:20 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-04-28 16:05 - 2014-04-28 15:37 - 03018304 _____ () C:\Users\Dell\Downloads\Informações temperatura ManicTime.exe
2014-04-28 15:20 - 2014-04-28 15:20 - 00000974 _____ () C:\Users\Dell\Desktop\SpeedFan.lnk
2014-04-28 15:20 - 2014-04-28 15:20 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:13 - 2014-04-28 15:12 - 06090265 _____ () C:\Users\Dell\Downloads\ManicTimeUsb.zip
2014-04-28 15:13 - 2014-04-28 15:12 - 02143832 _____ () C:\Users\Dell\Downloads\instsf449.exe
2014-04-28 07:27 - 2014-04-28 07:27 - 00013212 _____ () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda.htm
2014-04-28 07:27 - 2014-04-28 07:27 - 00000000 ____D () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda_files
2014-04-27 19:08 - 2014-04-27 19:08 - 00000000 ____D () C:\uninstall27732u
2014-04-27 18:54 - 2014-01-12 09:44 - 00000000 ____D () C:\Users\Dell\AppData\Local\Adobe
2014-04-27 15:32 - 2014-04-27 15:31 - 02100736 _____ () C:\Users\Dell\Downloads\RIR E O MELHOR REMEDIO.pps
2014-04-26 22:53 - 2014-04-26 22:53 - 00248714 _____ () C:\Users\Dell\Downloads\OCF_20131025.zip
2014-04-26 15:21 - 2014-04-26 15:21 - 00688992 ____R (Swearware) C:\Users\Dell\Downloads\dds.com
2014-04-26 12:49 - 2013-05-25 20:37 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-04-26 12:38 - 2014-04-02 07:16 - 72810496 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00311296 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00053248 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-26 10:23 - 2013-09-09 13:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:05 - 2014-04-26 05:01 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:52 - 2014-04-26 04:51 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Malwarebytes
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:47 - 2014-04-26 04:46 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:02 - 2014-04-25 11:01 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-25 09:21 - 2013-03-15 10:32 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 15:48 - 2013-04-02 21:26 - 02230658 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:22 - 2013-11-05 18:48 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
2014-04-23 13:22 - 2013-11-05 18:48 - 00000000 ____D () C:\ProgramData\Documents\regruninfo
2014-04-23 13:22 - 2013-07-09 12:52 - 00000000 ____D () C:\Users\Dell\Documents\Limpeza Casas - Margarete Grancoski_files
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:45 - 2014-04-23 00:41 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:59 - 2014-04-22 16:56 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 10:36 - 2014-03-22 02:14 - 00000000 ____D () C:\Program Files\Java
2014-04-22 10:34 - 2014-04-09 11:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 10:04 - 2014-04-22 09:57 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 10:03 - 2014-04-22 09:56 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 22:00 - 2014-04-21 21:59 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 19:19 - 2014-04-21 19:18 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:19 - 2014-04-21 19:17 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 19:04 - 2014-04-21 18:54 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:11 - 2014-04-21 13:10 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:56 - 2014-03-30 18:50 - 00000000 ____D () C:\Users\Dell\Downloads\Systweak RegClean Pro v6.21.65.2364 With Key [h33t][iahq76]
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-21 01:04 - 2014-04-20 19:37 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 22:21 - 2014-03-25 15:02 - 00000000 ____D () C:\Users\Dell\AppData\Local\AnVir
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 17:39 - 2014-04-20 16:50 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 22:30 - 2013-03-26 09:22 - 00417792 ___SH () C:\EUMONBMP.SYS
2014-04-19 20:57 - 2013-08-18 17:27 - 00000286 __RSH () C:\Users\Dell\ntuser.pol
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 18:12 - 2014-01-17 05:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:19 - 2013-12-19 06:30 - 00000000 ____D () C:\ProgramData\RegRun
2014-04-18 15:19 - 2013-11-05 18:48 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 15:08 - 2014-04-18 15:07 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:58 - 2014-04-18 10:47 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-18 08:26 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\ProgramData\Desktop\COMODO Internet Security.lnk
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 18:12 - 2014-03-05 12:54 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-04-16 15:32 - 2014-04-16 15:31 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:21 - 2014-04-10 11:18 - 00003007 _____ () C:\Users\Dell\Documents\Sygic - tutorial instalação.txt
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:17 - 2014-04-16 15:16 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 11:03 - 2013-04-01 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:31 - 2014-04-15 19:28 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:30 - 2014-04-15 19:27 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-14 22:20 - 2014-04-14 21:54 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 20:13 - 2014-04-18 08:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 08:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 08:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 08:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 19:32 - 2014-04-14 12:19 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:02 - 2014-04-14 11:01 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:12 - 2014-04-14 07:02 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:01 - 2013-04-18 12:24 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 07:00 - 2013-04-18 12:25 - 00000000 ____D () C:\Arquivos de Programas RFB
2014-04-14 06:51 - 2014-04-14 06:50 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:51 - 2014-04-14 06:50 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 23:24 - 2014-04-25 11:09 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-13 23:19 - 2014-04-25 11:09 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 19:45 - 2014-02-09 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:39 - 2014-04-13 16:38 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:16 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:52 - 2014-04-12 09:51 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
2014-04-12 09:14 - 2014-04-11 22:18 - 00022302 _____ () C:\Users\Dell\Downloads\Result.txt
2014-04-11 22:15 - 2014-04-11 22:15 - 00982016 _____ (Farbar) C:\Users\Dell\Downloads\MiniToolBox.exe
2014-04-11 17:09 - 2014-04-11 17:09 - 00000710 _____ () C:\Users\Dell\Documents\Comodo - após desinstalação se houver probleamas.txt
2014-04-11 15:15 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-11 15:14 - 2014-04-11 15:14 - 00589000 _____ (Qualcomm Atheros) C:\Windows\system32\Drivers\btfilter.sys
2014-04-11 15:13 - 2014-04-11 15:13 - 03868160 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-11 15:10 - 2014-04-11 15:10 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-11 15:10 - 2013-02-22 10:28 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-11 15:03 - 2014-04-11 15:03 - 00002854 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Dell)
2014-04-11 15:03 - 2013-12-13 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-04-11 13:17 - 2014-04-11 13:17 - 00000040 _____ () C:\Users\Dell\Documents\Driver Booster Keys.txt
2014-04-11 13:09 - 2013-07-17 10:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 12:57 - 2013-03-05 17:29 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-11 10:12 - 2014-04-11 10:12 - 05070944 _____ (Emsi Software GmbH ) C:\Users\Dell\Downloads\Proteção zero day MamutuSetup.exe
2014-04-11 09:57 - 2014-04-11 09:56 - 03749640 _____ (PWI, Inc. ) C:\Users\Dell\Downloads\privatefirewall.exe
2014-04-11 09:48 - 2014-04-11 09:47 - 11278928 _____ (COMODO) C:\Users\Dell\Downloads\Comodo limpar software CPM_SETUP_1.3.2.30_xp_vista_server2003_win7.exe
2014-04-11 09:34 - 2014-04-11 09:34 - 00178683 _____ () C:\Users\Dell\Downloads\CCEnhancer-3.9-Multilanguage.zip
2014-04-10 20:06 - 2014-04-10 20:05 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267.msi
2014-04-10 16:54 - 2014-04-10 16:54 - 00002966 _____ () C:\Users\Dell\Documents\Limpeza a base produtos caseiros.txt
2014-04-10 10:52 - 2014-04-10 10:33 - 221646397 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.zip
2014-04-10 10:41 - 2014-04-10 10:34 - 12648749 _____ () C:\Users\Dell\Downloads\Sygic_GPSNavigation_v13.4.2.apk
2014-04-10 10:33 - 2014-04-10 10:33 - 00664417 _____ () C:\Users\Dell\Downloads\Sygic_MapDownloader_v1.4_(2014-03-13).zip
2014-04-10 10:12 - 2014-04-10 10:12 - 00000147 _____ () C:\Users\Dell\Documents\LG - assistência técnica. .Florianópolis .txt
2014-04-09 13:21 - 2013-11-09 11:47 - 00000000 ____D () C:\ProgramData\Auslogics
2014-04-09 13:18 - 2013-08-10 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-04-09 13:18 - 2013-03-05 19:20 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-04-09 13:17 - 2014-04-09 13:17 - 02637388 _____ () C:\Users\Dell\Downloads\27d92b870986d9d44ee87db9cdb6b271.mp4
2014-04-09 13:06 - 2013-12-01 13:16 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-04-09 12:42 - 2014-04-09 12:41 - 06126911 _____ () C:\Users\Dell\Downloads\Install_Win7_7080_03212014.zip
2014-04-09 12:03 - 2013-03-24 00:03 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-04-09 11:53 - 2013-03-24 00:03 - 00000000 ____D () C:\Users\Dell\SystemRequirementsLab
2014-04-09 11:47 - 2014-04-09 11:47 - 00921000 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u51.exe
2014-04-09 11:45 - 2014-04-09 11:45 - 00405504 _____ () C:\Users\Dell\Downloads\intel_srldetect_4.5.13.0.msi
2014-04-09 11:37 - 2013-11-05 18:49 - 00000000 ____D () C:\Users\Dell\Documents\RegRun2
2014-04-09 11:31 - 2013-11-02 22:36 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-04-09 11:29 - 2014-04-09 11:28 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-04-07 21:39 - 2014-04-07 21:39 - 00307712 _____ (FileHippo.com) C:\Users\Dell\Downloads\UpdateChecker.exe
2014-04-07 19:14 - 2014-04-07 19:13 - 106403600 ____N (Microsoft Corporation) C:\Users\Dell\Downloads\Microsoft Sec Essentials cada 10 dias 64 bits msert.exe
2014-04-07 17:37 - 2014-04-07 17:37 - 00000038 _____ () C:\Users\Dell\Documents\Bleeping acesso.txt
2014-04-07 09:08 - 2013-11-03 12:57 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-07 09:07 - 2014-04-07 09:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-07 09:07 - 2014-04-07 09:07 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-04-07 08:33 - 2014-04-07 08:33 - 00000553 _____ () C:\Users\Dell\Desktop\Emsisoft Emergency Kit.lnk
2014-04-07 08:33 - 2013-09-13 20:42 - 00000000 ____D () C:\EEK
 
Files to move or delete:
====================
C:\ProgramData\RegistryReviver.exe
 
 
Some content of TEMP:
====================
C:\Users\Dell\AppData\Local\Temp\Quarantine.exe
C:\Users\Dell\AppData\Local\Temp\{112EED2E-05A6-4228-9091-BFD918A44EFE}.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-03-05 10:38
 
==================== End Of Log ============================
 
2. FRST 64 Addition log:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2014
Ran by Dell at 2014-05-06 07:59:37
Running from C:\Users\Dell\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Bíblia Sagrada Versão Digital 6.7 Freeware (HKLM-x32\...\A Bíblia Sagrada Versão Digital 6.7 Freeware_is1) (Version:  - Por Marcelo Ribeiro de Oliveira - 20/05/2010)
ACR38/100/122 PC/SC Driver 1.1.2.0 (HKLM\...\{155796AE-16D0-45D2-8939-6AE3AD67147B}) (Version: 1.1.2 - Advanced Card Systems Ltd.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.2.1 - IObit)
Aimersoft PDF Converter Pro (Build 3.1.1) (HKLM-x32\...\{C28729BF-059E-4A2B-BCD6-08CD91FE06E1}_is1) (Version: 3.1.1 - Aimersoft Software)
AnVir Task Manager Pro (HKLM-x32\...\AnVir Task Manager Pro) (Version:  - AnVir Software)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.3.0.0 - Auslogics Labs Pty Ltd)
AutoCAD 2013 – Português – Brasil (Brazilian Portuguese) (HKLM\...\AutoCAD 2013 – Português – Brasil (Brazilian Portuguese)) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 – Português – Brasil (Brazilian Portuguese) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack – Português – Brasil (Brazilian Portuguese) (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Plug-in Autodesk Inventor Fusion for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
BurnAware Free 6.4 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Caesium versão 1.4.1 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.4.1 - Matteo Paonessa)
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.0.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{8899F0F2-03D8-4DDE-ADCA-4F0A7CE18A74}) (Version: 7.0.51350.4115 - COMODO Security Solutions Inc.)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 4.1.2.11 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DiskMax 4.71 (HKLM\...\DiskMax) (Version: 4.71 - KoshyJohn.com)
DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version:  - )
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 6.5 (HKLM-x32\...\EaseUS Todo Backup Free 6.5_is1) (Version: 6.5 - CHENGDU YIWO Tech Development Co., Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version:  - )
Everything 1.3.3.658 (x64) (HKLM\...\Everything) (Version:  - )
FastStone Photo Resizer 3.1 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.1 - FastStone Soft.)
FormatFactory 2.20 (HKLM-x32\...\FormatFactory) (Version: 2.20 - Free Time)
Fotosizer 2.08 (HKLM-x32\...\Fotosizer) (Version: 2.08.0.545 - Fotosizer.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Glary Utilities PRO 4.8 (HKLM-x32\...\Glary Utilities 4) (Version: 4.8.0.97 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}) (Version: 4.5.3.14917 - Google)
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8600 Ajuda (HKLM-x32\...\{4795BA34-DD3D-448A-A602-AD221F9B281B}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Software básico do dispositivo (HKLM\...\{B7218FC4-74AB-46B0-9D44-FFDCEE3535E2}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Unified IO (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.10.1300 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
iPrint (HKLM-x32\...\iPrint_is1) (Version: 6.1 - Inzone Software Limited)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.1 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.1 - Receita Federal do Brasil)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
LastPass (uninstall only) (HKCU\...\LastPass) (Version:  - LastPass)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6354 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware versão 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Megacubo 10 (HKLM-x32\...\Megacubo_is1) (Version:  - www.megacubo.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office com Clique para Executar 2010 (Version: 14.0.6122.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Módulo Adicional de Segurança CAIXA (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: Módulo Adicional de Segurança CAIXA - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 29.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 pt-BR)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Naviextras Toolbox (HKLM-x32\...\Naviextras Toolbox) (Version: 3.15.2.307259 - NNG Llc.)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NTREGOPT 1.1j (HKLM-x32\...\NTREGOPT_is1) (Version:  - Lars Hederer)
OpenOffice 4.0.1 (HKLM-x32\...\{50FA6B86-D3C4-4961-A58F-1A061B2DCE04}) (Version: 4.01.9714 - Apache Software Foundation)
Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000) (HKLM\...\199F2EB9DED8BE53A482B8F28B6149674948BDA9) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Pacote de Driver do Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Pacote de idioma do plug-in Autodesk Inventor Fusion para AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photomizer Scan 2 (HKLM-x32\...\{CCE60D92-F3EC-4EF7-0001-C8949A33B608}) (Version: 2.0.14.113 - Engelmann Media GmbH)
PhrozenSoft VirusTotal Uploader version 3.1 (HKCU\...\PhrozenSoft VirusTotal Uploader_is1) (Version: 3.1 - Phrozen Software™ Solutions © 2013)
Plug-in Autodesk Inventor Fusion for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.142 - ReviverSoft LLC)
ResScan (HKLM-x32\...\{F19702FA-6D54-41E1-98E2-156460C87FF2}) (Version: 3.16 - ResMed Pty Ltd)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
Time Stopper (HKLM-x32\...\Time Stopper2.00) (Version: 2.00 - DilSoft)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
UnHackMe 7.10 release (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
UniPDF 1.0.4 (HKLM-x32\...\UniPDF) (Version: 1.0.4 - UniPDF.com)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Vit Registry Fix 12.5 (remove only) (HKLM\...\Vit Registry Fix) (Version:  - VITSOFT)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wild Media Server (UPnP, DLNA, HTTP) (HKLM-x32\...\WMS) (Version: 1.08.2 - Evgeny Lachinov)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Care 365 version 2.94 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.94 - WiseCleaner.com, Inc.)
 
==================== Restore Points  =========================
 
15-04-2014 22:38:06 Installed Java 7 Update 55 (64-bit)
17-04-2014 11:28:58 Registry Reviver Restore Point (04/17/14)
18-04-2014 00:55:33 Registry Reviver Restore Point (04/17/14)
18-04-2014 11:24:19 Installed Java 7 Update 55
19-04-2014 21:14:39 Revo Uninstaller Pro's restore point - Java 7 Update 55
19-04-2014 21:16:22 Removed Java 7 Update 55 (64-bit)
20-04-2014 00:05:08 Registry Reviver Restore Point (04/19/14)
21-04-2014 16:28:00 Revo Uninstaller Pro's restore point - Java SE Development Kit 7 Update 55 (64-bit)
21-04-2014 21:16:25 Registry Reviver Restore Point (04/21/14)
22-04-2014 02:53:48 Registry Reviver Restore Point (04/21/14)
22-04-2014 13:20:56 Installed Java SE Development Kit 8 Update 5 (64-bit)
22-04-2014 13:25:30 Installed Java 8 Update 5 (64-bit)
22-04-2014 13:35:36 Removed Java 8 Update 5 (64-bit)
25-04-2014 14:09:20 Windows Update
29-04-2014 04:13:09 Registry Reviver Restore Point (04/29/14)
01-05-2014 23:23:23 Bom antes regularizar registro 
02-05-2014 03:11:40 Revo Uninstaller Pro's restore point - ZHPDiag 2014
02-05-2014 20:29:31 Windows Update
04-05-2014 14:22:04 Registry Reviver Restore Point (05/04/14)
04-05-2014 14:52:24 Created by Wise Care 365
04-05-2014 16:38:59 Operação de restauração
 
==================== Hosts content: ==========================
 
2009-07-13 23:34 - 2014-05-02 05:06 - 00000741 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {038A1695-66A7-42B2-A5E8-0886E1FE6280} - System32\Tasks\ASC7_SkipUac_Dell => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-03-10] (IObit)
Task: {14DBDDE3-59C3-41CE-9694-B8F2A20587A8} - \Clean System Memory No Task File <==== ATTENTION
Task: {17EC4B61-922E-4351-9C12-9FAAE4462E84} - System32\Tasks\Pointstone\System Cleaner\Run at Windows Startup => C:\Program Files (x86)\Pointstone\System Cleaner 7\Integrator.exe
Task: {1B0C4538-F5E9-4594-A2F6-C7B100A77D2E} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {27E7E8EC-97DE-4B74-B0C9-5FB649E36821} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {2A0AC395-28E3-452C-A7D5-84B097CE56C4} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {314E5AA8-1245-429D-9DBB-0152A06DDC70} - \ParetoLogic Update Version3 No Task File <==== ATTENTION
Task: {31AC1703-76A8-4622-9CF8-FF14971C92D7} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {3449AD23-5E0E-4ACA-A7FF-C4F6CDC64BC8} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3503D173-391C-44AF-98F0-A666C0446CD8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {3B33577B-C042-4782-AD4E-8F782AAA6048} - \Java Update Scheduler No Task File <==== ATTENTION
Task: {3BD74C54-887D-47F6-9DA0-9C446F866508} - \{C108BC42-96BC-4227-AA1B-08592984E455} No Task File <==== ATTENTION
Task: {4583D338-9DDC-45F9-A677-FC3E2349007E} - \PC Health Advisor No Task File <==== ATTENTION
Task: {471167DF-FA2C-4953-8616-1A1EBAD24178} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {4A156437-4A51-4952-B6A4-52CC88D9B96E} - \{4CC3807B-53EA-4832-8512-2616D6195558} No Task File <==== ATTENTION
Task: {4A9FEDEA-1554-4417-988D-A1F7A63EE5E4} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-02-11] (IObit)
Task: {4BA2FC6F-1FD8-47BC-A85F-57CBFDE90ED6} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {4BC2AB7A-3B4B-46E3-A9B1-53FA0F14671C} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {4F25BE16-33FC-4289-99AD-36F352DB720D} - \{6047C86F-39F7-4FA3-879C-F07B64E19688} No Task File <==== ATTENTION
Task: {5990CFB7-C50F-4C9A-B8C9-4E953D311A39} - \Driver Booster Update No Task File <==== ATTENTION
Task: {5C8F1947-4A24-4A9F-9946-AEC40B175C10} - \JetBoost_AutoUpdate No Task File <==== ATTENTION
Task: {6AB2196A-14D0-4D07-B97F-EA1608B7169C} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2014-03-17] (Glarysoft Ltd)
Task: {810A3BD6-8916-44BC-A21A-5253D40FBBFA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {8116F8C9-21DD-4072-B824-43027FACD2D2} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager Pro\anvir.exe [2024-10-25] (AnVir Software)
Task: {85F83F1D-87E5-4988-BC28-E9347FDBFE07} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2014-03-10] (Greatis Software)
Task: {865ACE18-F9AA-4391-970F-83AF11A1C7DB} - \ParetoLogic Registration3 No Task File <==== ATTENTION
Task: {879EF476-D4B0-45AB-A9D6-43CF8905D677} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {8837EDA6-7F18-4995-9B0E-BA81003AA8FA} - \{4670A716-E330-464F-A4C5-ACA3E2FD2275} No Task File <==== ATTENTION
Task: {8BDE846F-42BA-4488-A3B9-2E8940BB8F0C} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {9FA56E5B-AE4F-4893-A78D-E0DC38AB74CA} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {A18ADF0E-DC66-423B-ACD8-5DB18D691099} - System32\Tasks\SyneiStart => C:\Program Files (x86)\Synei\SystemUtilities\SystemUtilities.exe
Task: {A21FE9DD-2B6C-4713-82AC-70EC3B685764} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {A7CEAEC9-5F10-4213-B53F-2A57C218FEF8} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-01-21] (WiseCleaner.COM)
Task: {B0C139FA-1A87-48BB-B832-2E34761F2E92} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {B0F234C9-1CE4-4762-9804-82E0B8AF41F0} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Dell) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {CBEE43D4-15AE-4942-8A0C-1DDD82580018} - \{34630F2C-9302-4543-ABBD-68F094CEC50A} No Task File <==== ATTENTION
Task: {CFC6519B-7044-4E8D-BACC-1DCE8034663E} - \{A3DE7F2C-4721-4B85-A208-EF28536D8996} No Task File <==== ATTENTION
Task: {D12C145C-CEBA-4F5E-8C41-CD35C07399ED} - \PC Health Advisor Defrag No Task File <==== ATTENTION
Task: {D1C5FAD4-464F-43A6-91A5-34D891A987A5} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {D1EC5BC5-92FE-419A-998D-8231DC137E55} - \{80458243-75DD-4B5D-89C8-C4016ABD86D3} No Task File <==== ATTENTION
Task: {D68BD592-87F7-418F-9021-E234A3040A4D} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: {DD6DD884-CA94-4BF6-9AF8-976A14A34470} - \TuneUpUtilities_Task_BkGndMaintenance2013 No Task File <==== ATTENTION
Task: {E1B06D5F-B2B5-41FD-A744-1513589377DA} - \launchspotflux No Task File <==== ATTENTION
Task: {E3E59514-6D8E-4324-AF46-CDA40904054E} - \CleanMem Mini Monitor No Task File <==== ATTENTION
Task: {E545DE99-D441-489A-9996-2217191E6DA2} - \{06848492-DEA4-43F0-A7DA-D8D8D3FA242A} No Task File <==== ATTENTION
Task: {E7288E2D-FC14-48E5-9680-7E97169EE8D9} - System32\Tasks\GlaryUpdate 4 => C:\Program Files (x86)\Glary Utilities 4\CheckUpdate.exe [2014-03-17] (Glarysoft Ltd)
Task: {E963806F-5B76-4A58-A840-737F073716A5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {EAA93DA6-03C7-421F-B1D7-5C018D051259} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {EEE581CE-866F-4B13-ACFA-C9E13D93ED14} - \SolutoTask_284ce29d-409b-4792-b5ac-3f723c183961 No Task File <==== ATTENTION
Task: {F04F3511-F615-4079-9D62-3C0709E49B38} - System32\Tasks\Driver Booster SkipUAC (Dell) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-03-14] (IObit)
Task: {F128CD73-2669-408D-9313-24C73549DB34} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {F323F781-2970-4E76-8ED6-0BC7024D626A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GlaryUpdate 4.job => C:\Program Files (x86)\Glary Utilities 4\CheckUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-30 17:28 - 2011-02-28 19:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2010-07-15 01:44 - 2010-07-15 01:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-08-03 23:45 - 2011-10-26 17:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2013-11-09 20:47 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2013-11-09 20:47 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2013-11-09 20:47 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2013-11-09 20:47 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2013-11-09 20:47 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2014-02-25 16:31 - 2013-11-14 14:59 - 00031304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2014-02-25 16:31 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2014-02-25 16:31 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00029768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2014-02-25 16:30 - 2014-01-13 18:06 - 00105544 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00293960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00578632 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00468040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00192072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2014-02-25 16:30 - 2013-12-23 11:01 - 00281672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00068680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00069192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2014-02-25 16:30 - 2013-09-04 11:19 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00192584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2014-02-25 16:30 - 2013-10-22 17:31 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00135240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2014-02-25 16:30 - 2013-12-24 17:42 - 00017992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2013-10-31 12:05 - 2013-10-31 12:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-02-24 09:47 - 2013-12-24 19:14 - 00642016 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-03-06 00:30 - 1999-12-31 21:00 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-05-02 23:52 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-02 23:52 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-02 23:52 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-01 10:25 - 2014-04-23 21:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-01 10:25 - 2014-04-23 21:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-01 10:25 - 2014-04-23 21:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-01 10:25 - 2014-04-23 21:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-08 18:16 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\Dell\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-08 18:16 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\Dell\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-02-25 16:31 - 2013-09-04 11:19 - 00098888 _____ () C:\PROGRAM FILES (X86)\EASEUS\TODO BACKUP\BIN\CodeLog.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\85846070.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\85846070.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
HKU\.DEFAULT\Software\Classes\.exe: exefile <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile:  <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile:  <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile:  <===== ATTENTION!
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\Software\Classes\exefile:  <===== ATTENTION!
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AESTFilters => 3
MSCONFIG\Services: DragonUpdater => 3
MSCONFIG\Services: Guard Agent => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IceDragonUpdater => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: SophosVirusRemovalTool => 3
MSCONFIG\Services: STacSV => 3
MSCONFIG\Services: UNS => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 6 => 
MSCONFIG\startupreg: Ashampoo WinOptimizer Live-Tuner => 
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} => 
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: DivXMediaServer => 
MSCONFIG\startupreg: DivXUpdate => 
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUs TB Tray Agent => "C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe"
MSCONFIG\startupreg: EaseUs Tray => c:\program files (x86)\easeus\todo backup\bin\traynotify.exe
MSCONFIG\startupreg: EaseUs Watch => c:\program files (x86)\easeus\todo backup\bin\euwatch.exe
MSCONFIG\startupreg: Everything => "c:\program files (x86)\everything\everything.exe" -startup
MSCONFIG\startupreg: GUDelayStartup => C:\Program Files (x86)\Glary Utilities 4\StartupManager.exe -delayrun
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35FBWG6N05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Megacubo => "C:\Program Files (x86)\Megacubo\megacubo.exe" -load:update -type:startup
MSCONFIG\startupreg: Nero MediaHome 4 => 
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: SandboxieControl => 
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => 
MSCONFIG\startupreg: SynTPEnh => 
MSCONFIG\startupreg: SysTrayApp => c:\program files\idt\wdm\sttray64.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Vit Registry Optimizer => C:\Program Files (x86)\VITSOFT\Vit Registry Fix\Vit Registry Optimizer.exe -message
MSCONFIG\startupreg: WinPatrol => 
MSCONFIG\startupreg: {1606DC18-9578-4cbd-8312-8E9868F06A1D} => 
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/06/2014 03:53:01 AM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/06/2014 03:31:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 03:52:53 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/05/2014 03:52:53 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/05/2014 03:21:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 03:11:34 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/05/2014 03:11:34 PM) (Source: SideBySide) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Erro no arquivo de manifesto ou de diretiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", na linhaC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/05/2014 03:03:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 03:00:32 PM) (Source: System Restore) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\Windows\system32\wbem\wmiprvse.exe; Descrição = ComboFix created restore point; Erro = 0x8007043c).
 
Error: (05/05/2014 03:00:32 PM) (Source: VSS) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance.  hr = 0x8007043c, Não é possível compartilhar este serviço no modo de segurança
.
 
 
Operação:
   Instanciando servidor VSS
 
 
System errors:
=============
Error: (05/06/2014 08:01:42 AM) (Source: DCOM) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)
 
Error: (05/06/2014 07:55:05 AM) (Source: DCOM) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)
 
Error: (05/06/2014 07:51:42 AM) (Source: DCOM) (User: AUTORIDADE NT)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)
 
 
Microsoft Office Sessions:
=========================
Error: (05/06/2014 03:53:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
 
Error: (05/06/2014 03:31:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 03:52:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dell\Downloads\esetsmartinstaller_enu(1).exe
 
Error: (05/05/2014 03:52:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
 
Error: (05/05/2014 03:21:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 03:11:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dell\Downloads\esetsmartinstaller_enu(1).exe
 
Error: (05/05/2014 03:11:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
 
Error: (05/05/2014 03:03:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/05/2014 03:00:32 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c
 
Error: (05/05/2014 03:00:32 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007043c, Não é possível compartilhar este serviço no modo de segurança
 
 
Operação:
   Instanciando servidor VSS
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 57%
Total physical RAM: 3493.89 MB
Available physical RAM: 1481.57 MB
Total Pagefile: 6985.96 MB
Available Pagefile: 2896.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (Sistema) (Fixed) (Total:407.31 GB) (Free:277.32 GB) NTFS
Drive e: (Arquivos) (Fixed) (Total:276.92 GB) (Free:228.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 60586F99)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=407 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=277 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,627 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 PM

Posted 11 May 2014 - 08:30 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/533457 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 11 May 2014 - 09:50 AM

Good morning! 
 
We appreciate the attention this site. . . 
 
Follow the new log: 
 
. 1 DDS txt: 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by Dell at 11:39:05 on 2014-05-11
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.55.1046.18.3494.673 [GMT -3:00]
.
AV: COMODO Antivirus *Enabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\COMODO\COMODO Internet Security\CIS.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\system32\RunDll32.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\COMODO\COMODO Internet Security\CIS.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.br/
uProxyOverride = <local>;192.168.*.*
uSearchURL,(Default) = hxxp://www.oquefazernainternet.com/q/%s
mSearchAssistant = hxxp://www.oquefazernainternet.com/
mCustomizeSearch = hxxp://www.oquefazernainternet.com/
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [WinPatrol] c:\program files (x86)\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
StartupFolder: C:\Users\Dell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~2.LNK - C:\Windows\System32\RunDll32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:181
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-Windows\System: AllowBlockingAppsAtShutdown = dword:1
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
IE: Baixar com Mipony - <no file>
IE: LastPass - C:\Users\Dell\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: Preenchimento de formulários LastPass - C:\Users\Dell\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{260390F7-991C-4195-816D-9BA15A4ED484} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{302D15DD-297B-4CDA-A155-169E342FDE4F} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\05271696160246560224F6D6261637 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\05271696160246560224F6D6261637 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\75C414E4 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}\75C414E4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DD5529F5-1F46-4AC6-9407-30603A3DB7DD} : NameServer = 156.154.70.22,156.154.71.22
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\synaptics\syntp\syntpenh.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:\Program Files\AdTrustMedia\PrivDog\1.9.0.22\trustedads.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - 
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
FF - plugin: C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
FF - plugin: C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll
FF - plugin: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
FF - ExtSQL: 2014-03-19 19:39; PrivDog@AdTrustMedia.com; C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\extensions\PrivDog@AdTrustMedia.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 31415875;31415875;C:\Windows\System32\drivers\31415875.sys [2014-5-5 460888]
R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-3-19 17600]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2013-9-13 26176]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-3-8 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-3-8 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-3-8 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-3-8 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-3-8 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-3-8 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-3-8 281472]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2014-2-23 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2014-2-23 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgandnetndis64.sys [2014-2-23 93184]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-3-8 52352]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-8-15 1256192]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2013-3-20 6144]
.
=============== File Associations ===============
.
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-05-09 12:21:21 -------- d-----w- C:\Users\Dell\AppData\Roaming\Pointstone
2014-05-09 12:21:21 -------- d-----w- C:\Users\Dell\AppData\Local\Licenses
2014-05-06 01:43:08 98816 ----a-w- C:\Windows\sed.exe
2014-05-06 01:43:08 256000 ----a-w- C:\Windows\PEV.exe
2014-05-06 01:43:08 208896 ----a-w- C:\Windows\MBR.exe
2014-05-06 01:42:48 -------- d-s---w- C:\ComboFix
2014-05-05 17:09:41 -------- d-----w- C:\FRST
2014-05-05 13:26:21 -------- d-----w- C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 12:02:41 460888 ----a-w- C:\Windows\System32\drivers\31415875.sys
2014-05-03 02:52:55 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-05-02 20:30:33 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-02 20:30:33 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-01 23:17:11 -------- d-----w- C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 22:41:51 -------- d-----w- C:\ProgramData\WRData
2014-04-30 15:15:46 -------- d-----w- C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 15:12:14 -------- d-----w- C:\Program Files (x86)\Secunia
2014-04-30 14:19:19 47632 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2014-04-30 14:18:46 -------- d-----w- C:\Windows\SysWow64\DASBOOT
2014-04-30 14:18:11 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-04-30 02:20:53 -------- d-----w- C:\Users\Dell\AppData\Roaming\ZHP
2014-04-29 15:05:27 17931952 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-04-28 18:20:37 -------- d-----w- C:\Program Files (x86)\SpeedFan
2014-04-27 22:08:53 -------- d-----w- C:\uninstall27732u
2014-04-27 03:35:26 -------- d-----w- C:\uninstall8094u
2014-04-26 07:52:16 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-26 07:50:44 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-04-26 07:50:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 02:06:42 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-04-26 01:57:09 -------- d-----w- C:\Users\Dell\.receitanet
2014-04-25 14:10:47 -------- d-s---w- C:\Windows\System32\CompatTel
2014-04-25 14:09:05 465408 ----a-w- C:\Windows\System32\aepdu.dll
2014-04-25 14:09:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-25 12:22:08 57096 ----a-w- C:\Windows\System32\certsentry.dll
2014-04-25 12:22:08 48392 ----a-w- C:\Windows\SysWow64\certsentry.dll
2014-04-20 22:37:13 460888 ----a-w- C:\Windows\System32\drivers\96123702.sys
2014-04-19 21:18:58 93144 ----a-w- C:\Windows\System32\drivers\hmpalert.sys
2014-04-19 21:18:58 548424 ----a-w- C:\Windows\System32\hmpalert.dll
2014-04-19 21:18:58 477008 ----a-w- C:\Windows\SysWow64\hmpalert.dll
2014-04-19 21:18:58 -------- d-----w- C:\Program Files (x86)\HitmanPro.Alert
2014-04-18 11:28:05 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-15 22:41:45 -------- d-----w- C:\Users\Dell\.jmc
2014-04-15 22:40:42 -------- d-----w- C:\Users\Dell\.eclipse
2014-04-15 20:58:46 -------- d-----w- C:\Users\Dell\AppData\Local\ElevatedDiagnostics
2014-04-14 14:37:55 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2014-04-14 14:04:35 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2014-04-14 10:01:01 -------- d-----w- C:\Program Files (x86)\Programas RFB
2014-04-13 15:28:36 -------- d-sh--w- C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 15:28:35 -------- d-sh--w- C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-11 18:14:59 589000 ----a-w- C:\Windows\System32\drivers\btfilter.sys
2014-04-11 18:13:58 3868160 ----a-w- C:\Windows\System32\drivers\athrx.sys
2014-04-11 18:10:27 901848 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-04-11 18:10:27 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-04-11 15:54:18 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-11 15:54:18 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-11 15:54:18 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-11 15:54:17 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2014-04-11 15:54:17 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2014-04-11 15:51:53 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-11 15:51:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-11 15:51:53 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-11 15:51:52 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-11 15:51:51 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-11 15:51:51 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-04-11 15:51:49 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-11 15:51:49 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-11 15:51:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-11 15:51:43 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
.
==================== Find3M  ====================
.
2014-05-11 14:05:19 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2014-04-29 15:05:43 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 15:05:43 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-20 01:30:36 417792 --sha-w- C:\EUMONBMP.SYS
2014-04-16 21:12:56 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2014-04-16 21:12:55 738472 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2014-04-16 21:12:55 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2014-04-11 18:10:27 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-04-03 12:51:04 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-04-03 12:50:58 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-04-01 06:54:30 460888 ----a-w- C:\Windows\System32\drivers\52972590.sys
2014-04-01 06:54:30 460888 ----a-w- C:\Windows\System32\drivers\12778157.sys
2014-03-25 19:22:37 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2014-03-25 19:22:36 363504 ----a-w- C:\Windows\SysWow64\guard32.dll
2014-03-25 19:22:35 453680 ----a-w- C:\Windows\System32\guard64.dll
2014-03-25 19:22:29 352984 ----a-w- C:\Windows\System32\cmdvrt64.dll
2014-03-25 19:22:28 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll
2014-03-25 19:22:25 284888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2014-03-25 19:22:23 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2014-03-17 19:25:40 63088 ----a-w- C:\Windows\System32\vsocklib.dll
2014-03-17 18:40:40 50800 ----a-w- C:\Windows\System32\vmhgfs.dll
2014-03-17 18:40:38 34416 ----a-w- C:\Windows\System32\vmGuestLibJava.dll
2014-03-17 18:28:47 63088 ----a-w- C:\Windows\SysWow64\vsocklib.dll
2014-03-17 18:28:44 50800 ----a-w- C:\Windows\SysWow64\vmhgfs.dll
2014-03-17 18:28:41 34416 ----a-w- C:\Windows\SysWow64\vmGuestLibJava.dll
2014-03-17 15:54:09 53360 ----a-w- C:\Windows\System32\vmGuestLib.dll
2014-03-17 14:29:47 18432 ----a-w- C:\Windows\System32\corpol.dll
2014-03-17 13:04:41 73216 ----a-w- C:\Windows\System32\admparse.dll
2014-03-17 12:54:20 53360 ----a-w- C:\Windows\SysWow64\vmGuestLib.dll
2014-03-17 12:54:17 219248 ----a-w- C:\Windows\SysWow64\vm3dum.dll
2014-03-17 12:54:13 3223152 ----a-w- C:\Windows\SysWow64\vm3dgl.dll
2014-03-17 12:53:49 1047552 ----a-w- C:\Windows\SysWow64\mfc71u.dll
2014-03-17 12:53:29 18432 ----a-w- C:\Windows\SysWow64\corpol.dll
2014-03-17 12:53:25 73216 ----a-w- C:\Windows\SysWow64\admparse.dll
2014-03-17 06:22:56 118048 ----a-w- C:\Windows\System32\BootDefrag.exe
2014-03-17 06:07:38 17600 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2014-03-13 20:24:44 40720 ----a-w- C:\Windows\System32\Partizan.exe
2014-03-13 20:19:08 35816 ----a-w- C:\Windows\SysWow64\drivers\Partizan.sys
2014-03-12 10:43:17 2 --shatr- C:\Windows\winstart.bat
2014-03-05 00:31:58 8710656 ----a-w- C:\Windows\SysWow64\Impactor.dll
2014-03-05 00:31:57 943616 ----a-w- C:\Windows\SysWow64\WinSparkle.dll
2014-03-05 00:27:58 96256 ----a-w- C:\Windows\System32\AdbWinApi.dll
2014-03-05 00:27:58 943616 ----a-w- C:\Windows\System32\WinSparkle.dll
2014-03-05 00:27:58 8710656 ----a-w- C:\Windows\System32\Impactor.dll
2014-03-05 00:27:58 60928 ----a-w- C:\Windows\System32\AdbWinUsbApi.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-03 23:37:01 252480 ----atw- C:\Windows\SysWow64\crowdinspect64.exe
2014-03-01 16:58:21 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys
2014-02-18 17:12:01 9889352 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll
2014-02-18 17:12:01 271064 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
2014-02-17 16:41:24 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2014-02-12 00:01:01 528384 ----a-w- C:\Windows\System32\msdrm.dll
2014-02-12 00:01:01 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2014-02-12 00:01:00 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2014-02-12 00:01:00 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2014-02-12 00:01:00 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
.
============= FINISH: 11:47:03,70 ===============
 
. 2 DDS attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Basic 
Boot Device: \Device\HarddiskVolume1
Install Date: 22/02/2013 09:47:17
System Uptime: 11/05/2014 01:02:43 (10 hours ago)
.
Motherboard: Dell Inc. |  | 0X0DC1
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz | CPU 1 | 2294/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 407 GiB total, 280,852 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 277 GiB total, 228,718 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
ACR38/100/122 PC/SC Driver 1.1.2.0
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06)
Advanced SystemCare 7
Aimersoft PDF Converter Pro (Build 3.1.1)
AnVir Task Manager Pro
Atheros Bluetooth Suite (64)
µTorrent
aTube Catcher
Auslogics BoostSpeed
AutoCAD 2013 Language Pack – Português – Brasil (Brazilian Portuguese)
AutoCAD 2013 – Português – Brasil (Brazilian Portuguese)
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Inventor Fusion 2013
Autodesk Inventor Fusion plug-in for AutoCAD 2013
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Sync
BitTorrent
BufferChm
BurnAware Free 6.4
Caesium versão 1.4.1
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Comodo Dragon
COMODO Internet Security Premium
CrystalDiskInfo 5.6.2
D110
Dell DataSafe Local Backup
Dell System Detect
Dell Touchpad
Dell WLAN and Bluetooth Client Installation
Destinations
DeviceDiscovery
DiskMax 4.71
DLL Suite 2013
Driver Booster
EaseUS Partition Master 9.2.2
EaseUS Todo Backup Free 6.5
ESET Online Scanner v3
Everything 1.2.1.371
Everything 1.3.3.658 (x64)
FastStone Photo Resizer 3.1
FormatFactory 2.20
Fotosizer 2.08
Foxit Reader
Free Opener
Glary Utilities PRO 4.8
Google Chrome
Google Talk Plugin
Google Update Helper
GPBaseService2
HitmanPro.Alert
HP Deskjet 3510 series Ajuda
HP Deskjet 3510 series Estudo de aprimoramento de produtos
HP Deskjet 3510 series Software básico do dispositivo
HP Imaging Device Functions 14.0
HP Officejet Pro 8600 Ajuda
HP Officejet Pro 8600 Software básico do dispositivo
HP Unified IO
HP Update
HPAppStudio
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
I.R.I.S. OCR
IDT Audio
ImgBurn
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
IObit Uninstaller
iPrint
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
Java SE Development Kit 7 Update 55 (64-bit)
Java SE Development Kit 8 Update 5 (64-bit)
JetClean
KeyScrambler
LastPass (uninstall only)
LG United Mobile Driver
Módulo Adicional de Segurança CAIXA
Macrium Reflect Free Edition
Malwarebytes Anti-Malware versão 2.0.1.1004
MarketResearch
Megacubo 10
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Português do Brasil)
Microsoft .NET Framework 4.5.1 (PTB)
Microsoft Application Error Reporting
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Office com Clique para Executar 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 6.3.0
Mozilla Firefox 29.0.1 (x86 pt-BR)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Naviextras Toolbox
Naviextras Toolbox Prerequesities
Network64
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
Nokia Suite
NTREGOPT 1.1j
OpenOffice 4.0.1
Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 4.7)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 7.01.0.9)
Pacote de Driver do Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
Pacote de idioma do plug-in Autodesk Inventor Fusion para AutoCAD 2013
PC Connectivity Solution
Photomizer Scan 2
PhrozenSoft VirusTotal Uploader version 3.1
Plug-in Autodesk Inventor Fusion for AutoCAD 2013
PrimoPDF -- brought to you by Nitro PDF Software
PS_AIO_07_D110_SW_Min
Quickset64
QuickTransfer
Realtek Ethernet Controller Driver
Receitanet
Recuva
Registry Reviver
ResScan
Revo Uninstaller Pro 3.0.7
Scan
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Skype Click to Call
Skype™ 6.14
SmartWebPrinting
SolutionCenter
SpeedFan (remove only)
Spybot - Search & Destroy
SpywareBlaster 5.0
Status
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TeraCopy 2.27
The KMPlayer (remove only)
Time Stopper
Toolbox
TrayApp
UnHackMe 7.10 release
UniPDF 1.0.4
Unlocker 1.9.2
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
Vit Registry Fix 12.5 (remove only)
WebReg
Wild Media Server (UPnP, DLNA, HTTP)
WinRAR 4.20 (64-bit)
Wise Care 365 version 2.94
.
==== End Of File ===========================
 


#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:11 PM

Posted 12 May 2014 - 08:28 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

If you do not have this version AdwCleaner v3.207 please update and run it. Submit the log.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#6 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 12 May 2014 - 10:02 AM

Good morning Nasdaq !
 
Welcome you . . . hehehehe
 
NOTE: interesting that the CPU usage was high. . . We found that the software Malwarebytes Anti Malware , which was previously 1.75 version PRO , became 2 ... . Please be advised that it has already been uninstalled and possibly will install version 1.75 again. If we are not mistaken was on 26/04/2014 which went to version 2 ... .
 
What happens is that the machine is taking too long to start / reboot , almost twice as long as previously observed , as reported earlier in this post.
 
NTREGOPT also used the software , since this site and Microsoft itself , which eivte guide to the use of cleaners and optimizers records . . . and do not know whether there is any relationship between the delay in startup / reinização with the use of this software . Even because , as doing the tutorial it did not work fully , especially at the beginning .
 
Regarding access to folders , apparently is faster after the removal of the Malwarebytes software .
 
What caught our attention when we use the FRST 64 for the first time before this post is the same observed in this case , which appears in the log Addition, WARNING , as follows:
 
EXE ==================== Association ( whitelisted ) =============
 
. HKU \ DEFAULT \ Software \ Classes \ exe : . Exefile = > " % 1 " % * < ===== ATTENTION !
. HKU \ DEFAULT \ Software \ Classes \ exefile : " % 1 " % * < ===== ATTENTION !
HKU \ S -1- 5-19 \ Software \ Classes \ exe : . Exefile = > " % 1 " % * < ===== ATTENTION !
HKU \ S -1- 5-19 \ Software \ Classes \ exefile : " % 1 " % * < ===== ATTENTION !
HKU \ S -1- 5-20 \ Software \ Classes \ exe : . Exefile = > " % 1 " % * < ===== ATTENTION !
HKU \ S -1- 5-20 \ Software \ Classes \ exefile : " % 1 " % * < ===== ATTENTION !
HKU \ S -1-5-21-604499010-3047789608-1666320658-1000 \ Software \ Classes \ exefile : " % 1 " % * < ===== ATTENTION !
 
Following log:
 
1. Adwcleaner:
 
# AdwCleaner v3.208 - Relatório criado 12/05/2014 às 11:26:26
# Atualizado 11/05/2014 por Xplode
# Sistema Operacional : Windows 7 Home Basic Service Pack 1 (64 bits)
# Usuário : Dell - DELL-PC
# Executando de : C:\Users\Dell\Desktop\adwcleaner.exe
# Opção : Limpar
 
***** [ Serviços ] *****
 
 
***** [ Arquivos / Pastas ] *****
 
Arquivo Deletada : C:\Users\Dell\Desktop\Uninstall.exe
 
***** [ Atalhos ] *****
 
 
***** [ Registro ] *****
 
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Mozilla Firefox v29.0.1 (pt-BR)
 
[ Arquivo : C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\prefs.js ]
 
 
-\\ Google Chrome v34.0.1847.131
 
[ Arquivo : C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deletedo [Search Provider] : hxxp://www.softonic.com.br/s/{searchTerms}
Deletedo [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1117 octets] - [12/05/2014 11:24:54]
AdwCleaner[S0].txt - [1030 octets] - [12/05/2014 11:26:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1090 octets] ##########
 
2. FRST 64 txt:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Dell (administrator) on DELL-PC on 12-05-2014 11:37:27
Running from C:\Users\Dell\Desktop
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\synaptics\syntp\syntpenh.exe [3011312 2014-01-24] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\wlandecrypt.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Run: [WinPatrol] => c:\program files (x86)\billp studios\winpatrol\winpatrol.exe [429120 2014-01-23] (BillP Studios)
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk
ShortcutTarget: Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {2AD4F022-665A-4B7A-BD62-EAE068247EBB} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{DD5529F5-1F46-4AC6-9407-30603A3DB7DD}: [NameServer]156.154.70.22,156.154.71.22
 
FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default
FF NewTab: www.google.com.br
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: LastPass - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\support@lastpass.com [2014-02-28]
FF Extension: Forecastfox - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-03-01]
FF Extension: Qualys BrowserCheck - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-01-25]
FF Extension: Ghostery - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\firefox@ghostery.com.xpi [2013-09-16]
FF Extension: Webmail Ad Blocker - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\gmailnoads@mywebber.com.xpi [2013-09-16]
FF Extension: Self-Destructing Cookies - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-09-16]
FF Extension: Lightbeam - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-26]
FF Extension: YSlow - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\yslow@yahoo-inc.com.xpi [2013-09-16]
FF Extension: Adblock Plus - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-16]
FF Extension: User Agent Switcher - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-09-16]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-01-16]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com.br/
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Módulo de Proteção - Caixa Economica Federal) - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CHR Plugin: (Google Update) - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Extension: (Google Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-07-11]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2013-07-11]
CHR Extension: (WOT) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-07-11]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2013-07-11]
CHR Extension: (Adblock Plus) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-26]
CHR Extension: (better Browser - for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cokcmhdapcendeddejjpicpdmngcnhca [2013-10-22]
CHR Extension: (eCorreios - Rastreamentos dos Correios) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\delefjilcjidbcnnfkcebjphcfbokpfb [2013-07-11]
CHR Extension: (Tampermonkey) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-07-11]
CHR Extension: (MaskMe) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2013-09-11]
CHR Extension: (Chromebleed) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-17]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-25]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-07-11]
CHR Extension: (Spotflux Lite) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl [2014-01-31]
CHR Extension: (SiteAdvisor) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-08]
CHR Extension: (Avira Browser Safety) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-09]
CHR Extension: (Click&Clean) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-03-01]
CHR Extension: (AdBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-26]
CHR Extension: (FlashBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-24]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2013-07-11]
CHR Extension: (Unsocialize: The Link Unsocializer) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdogcpghhdcocgdjogbglgejhdeedijn [2013-07-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-26]
CHR Extension: (Cool Relógio) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2014-01-12]
CHR Extension: (Instant Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2013-07-11]
CHR Extension: (View Thru) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkncfnbcgbclefkbknfdbngiegdppgdd [2013-07-11]
CHR Extension: (Conversor de PDF para Word) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe [2013-07-11]
CHR Extension: (Motorola Connect) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigmoblgooahdmdibodmcnffgnejlndh [2014-02-08]
CHR Extension: (Skype Click to Call) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-08]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-07-11]
CHR Extension: (Ghostery) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-04-30]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-07-11]
CHR Extension: (Google Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-10-30]
CHR Extension: (Rolagem rápida do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-10-23]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-04-26]
CHR Extension: (Quebrador de Links) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla [2013-07-11]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-03-02]
CHR Extension: (AVG PrivacyFix) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni [2013-07-11]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
 
==================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [135168 2011-02-16] (Atheros)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2013-03-26] (Fork Ltd.)
S4 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-04-23] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S4 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-19] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-26] (IObit)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [409720 2013-06-28] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-04-22] (Atheros)
S4 a2AntiMalware; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
R0 31415875; C:\Windows\System32\DRIVERS\31415875.sys [460888 2014-05-05] (Kaspersky Lab ZAO)
S3 a2acc; No ImagePath
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-04-07] (Emsisoft GmbH)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-03-17] (Glarysoft Ltd)
S3 catchme; No ImagePath
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-04-07] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
S3 cpuz132; No ImagePath
S3 Delldiag; No ImagePath
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 esgiguard; No ImagePath
S3 EUBAKUP0; No ImagePath
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] ()
S3 EUBKMON0; C:\Windows\system32\drivers\EUBKMON0.sys [48200 2013-09-04] ()
S3 EUFDDISK0; No ImagePath
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-04-19] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-24] (Intel Corporation)
S3 MFE_RR; No ImagePath
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-03-13] (Greatis Software)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Resplendence Software Projects Sp.)
S3 SANDRA; No ImagePath
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-08-01] ()
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [38664 2013-04-29] (Spotflux, Inc)
U2 SR; 
U2 srservice; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-12 11:37 - 2014-05-12 11:38 - 00047125 _____ () C:\Users\Dell\Desktop\FRST.txt
2014-05-12 11:23 - 2014-05-12 11:22 - 02066944 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2014-05-12 11:22 - 2014-05-12 11:22 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (1).exe
2014-05-12 11:21 - 2014-05-12 11:21 - 01325827 _____ () C:\Users\Dell\Downloads\adwcleaner.exe
2014-05-11 11:54 - 2014-05-11 11:54 - 00011005 _____ () C:\Users\Dell\Downloads\hijackthis (1).log
2014-05-11 11:36 - 2014-05-11 11:36 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds (1).com
2014-05-11 01:03 - 2014-05-12 11:28 - 00000224 _____ () C:\Windows\setupact.log
2014-05-11 01:03 - 2014-05-12 11:27 - 00011542 _____ () C:\Windows\PFRO.log
2014-05-11 01:03 - 2014-05-11 01:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 01:02 - 2014-05-11 01:02 - 00003560 ____N () C:\bootsqm.dat
2014-05-10 23:15 - 2014-05-10 22:10 - 28172368 _____ (Panda Security ) C:\Users\Dell\Desktop\PandaCloudCleaner.exe
2014-05-10 22:09 - 2014-05-10 22:10 - 28172368 _____ (Panda Security ) C:\Users\Dell\Downloads\PandaCloudCleaner.exe
2014-05-10 19:57 - 2014-05-12 11:34 - 00049430 _____ () C:\Windows\WindowsUpdate.log
2014-05-10 12:31 - 2014-05-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 11:28 - 2014-05-10 11:28 - 00004434 _____ () C:\Users\Dell\Desktop\GVT.htm
2014-05-10 11:28 - 2014-05-10 11:28 - 00000000 ____D () C:\Users\Dell\Desktop\GVT_files
2014-05-10 11:23 - 2014-05-10 11:23 - 00004429 _____ () C:\Users\Dell\Desktop\Tim.htm
2014-05-10 11:23 - 2014-05-10 11:23 - 00000000 ____D () C:\Users\Dell\Desktop\Tim_files
2014-05-09 20:48 - 2014-05-09 20:48 - 00095232 _____ () C:\Users\Dell\Downloads\Cartadeamericano.pps
2014-05-09 20:43 - 2014-05-09 20:43 - 00410173 _____ () C:\Users\Dell\Downloads\srldetect_intel_4.5.15.0.cab
2014-05-09 20:24 - 2014-05-09 20:25 - 09037627 _____ () C:\Users\Dell\Downloads\IL.wmv
2014-05-09 09:44 - 2014-05-09 09:45 - 05196114 _____ () C:\Users\Dell\Downloads\CSC_SETUP_2.2.335611.5_xp_vista_server2003_win7_32bit.zip
2014-05-09 09:21 - 2014-05-09 09:34 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Pointstone
2014-05-09 09:21 - 2014-05-09 09:21 - 00000000 ____D () C:\Users\Dell\AppData\Local\Licenses
2014-05-09 09:16 - 2014-05-09 09:16 - 00921512 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u55.exe
2014-05-09 09:15 - 2014-05-09 09:15 - 01055040 _____ (IObit) C:\Users\Dell\Downloads\advanced-systemcare-installer.exe
2014-05-09 09:14 - 2014-05-09 09:14 - 09377312 _____ (Pointstone Software, LLC) C:\Users\Dell\Downloads\SystemCleanerSetup.exe
2014-05-08 16:53 - 2014-05-08 16:55 - 04853491 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_portable.zip
2014-05-08 16:32 - 2014-05-08 16:34 - 05705416 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_setup.exe
2014-05-08 08:17 - 2014-05-08 08:18 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Dell\Downloads\limpeza produtos Malweribytes mbam-clean-2.0.2.0.exe
2014-05-08 07:55 - 2014-05-08 07:55 - 00004418 _____ () C:\Users\Dell\Desktop\Unimed.htm
2014-05-08 07:55 - 2014-05-08 07:55 - 00000000 ____D () C:\Users\Dell\Desktop\Unimed_files
2014-05-08 00:02 - 2014-05-08 00:02 - 00015479 _____ () C:\Users\Dell\Downloads\JRT.txt
2014-05-07 08:45 - 2014-05-07 08:45 - 00845928 _____ () C:\Users\Dell\Downloads\PandaCloudAntivirus.exe
2014-05-06 09:13 - 2014-05-06 09:13 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds.com
2014-05-06 03:25 - 2014-05-06 03:26 - 04143997 _____ () C:\Users\Dell\Downloads\tdsskiller.zip
2014-05-06 03:24 - 2014-05-06 03:26 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Desktop\iexplorer.exe.exe
2014-05-06 03:07 - 2014-05-06 03:08 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill(1).exe
2014-05-05 22:43 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-05 22:43 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-05 22:43 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-05 22:42 - 2014-05-05 22:50 - 00000000 ___SD () C:\ComboFix
2014-05-05 22:42 - 2014-05-05 22:43 - 00000000 ____D () C:\Qoobox
2014-05-05 14:09 - 2014-05-12 11:37 - 00000000 ____D () C:\FRST
2014-05-05 14:07 - 2014-05-05 14:08 - 02063872 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-05-05 12:11 - 2014-05-06 17:18 - 00000000 ____D () C:\Windows\Minidump
2014-05-05 10:26 - 2014-05-05 10:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 09:02 - 2014-05-05 09:47 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\31415875.sys
2014-05-05 08:20 - 2014-05-05 08:20 - 02347384 _____ (ESET) C:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
2014-05-05 04:59 - 2014-05-05 08:59 - 136161520 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_05_05_09_48.exe
2014-05-04 09:19 - 2014-05-04 09:20 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-03 09:42 - 2014-05-03 09:42 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267 (1).msi
2014-05-03 00:02 - 2014-05-03 00:02 - 00000000 ____D () C:\Users\Dell\Documents\ProcAlyzer Dumps
2014-05-02 23:53 - 2014-05-04 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-02 23:53 - 2014-05-02 23:53 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-02 23:27 - 2014-05-02 23:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.3.exe
2014-05-02 22:59 - 2014-05-02 23:00 - 05616856 _____ () C:\Users\Dell\Downloads\Startups-vf.chm
2014-05-02 22:19 - 2014-05-02 22:19 - 00809692 _____ () C:\Users\Dell\Downloads\WinsockFix_InfoSpyware.zip
2014-05-02 22:18 - 2014-05-02 22:19 - 00791393 _____ (Lars Hederer ) C:\Users\Dell\Downloads\erunt-setup.exe
2014-05-02 22:17 - 2014-05-02 22:17 - 00522240 _____ (OldTimer Tools) C:\Users\Dell\Downloads\OTM.exe
2014-05-02 22:15 - 2014-05-02 22:15 - 00167376 _____ () C:\Users\Dell\Downloads\fileassassin-setup-1.06.esp.exe
2014-05-02 17:30 - 2014-04-29 11:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 17:30 - 2014-04-29 10:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 17:30 - 2014-04-29 09:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 17:30 - 2014-04-29 09:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 15:55 - 2014-05-02 15:55 - 03083248 _____ (Symantec Corporation) C:\Users\Dell\Downloads\NPE Norton Power Erase - anti crimaware.exe
2014-05-02 09:35 - 2014-05-02 09:35 - 00000021 _____ () C:\Users\Dell\Documents\Jiraya.txt
2014-05-02 09:28 - 2014-05-02 09:29 - 08620032 _____ () C:\Users\Dell\Downloads\EMET Setup.msi
2014-05-02 09:23 - 2014-05-02 09:24 - 10868379 _____ () C:\Users\Dell\Downloads\Anti-CryptorBitV2.zip
2014-05-01 23:42 - 2014-05-01 23:37 - 03972608 _____ () C:\Users\Dell\Desktop\RogueKiller.exe
2014-05-01 23:36 - 2014-05-01 23:37 - 03972608 _____ () C:\Users\Dell\Downloads\RogueKiller.exe
2014-05-01 23:35 - 2014-05-01 23:35 - 05698982 _____ () C:\Users\Dell\Downloads\VID-20140305-WA0001.mp4
2014-05-01 20:17 - 2014-05-01 20:17 - 00000975 _____ () C:\Users\Dell\Desktop\NTREGOPT.lnk
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 20:16 - 2014-05-01 20:16 - 00483809 _____ (Lars Hederer ) C:\Users\Dell\Downloads\ntregopt-setup.exe
2014-05-01 20:07 - 2014-05-01 20:07 - 00145237 _____ () C:\Users\Dell\Downloads\ntregopt.zip
2014-05-01 20:07 - 2014-05-01 20:07 - 00000970 _____ () C:\Users\Dell\Downloads\ntregopt-loc_fr.zip
2014-05-01 20:04 - 2014-05-01 20:04 - 00347440 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\MicrosoftFixit-portable.exe
2014-05-01 19:41 - 2014-05-01 19:49 - 00000000 ____D () C:\ProgramData\WRData
2014-05-01 19:35 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Dell\Documents\Simply Super Software
2014-05-01 12:54 - 2014-05-01 12:54 - 00518584 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\MemClean.exe
2014-05-01 12:53 - 2014-05-01 12:54 - 00895184 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\neoSearch.exe
2014-05-01 12:20 - 2014-05-01 12:21 - 26747104 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\Ferramenta Windows software malicioso Windows-KB890830-x64-V5.11.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Setup.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02197440 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Portable.exe
2014-04-30 21:36 - 2014-04-30 21:36 - 00154003 _____ () C:\Users\Dell\Downloads\netcraft_toolbar-1.9-fx.xpi
2014-04-30 17:07 - 2014-04-30 17:07 - 05227019 _____ () C:\Users\Dell\Downloads\namebench-1.3.1-Windows.exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00001036 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-04-30 12:15 - 2014-04-30 12:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 12:12 - 2014-04-30 12:12 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-30 12:03 - 2014-04-30 12:03 - 05329480 _____ (Secunia) C:\Users\Dell\Downloads\Secunia atualizar software PSISetup.exe
2014-04-30 11:19 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-04-30 11:18 - 2014-05-01 10:07 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-04-30 10:12 - 2014-04-30 10:12 - 02405616 _____ (Trend Micro Inc.) C:\Users\Dell\Downloads\HousecallLauncher64.exe
2014-04-29 23:20 - 2014-04-30 13:56 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ZHP
2014-04-29 12:05 - 2014-04-29 12:05 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 11:43 - 2014-04-29 11:49 - 00337888 _____ () C:\Users\Dell\Downloads\360is_min_5.0.0.5000beta.exe
2014-04-29 01:05 - 2014-04-29 01:05 - 00000067 _____ () C:\Users\Dell\Documents\Pai INSS.txt
2014-04-29 01:04 - 2014-04-29 01:04 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-28 15:37 - 2014-04-28 16:05 - 03018304 _____ () C:\Users\Dell\Downloads\Informações temperatura ManicTime.exe
2014-04-28 15:20 - 2014-04-29 01:04 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000974 _____ () C:\Users\Dell\Desktop\SpeedFan.lnk
2014-04-28 15:20 - 2014-04-28 15:20 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:12 - 2014-04-28 15:13 - 06090265 _____ () C:\Users\Dell\Downloads\ManicTimeUsb.zip
2014-04-28 15:12 - 2014-04-28 15:13 - 02143832 _____ () C:\Users\Dell\Downloads\instsf449.exe
2014-04-28 07:27 - 2014-04-28 07:27 - 00013212 _____ () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda.htm
2014-04-28 07:27 - 2014-04-28 07:27 - 00000000 ____D () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda_files
2014-04-27 19:08 - 2014-04-27 19:08 - 00000000 ____D () C:\uninstall27732u
2014-04-27 15:31 - 2014-04-27 15:32 - 02100736 _____ () C:\Users\Dell\Downloads\RIR E O MELHOR REMEDIO.pps
2014-04-27 00:35 - 2014-05-04 11:51 - 00000000 ____D () C:\uninstall8094u
2014-04-26 22:53 - 2014-04-26 22:53 - 00248714 _____ () C:\Users\Dell\Downloads\OCF_20131025.zip
2014-04-26 12:38 - 2014-05-03 08:11 - 06815744 _____ () C:\Users\Dell\ntuser.bak
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:01 - 2014-04-26 05:05 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:51 - 2014-04-26 04:52 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:46 - 2014-04-26 04:47 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 23:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-25 22:57 - 2014-04-30 00:11 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:09 - 2014-04-13 23:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 11:09 - 2014-04-13 23:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-25 11:01 - 2014-04-25 11:02 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:41 - 2014-04-23 00:45 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:56 - 2014-04-22 16:59 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 09:57 - 2014-04-22 10:04 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 09:56 - 2014-04-22 10:03 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 21:59 - 2014-04-21 22:00 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 19:18 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:17 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 18:54 - 2014-04-21 19:04 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:10 - 2014-04-21 13:11 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-20 19:37 - 2014-04-21 01:04 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 16:50 - 2014-04-20 17:39 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:07 - 2014-04-18 15:08 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:47 - 2014-04-18 10:58 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 08:28 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 08:28 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 08:28 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 08:26 - 2014-04-18 08:28 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 15:31 - 2014-04-16 15:32 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:16 - 2014-04-16 15:17 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:37 - 2014-05-04 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-15 19:28 - 2014-04-15 19:31 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:27 - 2014-04-15 19:30 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-14 21:54 - 2014-04-14 22:20 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:19 - 2014-04-14 19:32 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:01 - 2014-04-14 11:02 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:02 - 2014-04-14 07:12 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 06:50 - 2014-04-14 06:51 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:50 - 2014-04-14 06:51 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:38 - 2014-04-13 16:39 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:51 - 2014-04-12 09:52 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
 
==================== One Month Modified Files and Folders =======
 
2014-05-12 11:38 - 2014-05-12 11:37 - 00047125 _____ () C:\Users\Dell\Desktop\FRST.txt
2014-05-12 11:37 - 2014-05-05 14:09 - 00000000 ____D () C:\FRST
2014-05-12 11:37 - 2013-03-05 19:11 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-05-12 11:37 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 11:37 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 11:34 - 2014-05-10 19:57 - 00049430 _____ () C:\Windows\WindowsUpdate.log
2014-05-12 11:30 - 2013-12-01 13:17 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Wise Care 365
2014-05-12 11:29 - 2013-04-10 23:23 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-05-12 11:28 - 2014-05-11 01:03 - 00000224 _____ () C:\Windows\setupact.log
2014-05-12 11:28 - 2013-07-11 18:05 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-12 11:28 - 2013-07-11 18:05 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-12 11:28 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 11:27 - 2014-05-11 01:03 - 00011542 _____ () C:\Windows\PFRO.log
2014-05-12 11:24 - 2013-11-18 11:26 - 00000000 ____D () C:\Windows\CryptoGuard
2014-05-12 11:22 - 2014-05-12 11:23 - 02066944 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2014-05-12 11:22 - 2014-05-12 11:22 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (1).exe
2014-05-12 11:21 - 2014-05-12 11:21 - 01325827 _____ () C:\Users\Dell\Downloads\adwcleaner.exe
2014-05-12 11:05 - 2013-10-15 12:19 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-11 14:00 - 2013-12-01 13:19 - 00000400 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-05-11 12:01 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-11 11:54 - 2014-05-11 11:54 - 00011005 _____ () C:\Users\Dell\Downloads\hijackthis (1).log
2014-05-11 11:36 - 2014-05-11 11:36 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds (1).com
2014-05-11 08:38 - 2013-04-02 21:26 - 02249902 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-05-11 08:24 - 2013-12-19 06:30 - 00000000 ____D () C:\ProgramData\RegRun
2014-05-11 01:48 - 2013-11-05 18:48 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
2014-05-11 01:48 - 2013-11-05 18:48 - 00000000 ____D () C:\ProgramData\Documents\regruninfo
2014-05-11 01:47 - 2013-11-05 18:49 - 00000000 ____D () C:\Users\Dell\Documents\RegRun2
2014-05-11 01:03 - 2014-05-11 01:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 01:02 - 2014-05-11 01:02 - 00003560 ____N () C:\bootsqm.dat
2014-05-10 23:15 - 2013-02-22 09:47 - 00000000 ____D () C:\Users\Dell
2014-05-10 22:10 - 2014-05-10 23:15 - 28172368 _____ (Panda Security ) C:\Users\Dell\Desktop\PandaCloudCleaner.exe
2014-05-10 22:10 - 2014-05-10 22:09 - 28172368 _____ (Panda Security ) C:\Users\Dell\Downloads\PandaCloudCleaner.exe
2014-05-10 19:53 - 2013-04-27 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 12:31 - 2014-05-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 11:28 - 2014-05-10 11:28 - 00004434 _____ () C:\Users\Dell\Desktop\GVT.htm
2014-05-10 11:28 - 2014-05-10 11:28 - 00000000 ____D () C:\Users\Dell\Desktop\GVT_files
2014-05-10 11:23 - 2014-05-10 11:23 - 00004429 _____ () C:\Users\Dell\Desktop\Tim.htm
2014-05-10 11:23 - 2014-05-10 11:23 - 00000000 ____D () C:\Users\Dell\Desktop\Tim_files
2014-05-09 20:48 - 2014-05-09 20:48 - 00095232 _____ () C:\Users\Dell\Downloads\Cartadeamericano.pps
2014-05-09 20:43 - 2014-05-09 20:43 - 00410173 _____ () C:\Users\Dell\Downloads\srldetect_intel_4.5.15.0.cab
2014-05-09 20:25 - 2014-05-09 20:24 - 09037627 _____ () C:\Users\Dell\Downloads\IL.wmv
2014-05-09 09:45 - 2014-05-09 09:44 - 05196114 _____ () C:\Users\Dell\Downloads\CSC_SETUP_2.2.335611.5_xp_vista_server2003_win7_32bit.zip
2014-05-09 09:34 - 2014-05-09 09:21 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Pointstone
2014-05-09 09:21 - 2014-05-09 09:21 - 00000000 ____D () C:\Users\Dell\AppData\Local\Licenses
2014-05-09 09:16 - 2014-05-09 09:16 - 00921512 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u55.exe
2014-05-09 09:15 - 2014-05-09 09:15 - 01055040 _____ (IObit) C:\Users\Dell\Downloads\advanced-systemcare-installer.exe
2014-05-09 09:14 - 2014-05-09 09:14 - 09377312 _____ (Pointstone Software, LLC) C:\Users\Dell\Downloads\SystemCleanerSetup.exe
2014-05-09 07:59 - 2013-11-30 00:06 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\DiskDefrag
2014-05-08 17:48 - 2013-04-01 20:19 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Skype
2014-05-08 16:55 - 2014-05-08 16:53 - 04853491 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_portable.zip
2014-05-08 16:34 - 2014-05-08 16:32 - 05705416 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_setup.exe
2014-05-08 08:18 - 2014-05-08 08:17 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Dell\Downloads\limpeza produtos Malweribytes mbam-clean-2.0.2.0.exe
2014-05-08 07:55 - 2014-05-08 07:55 - 00004418 _____ () C:\Users\Dell\Desktop\Unimed.htm
2014-05-08 07:55 - 2014-05-08 07:55 - 00000000 ____D () C:\Users\Dell\Desktop\Unimed_files
2014-05-08 00:02 - 2014-05-08 00:02 - 00015479 _____ () C:\Users\Dell\Downloads\JRT.txt
2014-05-07 09:15 - 2013-05-25 20:37 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-05-07 08:45 - 2014-05-07 08:45 - 00845928 _____ () C:\Users\Dell\Downloads\PandaCloudAntivirus.exe
2014-05-06 17:18 - 2014-05-05 12:11 - 00000000 ____D () C:\Windows\Minidump
2014-05-06 17:03 - 2013-09-09 11:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-05-06 09:13 - 2014-05-06 09:13 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds.com
2014-05-06 03:26 - 2014-05-06 03:25 - 04143997 _____ () C:\Users\Dell\Downloads\tdsskiller.zip
2014-05-06 03:26 - 2014-05-06 03:24 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Desktop\iexplorer.exe.exe
2014-05-06 03:08 - 2014-05-06 03:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill(1).exe
2014-05-05 22:50 - 2014-05-05 22:42 - 00000000 ___SD () C:\ComboFix
2014-05-05 22:43 - 2014-05-05 22:42 - 00000000 ____D () C:\Qoobox
2014-05-05 22:40 - 2013-07-09 18:10 - 00000000 ____D () C:\Windows\erdnt
2014-05-05 22:37 - 2013-08-06 01:05 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 15:00 - 2013-03-05 09:43 - 00000000 ____D () C:\Users\Dell\AppData\Local\Apps\2.0
2014-05-05 14:51 - 2009-07-13 23:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-05 14:14 - 2013-04-02 19:29 - 00000000 ____D () C:\Windows\pss
2014-05-05 14:08 - 2014-05-05 14:07 - 02063872 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-05-05 12:33 - 2014-03-31 10:52 - 05199940 _____ (Swearware) C:\Users\Dell\Downloads\ComboFix.exe
2014-05-05 10:26 - 2014-05-05 10:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 09:47 - 2014-05-05 09:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\31415875.sys
2014-05-05 08:59 - 2014-05-05 04:59 - 136161520 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_05_05_09_48.exe
2014-05-05 08:20 - 2014-05-05 08:20 - 02347384 _____ (ESET) C:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
2014-05-04 13:46 - 2014-05-02 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-04 13:46 - 2014-03-30 18:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-04 13:46 - 2014-01-26 22:53 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ProductData
2014-05-04 13:46 - 2013-11-09 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-05-04 13:46 - 2013-08-03 23:45 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\TeraCopy
2014-05-04 13:46 - 2013-05-25 19:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\QFX Software
2014-05-04 13:46 - 2013-05-25 19:26 - 00000000 ____D () C:\ProgramData\QFX Software
2014-05-04 13:46 - 2013-03-05 19:11 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-05-04 13:46 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2014-05-04 11:51 - 2014-04-27 00:35 - 00000000 ____D () C:\uninstall8094u
2014-05-04 11:37 - 2014-04-15 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-05-04 11:37 - 2014-04-09 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-04 09:20 - 2014-05-04 09:19 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-03 09:42 - 2014-05-03 09:42 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267 (1).msi
2014-05-03 08:11 - 2014-04-26 12:38 - 06815744 _____ () C:\Users\Dell\ntuser.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 24379392 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00053248 _____ () C:\Windows\system32\config\SAM.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-03 00:02 - 2014-05-03 00:02 - 00000000 ____D () C:\Users\Dell\Documents\ProcAlyzer Dumps
2014-05-02 23:53 - 2014-05-02 23:53 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:52 - 2014-03-30 18:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-02 23:36 - 2014-05-02 23:27 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.3.exe
2014-05-02 23:00 - 2014-05-02 22:59 - 05616856 _____ () C:\Users\Dell\Downloads\Startups-vf.chm
2014-05-02 22:19 - 2014-05-02 22:19 - 00809692 _____ () C:\Users\Dell\Downloads\WinsockFix_InfoSpyware.zip
2014-05-02 22:19 - 2014-05-02 22:18 - 00791393 _____ (Lars Hederer ) C:\Users\Dell\Downloads\erunt-setup.exe
2014-05-02 22:17 - 2014-05-02 22:17 - 00522240 _____ (OldTimer Tools) C:\Users\Dell\Downloads\OTM.exe
2014-05-02 22:15 - 2014-05-02 22:15 - 00167376 _____ () C:\Users\Dell\Downloads\fileassassin-setup-1.06.esp.exe
2014-05-02 19:37 - 2014-01-28 17:52 - 00000882 _____ () C:\Users\Dell\Documents\Padre.txt
2014-05-02 15:55 - 2014-05-02 15:55 - 03083248 _____ (Symantec Corporation) C:\Users\Dell\Downloads\NPE Norton Power Erase - anti crimaware.exe
2014-05-02 09:35 - 2014-05-02 09:35 - 00000021 _____ () C:\Users\Dell\Documents\Jiraya.txt
2014-05-02 09:29 - 2014-05-02 09:28 - 08620032 _____ () C:\Users\Dell\Downloads\EMET Setup.msi
2014-05-02 09:24 - 2014-05-02 09:23 - 10868379 _____ () C:\Users\Dell\Downloads\Anti-CryptorBitV2.zip
2014-05-01 23:57 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 23:37 - 2014-05-01 23:42 - 03972608 _____ () C:\Users\Dell\Desktop\RogueKiller.exe
2014-05-01 23:37 - 2014-05-01 23:36 - 03972608 _____ () C:\Users\Dell\Downloads\RogueKiller.exe
2014-05-01 23:35 - 2014-05-01 23:35 - 05698982 _____ () C:\Users\Dell\Downloads\VID-20140305-WA0001.mp4
2014-05-01 20:17 - 2014-05-01 20:17 - 00000975 _____ () C:\Users\Dell\Desktop\NTREGOPT.lnk
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 20:16 - 2014-05-01 20:16 - 00483809 _____ (Lars Hederer ) C:\Users\Dell\Downloads\ntregopt-setup.exe
2014-05-01 20:07 - 2014-05-01 20:07 - 00145237 _____ () C:\Users\Dell\Downloads\ntregopt.zip
2014-05-01 20:07 - 2014-05-01 20:07 - 00000970 _____ () C:\Users\Dell\Downloads\ntregopt-loc_fr.zip
2014-05-01 20:04 - 2014-05-01 20:04 - 00347440 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\MicrosoftFixit-portable.exe
2014-05-01 19:49 - 2014-05-01 19:41 - 00000000 ____D () C:\ProgramData\WRData
2014-05-01 19:35 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Dell\Documents\Simply Super Software
2014-05-01 18:48 - 2013-02-22 05:39 - 00707498 _____ () C:\Windows\system32\prfh0416.dat
2014-05-01 18:48 - 2013-02-22 05:39 - 00148578 _____ () C:\Windows\system32\prfc0416.dat
2014-05-01 18:48 - 2009-07-14 02:13 - 01640864 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 12:54 - 2014-05-01 12:54 - 00518584 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\MemClean.exe
2014-05-01 12:54 - 2014-05-01 12:53 - 00895184 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\neoSearch.exe
2014-05-01 12:48 - 2013-12-06 08:47 - 00000000 ____D () C:\Users\Dell\AppData\Local\CrashDumps
2014-05-01 12:21 - 2014-05-01 12:20 - 26747104 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\Ferramenta Windows software malicioso Windows-KB890830-x64-V5.11.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Setup.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02197440 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Portable.exe
2014-05-01 10:07 - 2014-04-30 11:18 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-04-30 21:36 - 2014-04-30 21:36 - 00154003 _____ () C:\Users\Dell\Downloads\netcraft_toolbar-1.9-fx.xpi
2014-04-30 17:07 - 2014-04-30 17:07 - 05227019 _____ () C:\Users\Dell\Downloads\namebench-1.3.1-Windows.exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00001036 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-04-30 13:56 - 2014-04-29 23:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ZHP
2014-04-30 12:15 - 2014-04-30 12:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 12:12 - 2014-04-30 12:12 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-30 12:03 - 2014-04-30 12:03 - 05329480 _____ (Secunia) C:\Users\Dell\Downloads\Secunia atualizar software PSISetup.exe
2014-04-30 11:01 - 2013-11-05 21:01 - 00323826 _____ () C:\Users\Dell\AppData\Local\census.cache
2014-04-30 11:01 - 2013-11-05 21:01 - 00000000 _____ () C:\Users\Dell\AppData\Local\ars.cache
2014-04-30 10:12 - 2014-04-30 10:12 - 02405616 _____ (Trend Micro Inc.) C:\Users\Dell\Downloads\HousecallLauncher64.exe
2014-04-30 00:11 - 2014-04-25 22:57 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-29 12:05 - 2014-04-29 12:05 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 12:05 - 2013-12-11 11:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 12:05 - 2013-10-15 12:19 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 12:05 - 2013-03-05 23:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 11:49 - 2014-04-29 11:43 - 00337888 _____ () C:\Users\Dell\Downloads\360is_min_5.0.0.5000beta.exe
2014-04-29 11:01 - 2014-05-02 17:30 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 10:40 - 2014-05-02 17:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 09:48 - 2014-05-02 17:30 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 09:34 - 2014-05-02 17:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 01:05 - 2014-04-29 01:05 - 00000067 _____ () C:\Users\Dell\Documents\Pai INSS.txt
2014-04-29 01:04 - 2014-04-29 01:04 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-29 01:04 - 2014-04-28 15:20 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-04-28 16:05 - 2014-04-28 15:37 - 03018304 _____ () C:\Users\Dell\Downloads\Informações temperatura ManicTime.exe
2014-04-28 15:20 - 2014-04-28 15:20 - 00000974 _____ () C:\Users\Dell\Desktop\SpeedFan.lnk
2014-04-28 15:20 - 2014-04-28 15:20 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:13 - 2014-04-28 15:12 - 06090265 _____ () C:\Users\Dell\Downloads\ManicTimeUsb.zip
2014-04-28 15:13 - 2014-04-28 15:12 - 02143832 _____ () C:\Users\Dell\Downloads\instsf449.exe
2014-04-28 07:27 - 2014-04-28 07:27 - 00013212 _____ () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda.htm
2014-04-28 07:27 - 2014-04-28 07:27 - 00000000 ____D () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda_files
2014-04-27 19:08 - 2014-04-27 19:08 - 00000000 ____D () C:\uninstall27732u
2014-04-27 18:54 - 2014-01-12 09:44 - 00000000 ____D () C:\Users\Dell\AppData\Local\Adobe
2014-04-27 15:32 - 2014-04-27 15:31 - 02100736 _____ () C:\Users\Dell\Downloads\RIR E O MELHOR REMEDIO.pps
2014-04-26 22:53 - 2014-04-26 22:53 - 00248714 _____ () C:\Users\Dell\Downloads\OCF_20131025.zip
2014-04-26 12:38 - 2014-04-02 07:16 - 72810496 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00311296 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00053248 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:05 - 2014-04-26 05:01 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:52 - 2014-04-26 04:51 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Malwarebytes
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:47 - 2014-04-26 04:46 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:02 - 2014-04-25 11:01 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-25 09:21 - 2013-03-15 10:32 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:22 - 2013-07-09 12:52 - 00000000 ____D () C:\Users\Dell\Documents\Limpeza Casas - Margarete Grancoski_files
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:45 - 2014-04-23 00:41 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:59 - 2014-04-22 16:56 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 10:36 - 2014-03-22 02:14 - 00000000 ____D () C:\Program Files\Java
2014-04-22 10:34 - 2014-04-09 11:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 10:04 - 2014-04-22 09:57 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 10:03 - 2014-04-22 09:56 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 22:00 - 2014-04-21 21:59 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 19:19 - 2014-04-21 19:18 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:19 - 2014-04-21 19:17 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 19:04 - 2014-04-21 18:54 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:11 - 2014-04-21 13:10 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:56 - 2014-03-30 18:50 - 00000000 ____D () C:\Users\Dell\Downloads\Systweak RegClean Pro v6.21.65.2364 With Key [h33t][iahq76]
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-21 01:04 - 2014-04-20 19:37 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 22:21 - 2014-03-25 15:02 - 00000000 ____D () C:\Users\Dell\AppData\Local\AnVir
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 17:39 - 2014-04-20 16:50 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 22:30 - 2013-03-26 09:22 - 00417792 ___SH () C:\EUMONBMP.SYS
2014-04-19 20:57 - 2013-08-18 17:27 - 00000286 __RSH () C:\Users\Dell\ntuser.pol
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 18:12 - 2014-01-17 05:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:19 - 2013-11-05 18:48 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 15:08 - 2014-04-18 15:07 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:58 - 2014-04-18 10:47 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-18 08:26 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\ProgramData\Desktop\COMODO Internet Security.lnk
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 18:12 - 2014-03-05 12:54 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-04-16 15:32 - 2014-04-16 15:31 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:21 - 2014-04-10 11:18 - 00003007 _____ () C:\Users\Dell\Documents\Sygic - tutorial instalação.txt
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:17 - 2014-04-16 15:16 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 11:03 - 2013-04-01 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:31 - 2014-04-15 19:28 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:30 - 2014-04-15 19:27 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-14 22:20 - 2014-04-14 21:54 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 20:13 - 2014-04-18 08:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 08:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 08:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 08:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 19:32 - 2014-04-14 12:19 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:02 - 2014-04-14 11:01 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:12 - 2014-04-14 07:02 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:01 - 2013-04-18 12:24 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 07:00 - 2013-04-18 12:25 - 00000000 ____D () C:\Arquivos de Programas RFB
2014-04-14 06:51 - 2014-04-14 06:50 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:51 - 2014-04-14 06:50 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 23:24 - 2014-04-25 11:09 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-13 23:19 - 2014-04-25 11:09 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 19:45 - 2014-02-09 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:39 - 2014-04-13 16:38 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:16 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:52 - 2014-04-12 09:51 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
2014-04-12 09:14 - 2014-04-11 22:18 - 00022302 _____ () C:\Users\Dell\Downloads\Result.txt
 
Files to move or delete:
====================
C:\ProgramData\RegistryReviver.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-03-05 10:38
 
==================== End Of Log ============================
 
3. FRST 64 - Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by Dell at 2014-05-12 11:38:48
Running from C:\Users\Dell\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACR38/100/122 PC/SC Driver 1.1.2.0 (HKLM\...\{155796AE-16D0-45D2-8939-6AE3AD67147B}) (Version: 1.1.2 - Advanced Card Systems Ltd.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.2.1 - IObit)
Aimersoft PDF Converter Pro (Build 3.1.1) (HKLM-x32\...\{C28729BF-059E-4A2B-BCD6-08CD91FE06E1}_is1) (Version: 3.1.1 - Aimersoft Software)
AnVir Task Manager Pro (HKLM-x32\...\AnVir Task Manager Pro) (Version:  - AnVir Software)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.3.0.0 - Auslogics Labs Pty Ltd)
AutoCAD 2013 – Português – Brasil (Brazilian Portuguese) (HKLM\...\AutoCAD 2013 – Português – Brasil (Brazilian Portuguese)) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 – Português – Brasil (Brazilian Portuguese) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack – Português – Brasil (Brazilian Portuguese) (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Plug-in Autodesk Inventor Fusion for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
BurnAware Free 6.4 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Caesium versão 1.4.1 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.4.1 - Matteo Paonessa)
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.0.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{8899F0F2-03D8-4DDE-ADCA-4F0A7CE18A74}) (Version: 7.0.51350.4115 - COMODO Security Solutions Inc.)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 4.1.2.11 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DiskMax 4.71 (HKLM\...\DiskMax) (Version: 4.71 - KoshyJohn.com)
DLL Suite 2013 (HKLM-x32\...\{885843E7-6CAC-4791-B7BF-1CD516017954}_is1) (Version:  - )
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 6.5 (HKLM-x32\...\EaseUS Todo Backup Free 6.5_is1) (Version: 6.5 - CHENGDU YIWO Tech Development Co., Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version:  - )
Everything 1.3.3.658 (x64) (HKLM\...\Everything) (Version:  - )
FastStone Photo Resizer 3.1 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.1 - FastStone Soft.)
FormatFactory 2.20 (HKLM-x32\...\FormatFactory) (Version: 2.20 - Free Time)
Fotosizer 2.08 (HKLM-x32\...\Fotosizer) (Version: 2.08.0.545 - Fotosizer.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Glary Utilities PRO 4.8 (HKLM-x32\...\Glary Utilities 4) (Version: 4.8.0.97 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}) (Version: 4.5.3.14917 - Google)
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Deskjet 3510 series Ajuda (HKLM-x32\...\{949C49A5-91B7-40D2-AF9A-15681454074A}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Estudo de aprimoramento de produtos (HKLM\...\{34B5B8D3-4106-4713-AAE1-DAE898EEB21C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Software básico do dispositivo (HKLM\...\{B332BF47-16DD-476D-AE00-31DC6DE5B87A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8600 Ajuda (HKLM-x32\...\{4795BA34-DD3D-448A-A602-AD221F9B281B}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Software básico do dispositivo (HKLM\...\{B7218FC4-74AB-46B0-9D44-FFDCEE3535E2}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Unified IO (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.10.1300 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
iPrint (HKLM-x32\...\iPrint_is1) (Version: 6.1 - Inzone Software Limited)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.1 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.1 - Receita Federal do Brasil)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
LastPass (uninstall only) (HKCU\...\LastPass) (Version:  - LastPass)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6354 - Paramount Software (UK) Ltd.) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Megacubo 10 (HKLM-x32\...\Megacubo_is1) (Version:  - www.megacubo.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office com Clique para Executar 2010 (Version: 14.0.6122.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Módulo Adicional de Segurança CAIXA (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: Módulo Adicional de Segurança CAIXA - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 29.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 pt-BR)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Naviextras Toolbox (HKLM-x32\...\Naviextras Toolbox) (Version: 3.15.2.307259 - NNG Llc.)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{7130468A-F53F-4698-8C09-A339EA3B05E6}) (Version: 3.0.655 - Nokia Corporation)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NTREGOPT 1.1j (HKLM-x32\...\NTREGOPT_is1) (Version:  - Lars Hederer)
OpenOffice 4.0.1 (HKLM-x32\...\{50FA6B86-D3C4-4961-A58F-1A061B2DCE04}) (Version: 4.01.9714 - Apache Software Foundation)
Pacote de Driver do Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (12/06/2010 4.0.0000.00000) (HKLM\...\199F2EB9DED8BE53A482B8F28B6149674948BDA9) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Pacote de Driver do Windows - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Pacote de Driver do Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Pacote de idioma do plug-in Autodesk Inventor Fusion para AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photomizer Scan 2 (HKLM-x32\...\{CCE60D92-F3EC-4EF7-0001-C8949A33B608}) (Version: 2.0.14.113 - Engelmann Media GmbH)
PhrozenSoft VirusTotal Uploader version 3.1 (HKCU\...\PhrozenSoft VirusTotal Uploader_is1) (Version: 3.1 - Phrozen Software™ Solutions © 2013)
Plug-in Autodesk Inventor Fusion for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.142 - ReviverSoft LLC)
ResScan (HKLM-x32\...\{F19702FA-6D54-41E1-98E2-156460C87FF2}) (Version: 3.16 - ResMed Pty Ltd)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
Time Stopper (HKLM-x32\...\Time Stopper2.00) (Version: 2.00 - DilSoft)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
UnHackMe 7.10 release (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
UniPDF 1.0.4 (HKLM-x32\...\UniPDF) (Version: 1.0.4 - UniPDF.com)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Vit Registry Fix 12.5 (remove only) (HKLM\...\Vit Registry Fix) (Version:  - VITSOFT)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wild Media Server (UPnP, DLNA, HTTP) (HKLM-x32\...\WMS) (Version: 1.08.2 - Evgeny Lachinov)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Care 365 version 2.94 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.94 - WiseCleaner.com, Inc.)
 
==================== Restore Points  =========================
 
19-04-2014 21:14:39 Revo Uninstaller Pro's restore point - Java 7 Update 55
19-04-2014 21:16:22 Removed Java 7 Update 55 (64-bit)
20-04-2014 00:05:08 Registry Reviver Restore Point (04/19/14)
21-04-2014 16:28:00 Revo Uninstaller Pro's restore point - Java SE Development Kit 7 Update 55 (64-bit)
21-04-2014 21:16:25 Registry Reviver Restore Point (04/21/14)
22-04-2014 02:53:48 Registry Reviver Restore Point (04/21/14)
22-04-2014 13:20:56 Installed Java SE Development Kit 8 Update 5 (64-bit)
22-04-2014 13:25:30 Installed Java 8 Update 5 (64-bit)
22-04-2014 13:35:36 Removed Java 8 Update 5 (64-bit)
25-04-2014 14:09:20 Windows Update
29-04-2014 04:13:09 Registry Reviver Restore Point (04/29/14)
01-05-2014 23:23:23 Bom antes regularizar registro 
02-05-2014 03:11:40 Revo Uninstaller Pro's restore point - ZHPDiag 2014
02-05-2014 20:29:31 Windows Update
04-05-2014 14:22:04 Registry Reviver Restore Point (05/04/14)
04-05-2014 14:52:24 Created by Wise Care 365
04-05-2014 16:38:59 Operação de restauração
09-05-2014 12:32:35 Revo Uninstaller Pro's restore point - System Cleaner 7
11-05-2014 04:21:05 RegRun Virus Scan
11-05-2014 04:54:21 RegRun Virus Scan
 
==================== Hosts content: ==========================
 
2009-07-13 23:34 - 2014-05-02 05:06 - 00000741 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {038A1695-66A7-42B2-A5E8-0886E1FE6280} - System32\Tasks\ASC7_SkipUac_Dell => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-03-10] (IObit)
Task: {14DBDDE3-59C3-41CE-9694-B8F2A20587A8} - \Clean System Memory No Task File <==== ATTENTION
Task: {17EC4B61-922E-4351-9C12-9FAAE4462E84} - System32\Tasks\Pointstone\System Cleaner\Run at Windows Startup => C:\Program Files (x86)\Pointstone\System Cleaner 7\Integrator.exe
Task: {1B0C4538-F5E9-4594-A2F6-C7B100A77D2E} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {27E7E8EC-97DE-4B74-B0C9-5FB649E36821} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {2A0AC395-28E3-452C-A7D5-84B097CE56C4} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {314E5AA8-1245-429D-9DBB-0152A06DDC70} - \ParetoLogic Update Version3 No Task File <==== ATTENTION
Task: {31AC1703-76A8-4622-9CF8-FF14971C92D7} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {3449AD23-5E0E-4ACA-A7FF-C4F6CDC64BC8} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3503D173-391C-44AF-98F0-A666C0446CD8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {3B33577B-C042-4782-AD4E-8F782AAA6048} - \Java Update Scheduler No Task File <==== ATTENTION
Task: {3BD74C54-887D-47F6-9DA0-9C446F866508} - \{C108BC42-96BC-4227-AA1B-08592984E455} No Task File <==== ATTENTION
Task: {4583D338-9DDC-45F9-A677-FC3E2349007E} - \PC Health Advisor No Task File <==== ATTENTION
Task: {471167DF-FA2C-4953-8616-1A1EBAD24178} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {4A156437-4A51-4952-B6A4-52CC88D9B96E} - \{4CC3807B-53EA-4832-8512-2616D6195558} No Task File <==== ATTENTION
Task: {4A9FEDEA-1554-4417-988D-A1F7A63EE5E4} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-02-11] (IObit)
Task: {4AEDBF3D-2AE7-4BFE-B834-4C6FE40AEBC8} - System32\Tasks\Pointstone\System Cleaner\Log On Notice => C:\Program Files (x86)\Pointstone\System Cleaner 7\Helper.exe
Task: {4BA2FC6F-1FD8-47BC-A85F-57CBFDE90ED6} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {4BC2AB7A-3B4B-46E3-A9B1-53FA0F14671C} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {4F25BE16-33FC-4289-99AD-36F352DB720D} - \{6047C86F-39F7-4FA3-879C-F07B64E19688} No Task File <==== ATTENTION
Task: {5990CFB7-C50F-4C9A-B8C9-4E953D311A39} - \Driver Booster Update No Task File <==== ATTENTION
Task: {5C8F1947-4A24-4A9F-9946-AEC40B175C10} - \JetBoost_AutoUpdate No Task File <==== ATTENTION
Task: {6AB2196A-14D0-4D07-B97F-EA1608B7169C} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2014-03-17] (Glarysoft Ltd)
Task: {78F4A9AB-6286-4B13-B642-17518822001D} - System32\Tasks\Pointstone\System Cleaner\Daily Notice => C:\Program Files (x86)\Pointstone\System Cleaner 7\Helper.exe
Task: {810A3BD6-8916-44BC-A21A-5253D40FBBFA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {8116F8C9-21DD-4072-B824-43027FACD2D2} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager Pro\anvir.exe [2024-10-25] (AnVir Software)
Task: {85F83F1D-87E5-4988-BC28-E9347FDBFE07} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2014-03-10] (Greatis Software)
Task: {865ACE18-F9AA-4391-970F-83AF11A1C7DB} - \ParetoLogic Registration3 No Task File <==== ATTENTION
Task: {879EF476-D4B0-45AB-A9D6-43CF8905D677} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {8837EDA6-7F18-4995-9B0E-BA81003AA8FA} - \{4670A716-E330-464F-A4C5-ACA3E2FD2275} No Task File <==== ATTENTION
Task: {8BDE846F-42BA-4488-A3B9-2E8940BB8F0C} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {9FA56E5B-AE4F-4893-A78D-E0DC38AB74CA} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {A18ADF0E-DC66-423B-ACD8-5DB18D691099} - System32\Tasks\SyneiStart => C:\Program Files (x86)\Synei\SystemUtilities\SystemUtilities.exe
Task: {A21FE9DD-2B6C-4713-82AC-70EC3B685764} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {A7CEAEC9-5F10-4213-B53F-2A57C218FEF8} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-01-21] (WiseCleaner.COM)
Task: {B0C139FA-1A87-48BB-B832-2E34761F2E92} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {B0F234C9-1CE4-4762-9804-82E0B8AF41F0} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Dell) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {CBEE43D4-15AE-4942-8A0C-1DDD82580018} - \{34630F2C-9302-4543-ABBD-68F094CEC50A} No Task File <==== ATTENTION
Task: {CFC6519B-7044-4E8D-BACC-1DCE8034663E} - \{A3DE7F2C-4721-4B85-A208-EF28536D8996} No Task File <==== ATTENTION
Task: {D12C145C-CEBA-4F5E-8C41-CD35C07399ED} - \PC Health Advisor Defrag No Task File <==== ATTENTION
Task: {D1C5FAD4-464F-43A6-91A5-34D891A987A5} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {D1EC5BC5-92FE-419A-998D-8231DC137E55} - \{80458243-75DD-4B5D-89C8-C4016ABD86D3} No Task File <==== ATTENTION
Task: {D68BD592-87F7-418F-9021-E234A3040A4D} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: {DD6DD884-CA94-4BF6-9AF8-976A14A34470} - \TuneUpUtilities_Task_BkGndMaintenance2013 No Task File <==== ATTENTION
Task: {E1B06D5F-B2B5-41FD-A744-1513589377DA} - \launchspotflux No Task File <==== ATTENTION
Task: {E3E59514-6D8E-4324-AF46-CDA40904054E} - \CleanMem Mini Monitor No Task File <==== ATTENTION
Task: {E545DE99-D441-489A-9996-2217191E6DA2} - \{06848492-DEA4-43F0-A7DA-D8D8D3FA242A} No Task File <==== ATTENTION
Task: {E7288E2D-FC14-48E5-9680-7E97169EE8D9} - System32\Tasks\GlaryUpdate 4 => C:\Program Files (x86)\Glary Utilities 4\CheckUpdate.exe [2014-03-17] (Glarysoft Ltd)
Task: {E963806F-5B76-4A58-A840-737F073716A5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {EAA93DA6-03C7-421F-B1D7-5C018D051259} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {EEE581CE-866F-4B13-ACFA-C9E13D93ED14} - \SolutoTask_284ce29d-409b-4792-b5ac-3f723c183961 No Task File <==== ATTENTION
Task: {F04F3511-F615-4079-9D62-3C0709E49B38} - System32\Tasks\Driver Booster SkipUAC (Dell) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-03-14] (IObit)
Task: {F128CD73-2669-408D-9313-24C73549DB34} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {F323F781-2970-4E76-8ED6-0BC7024D626A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GlaryUpdate 4.job => C:\Program Files (x86)\Glary Utilities 4\CheckUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-30 17:28 - 2011-02-28 19:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2010-07-15 01:44 - 2010-07-15 01:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-08-03 23:45 - 2011-10-26 17:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-08-03 23:45 - 2011-10-26 17:41 - 00126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\85846070.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\85846070.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AESTFilters => 3
MSCONFIG\Services: DragonUpdater => 3
MSCONFIG\Services: Guard Agent => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IceDragonUpdater => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: SophosVirusRemovalTool => 3
MSCONFIG\Services: STacSV => 3
MSCONFIG\Services: UNS => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 6 => 
MSCONFIG\startupreg: Ashampoo WinOptimizer Live-Tuner => 
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} => 
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: DivXMediaServer => 
MSCONFIG\startupreg: DivXUpdate => 
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUs TB Tray Agent => "C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe"
MSCONFIG\startupreg: EaseUs Tray => c:\program files (x86)\easeus\todo backup\bin\traynotify.exe
MSCONFIG\startupreg: EaseUs Watch => c:\program files (x86)\easeus\todo backup\bin\euwatch.exe
MSCONFIG\startupreg: Everything => "c:\program files (x86)\everything\everything.exe" -startup
MSCONFIG\startupreg: GUDelayStartup => C:\Program Files (x86)\Glary Utilities 4\StartupManager.exe -delayrun
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35FBWG6N05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Megacubo => "C:\Program Files (x86)\Megacubo\megacubo.exe" -load:update -type:startup
MSCONFIG\startupreg: Nero MediaHome 4 => 
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: SandboxieControl => 
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => 
MSCONFIG\startupreg: SynTPEnh => 
MSCONFIG\startupreg: SysTrayApp => c:\program files\idt\wdm\sttray64.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Vit Registry Optimizer => C:\Program Files (x86)\VITSOFT\Vit Registry Fix\Vit Registry Optimizer.exe -message
MSCONFIG\startupreg: WinPatrol => 
MSCONFIG\startupreg: {1606DC18-9578-4cbd-8312-8E9868F06A1D} => 
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/12/2014 11:30:20 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/12/2014 11:13:17 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/12/2014 08:01:30 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (05/11/2014 01:11:11 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (05/11/2014 01:11:11 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
Error: (05/11/2014 01:11:10 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost (4152) WebCacheLocal: Erro -1023 (0xfffffc01) ao abrir o arquivo de log C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log.
 
 
System errors:
=============
Error: (05/12/2014 11:33:27 AM) (Source: DCOM) (User: AUTORIDADE NT) (EventID: 10016)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSERVIÇO LOCALS-1-5-19LocalHost (Usando LRPC)
 
Error: (05/12/2014 11:32:23 AM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço Serviço de Descoberta de dispositivos CUE HP foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (05/12/2014 11:32:23 AM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço hpqcxs08 foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (05/12/2014 11:31:09 AM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: O serviço Gbp Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar o serviço.
 
Error: (05/12/2014 11:30:25 AM) (Source: VDS Basic Provider) (User: ) (EventID: 1)
Description: Falha inesperada. Erro: 490@01010004
 
Error: (05/12/2014 11:30:20 AM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço LiveUpdate foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (05/12/2014 11:29:48 AM) (Source: DCOM) (User: AUTORIDADE NT) (EventID: 10016)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)
 
Error: (05/12/2014 11:28:12 AM) (Source: EventLog) (User: ) (EventID: 6008)
Description: O desligamento anterior do sistema em 11:26:17 às ‎12/‎05/‎2014 não era esperado.
 
Error: (05/12/2014 11:23:57 AM) (Source: DCOM) (User: AUTORIDADE NT) (EventID: 10016)
Description: Específico do aplicativoLocalIniciar{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)
 
Error: (05/12/2014 11:19:42 AM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: O serviço Serviço de Descoberta de dispositivos CUE HP foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
 
Microsoft Office Sessions:
=========================
Error: (05/12/2014 11:30:20 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/12/2014 11:13:17 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/12/2014 08:01:30 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
Error: (05/11/2014 01:11:12 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
Error: (05/11/2014 01:11:11 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
Error: (05/11/2014 01:11:11 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
Error: (05/11/2014 01:11:10 AM) (Source: ESENT) (User: ) (EventID: 455)
Description: DllHost4152WebCacheLocal: C:\Users\Dell\AppData\Local\Microsoft\Windows\WebCache\V01.log-1023 (0xfffffc01)
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 43%
Total physical RAM: 3493.89 MB
Available physical RAM: 1966.65 MB
Total Pagefile: 6985.96 MB
Available Pagefile: 5373.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (Sistema) (Fixed) (Total:407.31 GB) (Free:280.59 GB) NTFS
Drive e: (Arquivos) (Fixed) (Total:276.92 GB) (Free:228.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 60586F99)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=407 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=277 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:11 PM

Posted 12 May 2014 - 10:46 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *?* <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\wlandecrypt.exe <====== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: []
FF Extension: Ghostery - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\firefox@ghostery.com.xpi [2013-09-16]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Ghostery) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-04-30]
S4 a2AntiMalware; No ImagePath
S3 a2acc; No ImagePath
S3 cpuz132; No ImagePath
S3 Delldiag; No ImagePath
S3 esgiguard; No ImagePath
S3 EUBAKUP0; No ImagePath
S3 EUFDDISK0; No ImagePath
S3 MFE_RR; No ImagePath
U2 SR;
U2 srservice; 
Task: {14DBDDE3-59C3-41CE-9694-B8F2A20587A8} - \Clean System Memory No Task File <==== ATTENTION
Task: {314E5AA8-1245-429D-9DBB-0152A06DDC70} - \ParetoLogic Update Version3 No Task File <==== ATTENTION
Task: {3449AD23-5E0E-4ACA-A7FF-C4F6CDC64BC8} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3B33577B-C042-4782-AD4E-8F782AAA6048} - \Java Update Scheduler No Task File <==== ATTENTION
Task: {3BD74C54-887D-47F6-9DA0-9C446F866508} - \{C108BC42-96BC-4227-AA1B-08592984E455} No Task File <==== ATTENTION
Task: {4583D338-9DDC-45F9-A677-FC3E2349007E} - \PC Health Advisor No Task File <==== ATTENTION
Task: {4A156437-4A51-4952-B6A4-52CC88D9B96E} - \{4CC3807B-53EA-4832-8512-2616D6195558} No Task File <==== ATTENTION
Task: {4F25BE16-33FC-4289-99AD-36F352DB720D} - \{6047C86F-39F7-4FA3-879C-F07B64E19688} No Task File <==== ATTENTION
Task: {5990CFB7-C50F-4C9A-B8C9-4E953D311A39} - \Driver Booster Update No Task File <==== ATTENTION
Task: {5C8F1947-4A24-4A9F-9946-AEC40B175C10} - \JetBoost_AutoUpdate No Task File <==== ATTENTION
Task: {865ACE18-F9AA-4391-970F-83AF11A1C7DB} - \ParetoLogic Registration3 No Task File <==== ATTENTION
Task: {8837EDA6-7F18-4995-9B0E-BA81003AA8FA} - \{4670A716-E330-464F-A4C5-ACA3E2FD2275} No Task File <==== ATTENTION
Task: {9FA56E5B-AE4F-4893-A78D-E0DC38AB74CA} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {A21FE9DD-2B6C-4713-82AC-70EC3B685764} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {CBEE43D4-15AE-4942-8A0C-1DDD82580018} - \{34630F2C-9302-4543-ABBD-68F094CEC50A} No Task File <==== ATTENTION
Task: {CFC6519B-7044-4E8D-BACC-1DCE8034663E} - \{A3DE7F2C-4721-4B85-A208-EF28536D8996} No Task File <==== ATTENTION
Task: {D12C145C-CEBA-4F5E-8C41-CD35C07399ED} - \PC Health Advisor Defrag No Task File <==== ATTENTION
Task: {D1EC5BC5-92FE-419A-998D-8231DC137E55} - \{80458243-75DD-4B5D-89C8-C4016ABD86D3} No Task File <==== ATTENTION
Task: {DD6DD884-CA94-4BF6-9AF8-976A14A34470} - \TuneUpUtilities_Task_BkGndMaintenance2013 No Task File <==== ATTENTION
Task: {E1B06D5F-B2B5-41FD-A744-1513589377DA} - \launchspotflux No Task File <==== ATTENTION
Task: {E3E59514-6D8E-4324-AF46-CDA40904054E} - \CleanMem Mini Monitor No Task File <==== ATTENTION
Task: {E545DE99-D441-489A-9996-2217191E6DA2} - \{06848492-DEA4-43F0-A7DA-D8D8D3FA242A} No Task File <==== ATTENTION
Task: {EEE581CE-866F-4B13-ACFA-C9E13D93ED14} - \SolutoTask_284ce29d-409b-4792-b5ac-3f723c183961 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

End

Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
==

Since I have never see so many restrictions I like you to run the FRST tool one more time and submit a fresh FRST.txt log.

Let me know what problem persists.

#8 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 12 May 2014 - 01:04 PM

Dear Nasdaq! 
 
We do not comment on the issue of HKLM restrition group policy on the software log FRST 64 txt since we had already addressed this issue as the following link: 
 
 
And this would be related CryptoPrevent installing software on 19/04/2014. 
 
Our question concerns the Addiont Attention as repartamos FRST in the logs. 
 
Some questions, if possible, please answer them: 
 
1 Why Combofix stopped in step 3 and only worked in safe mode; 
 
2. Exists difference in the outcome of using a tool in normal mode or safe mode, ie efetivade tool is the same in normal mode and in safe mode. 
 
1.. Fixlog 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-05-2014 01
Ran by Dell at 2014-05-12 14:38:37 Run:1
Running from C:\Users\Dell\Desktop\FRST 64
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *?* <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\lastpass\lastpassbroker.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\unins000.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\lastpass\wlandecrypt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\quickscan\chromeqs.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\lastpass\wlandecrypt.exe <====== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: []
FF Extension: Ghostery - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\firefox@ghostery.com.xpi [2013-09-16]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Ghostery) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-04-30]
S4 a2AntiMalware; No ImagePath
S3 a2acc; No ImagePath
S3 cpuz132; No ImagePath
S3 Delldiag; No ImagePath
S3 esgiguard; No ImagePath
S3 EUBAKUP0; No ImagePath
S3 EUFDDISK0; No ImagePath
S3 MFE_RR; No ImagePath
U2 SR;
U2 srservice; 
Task: {14DBDDE3-59C3-41CE-9694-B8F2A20587A8} - \Clean System Memory No Task File <==== ATTENTION
Task: {314E5AA8-1245-429D-9DBB-0152A06DDC70} - \ParetoLogic Update Version3 No Task File <==== ATTENTION
Task: {3449AD23-5E0E-4ACA-A7FF-C4F6CDC64BC8} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3B33577B-C042-4782-AD4E-8F782AAA6048} - \Java Update Scheduler No Task File <==== ATTENTION
Task: {3BD74C54-887D-47F6-9DA0-9C446F866508} - \{C108BC42-96BC-4227-AA1B-08592984E455} No Task File <==== ATTENTION
Task: {4583D338-9DDC-45F9-A677-FC3E2349007E} - \PC Health Advisor No Task File <==== ATTENTION
Task: {4A156437-4A51-4952-B6A4-52CC88D9B96E} - \{4CC3807B-53EA-4832-8512-2616D6195558} No Task File <==== ATTENTION
Task: {4F25BE16-33FC-4289-99AD-36F352DB720D} - \{6047C86F-39F7-4FA3-879C-F07B64E19688} No Task File <==== ATTENTION
Task: {5990CFB7-C50F-4C9A-B8C9-4E953D311A39} - \Driver Booster Update No Task File <==== ATTENTION
Task: {5C8F1947-4A24-4A9F-9946-AEC40B175C10} - \JetBoost_AutoUpdate No Task File <==== ATTENTION
Task: {865ACE18-F9AA-4391-970F-83AF11A1C7DB} - \ParetoLogic Registration3 No Task File <==== ATTENTION
Task: {8837EDA6-7F18-4995-9B0E-BA81003AA8FA} - \{4670A716-E330-464F-A4C5-ACA3E2FD2275} No Task File <==== ATTENTION
Task: {9FA56E5B-AE4F-4893-A78D-E0DC38AB74CA} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {A21FE9DD-2B6C-4713-82AC-70EC3B685764} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {CBEE43D4-15AE-4942-8A0C-1DDD82580018} - \{34630F2C-9302-4543-ABBD-68F094CEC50A} No Task File <==== ATTENTION
Task: {CFC6519B-7044-4E8D-BACC-1DCE8034663E} - \{A3DE7F2C-4721-4B85-A208-EF28536D8996} No Task File <==== ATTENTION
Task: {D12C145C-CEBA-4F5E-8C41-CD35C07399ED} - \PC Health Advisor Defrag No Task File <==== ATTENTION
Task: {D1EC5BC5-92FE-419A-998D-8231DC137E55} - \{80458243-75DD-4B5D-89C8-C4016ABD86D3} No Task File <==== ATTENTION
Task: {DD6DD884-CA94-4BF6-9AF8-976A14A34470} - \TuneUpUtilities_Task_BkGndMaintenance2013 No Task File <==== ATTENTION
Task: {E1B06D5F-B2B5-41FD-A744-1513589377DA} - \launchspotflux No Task File <==== ATTENTION
Task: {E3E59514-6D8E-4324-AF46-CDA40904054E} - \CleanMem Mini Monitor No Task File <==== ATTENTION
Task: {E545DE99-D441-489A-9996-2217191E6DA2} - \{06848492-DEA4-43F0-A7DA-D8D8D3FA242A} No Task File <==== ATTENTION
Task: {EEE581CE-866F-4B13-ACFA-C9E13D93ED14} - \SolutoTask_284ce29d-409b-4792-b5ac-3f723c183961 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
 
End
*****************
 
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => Key deleted successfully.
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Value deleted successfully.
C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\firefox@ghostery.com.xpi => Moved successfully.
C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll not found.
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.
C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll not found.
C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij => Moved successfully.
a2AntiMalware => Service deleted successfully.
a2acc => Service deleted successfully.
cpuz132 => Service deleted successfully.
Delldiag => Service deleted successfully.
esgiguard => Service deleted successfully.
EUBAKUP0 => Service deleted successfully.
EUFDDISK0 => Service deleted successfully.
MFE_RR => Service deleted successfully.
SR => Service deleted successfully.
srservice => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{14DBDDE3-59C3-41CE-9694-B8F2A20587A8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14DBDDE3-59C3-41CE-9694-B8F2A20587A8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Clean System Memory => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{314E5AA8-1245-429D-9DBB-0152A06DDC70} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{314E5AA8-1245-429D-9DBB-0152A06DDC70} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Update Version3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3449AD23-5E0E-4ACA-A7FF-C4F6CDC64BC8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3449AD23-5E0E-4ACA-A7FF-C4F6CDC64BC8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B33577B-C042-4782-AD4E-8F782AAA6048} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B33577B-C042-4782-AD4E-8F782AAA6048} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BD74C54-887D-47F6-9DA0-9C446F866508} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BD74C54-887D-47F6-9DA0-9C446F866508} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C108BC42-96BC-4227-AA1B-08592984E455} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4583D338-9DDC-45F9-A677-FC3E2349007E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4583D338-9DDC-45F9-A677-FC3E2349007E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Health Advisor => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A156437-4A51-4952-B6A4-52CC88D9B96E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A156437-4A51-4952-B6A4-52CC88D9B96E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4CC3807B-53EA-4832-8512-2616D6195558} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F25BE16-33FC-4289-99AD-36F352DB720D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F25BE16-33FC-4289-99AD-36F352DB720D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6047C86F-39F7-4FA3-879C-F07B64E19688} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5990CFB7-C50F-4C9A-B8C9-4E953D311A39} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5990CFB7-C50F-4C9A-B8C9-4E953D311A39} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C8F1947-4A24-4A9F-9946-AEC40B175C10} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C8F1947-4A24-4A9F-9946-AEC40B175C10} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JetBoost_AutoUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{865ACE18-F9AA-4391-970F-83AF11A1C7DB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{865ACE18-F9AA-4391-970F-83AF11A1C7DB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8837EDA6-7F18-4995-9B0E-BA81003AA8FA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8837EDA6-7F18-4995-9B0E-BA81003AA8FA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4670A716-E330-464F-A4C5-ACA3E2FD2275} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FA56E5B-AE4F-4893-A78D-E0DC38AB74CA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FA56E5B-AE4F-4893-A78D-E0DC38AB74CA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A21FE9DD-2B6C-4713-82AC-70EC3B685764} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A21FE9DD-2B6C-4713-82AC-70EC3B685764} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBEE43D4-15AE-4942-8A0C-1DDD82580018} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBEE43D4-15AE-4942-8A0C-1DDD82580018} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34630F2C-9302-4543-ABBD-68F094CEC50A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFC6519B-7044-4E8D-BACC-1DCE8034663E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFC6519B-7044-4E8D-BACC-1DCE8034663E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3DE7F2C-4721-4B85-A208-EF28536D8996} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D12C145C-CEBA-4F5E-8C41-CD35C07399ED} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D12C145C-CEBA-4F5E-8C41-CD35C07399ED} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Health Advisor Defrag => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1EC5BC5-92FE-419A-998D-8231DC137E55} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1EC5BC5-92FE-419A-998D-8231DC137E55} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{80458243-75DD-4B5D-89C8-C4016ABD86D3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD6DD884-CA94-4BF6-9AF8-976A14A34470} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD6DD884-CA94-4BF6-9AF8-976A14A34470} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TuneUpUtilities_Task_BkGndMaintenance2013 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1B06D5F-B2B5-41FD-A744-1513589377DA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1B06D5F-B2B5-41FD-A744-1513589377DA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\launchspotflux => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3E59514-6D8E-4324-AF46-CDA40904054E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3E59514-6D8E-4324-AF46-CDA40904054E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CleanMem Mini Monitor => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E545DE99-D441-489A-9996-2217191E6DA2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E545DE99-D441-489A-9996-2217191E6DA2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06848492-DEA4-43F0-A7DA-D8D8D3FA242A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEE581CE-866F-4B13-ACFA-C9E13D93ED14} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEE581CE-866F-4B13-ACFA-C9E13D93ED14} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SolutoTask_284ce29d-409b-4792-b5ac-3f723c183961 => Key not found.
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.
HKU\.DEFAULT\Software\Classes\exefile => Key deleted successfully.
HKU\.DEFAULT\Software\Classes\.exe => Key deleted successfully.
HKU\.DEFAULT\Software\Classes\exefile => Key not found.
HKU\S-1-5-19\Software\Classes\exefile => Key deleted successfully.
HKU\S-1-5-19\Software\Classes\.exe => Key deleted successfully.
HKU\S-1-5-19\Software\Classes\exefile => Key not found.
HKU\S-1-5-20\Software\Classes\exefile => Key deleted successfully.
HKU\S-1-5-20\Software\Classes\.exe => Key deleted successfully.
HKU\S-1-5-20\Software\Classes\exefile => Key not found.
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\Software\Classes\exefile => Key deleted successfully.
 
==== End of Fixlog ====
 
2. FRST 64 txt:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Dell (administrator) on DELL-PC on 12-05-2014 14:45:12
Running from C:\Users\Dell\Desktop\FRST 64
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\synaptics\syntp\syntpenh.exe [3011312 2014-01-24] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Run: [WinPatrol] => c:\program files (x86)\billp studios\winpatrol\winpatrol.exe [429120 2014-01-23] (BillP Studios)
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-604499010-3047789608-1666320658-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk
ShortcutTarget: Monitorar alertas de tinta - HP Officejet Pro 8600 (Rede).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {17FA518B-7FFF-4721-962D-AEAF587A7E3F} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKCU - {2AD4F022-665A-4B7A-BD62-EAE068247EBB} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{772B5A8A-A834-4D54-A2F7-397A644D2902}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{DD5529F5-1F46-4AC6-9407-30603A3DB7DD}: [NameServer]156.154.70.22,156.154.71.22
 
FireFox:
========
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default
FF NewTab: www.google.com.br
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Dell\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: LastPass - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\support@lastpass.com [2014-02-28]
FF Extension: Forecastfox - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-03-01]
FF Extension: Qualys BrowserCheck - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-01-25]
FF Extension: Webmail Ad Blocker - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\gmailnoads@mywebber.com.xpi [2013-09-16]
FF Extension: Self-Destructing Cookies - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-09-16]
FF Extension: Lightbeam - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-26]
FF Extension: YSlow - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\yslow@yahoo-inc.com.xpi [2013-09-16]
FF Extension: Adblock Plus - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-16]
FF Extension: User Agent Switcher - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\9v3k2eum.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-09-16]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-10]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-01-16]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com.br/
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Módulo de Proteção - Caixa Economica Federal) - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
CHR Plugin: (Google Update) - C:\Users\Dell\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Extension: (Google Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-07-11]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2013-07-11]
CHR Extension: (WOT) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-07-11]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2013-07-11]
CHR Extension: (Adblock Plus) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-26]
CHR Extension: (better Browser - for Chrome) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cokcmhdapcendeddejjpicpdmngcnhca [2013-10-22]
CHR Extension: (eCorreios - Rastreamentos dos Correios) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\delefjilcjidbcnnfkcebjphcfbokpfb [2013-07-11]
CHR Extension: (Tampermonkey) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-07-11]
CHR Extension: (MaskMe) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2013-09-11]
CHR Extension: (Chromebleed) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-17]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2014-01-25]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-07-11]
CHR Extension: (Spotflux Lite) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl [2014-01-31]
CHR Extension: (SiteAdvisor) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-08]
CHR Extension: (Avira Browser Safety) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-09]
CHR Extension: (Click&Clean) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-03-01]
CHR Extension: (AdBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-26]
CHR Extension: (FlashBlock) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-24]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2013-07-11]
CHR Extension: (Unsocialize: The Link Unsocializer) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdogcpghhdcocgdjogbglgejhdeedijn [2013-07-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-26]
CHR Extension: (Cool Relógio) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2014-01-12]
CHR Extension: (Instant Translate) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2013-07-11]
CHR Extension: (View Thru) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkncfnbcgbclefkbknfdbngiegdppgdd [2013-07-11]
CHR Extension: (Conversor de PDF para Word) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe [2013-07-11]
CHR Extension: (Motorola Connect) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigmoblgooahdmdibodmcnffgnejlndh [2014-02-08]
CHR Extension: (Skype Click to Call) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-08]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-07-11]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-07-11]
CHR Extension: (Google Wallet) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-19]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-10-30]
CHR Extension: (Rolagem rápida do Google) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-10-23]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-04-26]
CHR Extension: (Quebrador de Links) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla [2013-07-11]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-03-02]
CHR Extension: (AVG PrivacyFix) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni [2013-07-11]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Dell\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
 
==================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [135168 2011-02-16] (Atheros)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2013-03-26] (Fork Ltd.)
S4 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-04-23] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S4 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-19] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-26] (IObit)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [409720 2013-06-28] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-04-22] (Atheros)
 
==================== Drivers (Whitelisted) ====================
 
R0 31415875; C:\Windows\System32\DRIVERS\31415875.sys [460888 2014-05-05] (Kaspersky Lab ZAO)
R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-04-07] (Emsisoft GmbH)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-03-17] (Glarysoft Ltd)
S3 catchme; No ImagePath
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-04-07] (Emsisoft GmbH)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] ()
S3 EUBKMON0; C:\Windows\system32\drivers\EUBKMON0.sys [48200 2013-09-04] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-04-19] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-01-24] (Intel Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-03-13] (Greatis Software)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [31328 2012-10-29] (Resplendence Software Projects Sp.)
S3 SANDRA; No ImagePath
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-08-01] ()
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [38664 2013-04-29] (Spotflux, Inc)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-12 14:47 - 2014-05-12 14:47 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (3).exe
2014-05-12 14:37 - 2014-05-12 14:45 - 00000000 ____D () C:\Users\Dell\Desktop\FRST 64
2014-05-12 11:40 - 2014-05-12 11:41 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (2).exe
2014-05-12 11:22 - 2014-05-12 11:22 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (1).exe
2014-05-12 11:21 - 2014-05-12 11:21 - 01325827 _____ () C:\Users\Dell\Downloads\adwcleaner.exe
2014-05-11 11:54 - 2014-05-11 11:54 - 00011005 _____ () C:\Users\Dell\Downloads\hijackthis (1).log
2014-05-11 11:36 - 2014-05-11 11:36 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds (1).com
2014-05-11 01:03 - 2014-05-12 14:42 - 00000280 _____ () C:\Windows\setupact.log
2014-05-11 01:03 - 2014-05-12 11:27 - 00011542 _____ () C:\Windows\PFRO.log
2014-05-11 01:03 - 2014-05-11 01:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 01:02 - 2014-05-11 01:02 - 00003560 ____N () C:\bootsqm.dat
2014-05-10 22:09 - 2014-05-10 22:10 - 28172368 _____ (Panda Security ) C:\Users\Dell\Downloads\PandaCloudCleaner.exe
2014-05-10 19:57 - 2014-05-12 14:40 - 00051564 _____ () C:\Windows\WindowsUpdate.log
2014-05-10 12:31 - 2014-05-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 11:28 - 2014-05-10 11:28 - 00004434 _____ () C:\Users\Dell\Desktop\GVT.htm
2014-05-10 11:28 - 2014-05-10 11:28 - 00000000 ____D () C:\Users\Dell\Desktop\GVT_files
2014-05-10 11:23 - 2014-05-10 11:23 - 00004429 _____ () C:\Users\Dell\Desktop\Tim.htm
2014-05-10 11:23 - 2014-05-10 11:23 - 00000000 ____D () C:\Users\Dell\Desktop\Tim_files
2014-05-09 20:48 - 2014-05-09 20:48 - 00095232 _____ () C:\Users\Dell\Downloads\Cartadeamericano.pps
2014-05-09 20:43 - 2014-05-09 20:43 - 00410173 _____ () C:\Users\Dell\Downloads\srldetect_intel_4.5.15.0.cab
2014-05-09 20:24 - 2014-05-09 20:25 - 09037627 _____ () C:\Users\Dell\Downloads\IL.wmv
2014-05-09 09:44 - 2014-05-09 09:45 - 05196114 _____ () C:\Users\Dell\Downloads\CSC_SETUP_2.2.335611.5_xp_vista_server2003_win7_32bit.zip
2014-05-09 09:21 - 2014-05-09 09:34 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Pointstone
2014-05-09 09:21 - 2014-05-09 09:21 - 00000000 ____D () C:\Users\Dell\AppData\Local\Licenses
2014-05-09 09:16 - 2014-05-09 09:16 - 00921512 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u55.exe
2014-05-09 09:15 - 2014-05-09 09:15 - 01055040 _____ (IObit) C:\Users\Dell\Downloads\advanced-systemcare-installer.exe
2014-05-09 09:14 - 2014-05-09 09:14 - 09377312 _____ (Pointstone Software, LLC) C:\Users\Dell\Downloads\SystemCleanerSetup.exe
2014-05-08 16:53 - 2014-05-08 16:55 - 04853491 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_portable.zip
2014-05-08 16:32 - 2014-05-08 16:34 - 05705416 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_setup.exe
2014-05-08 08:17 - 2014-05-08 08:18 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Dell\Downloads\limpeza produtos Malweribytes mbam-clean-2.0.2.0.exe
2014-05-08 07:55 - 2014-05-08 07:55 - 00004418 _____ () C:\Users\Dell\Desktop\Unimed.htm
2014-05-08 07:55 - 2014-05-08 07:55 - 00000000 ____D () C:\Users\Dell\Desktop\Unimed_files
2014-05-08 00:02 - 2014-05-08 00:02 - 00015479 _____ () C:\Users\Dell\Downloads\JRT.txt
2014-05-07 08:45 - 2014-05-07 08:45 - 00845928 _____ () C:\Users\Dell\Downloads\PandaCloudAntivirus.exe
2014-05-06 09:13 - 2014-05-06 09:13 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds.com
2014-05-06 03:25 - 2014-05-06 03:26 - 04143997 _____ () C:\Users\Dell\Downloads\tdsskiller.zip
2014-05-06 03:24 - 2014-05-06 03:26 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Desktop\iexplorer.exe.exe
2014-05-06 03:07 - 2014-05-06 03:08 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill(1).exe
2014-05-05 22:43 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-05 22:43 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-05 22:43 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-05 22:43 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-05 22:42 - 2014-05-05 22:50 - 00000000 ___SD () C:\ComboFix
2014-05-05 22:42 - 2014-05-05 22:43 - 00000000 ____D () C:\Qoobox
2014-05-05 14:09 - 2014-05-12 14:45 - 00000000 ____D () C:\FRST
2014-05-05 14:07 - 2014-05-05 14:08 - 02063872 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-05-05 12:11 - 2014-05-06 17:18 - 00000000 ____D () C:\Windows\Minidump
2014-05-05 10:26 - 2014-05-05 10:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 09:02 - 2014-05-05 09:47 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\31415875.sys
2014-05-05 08:20 - 2014-05-05 08:20 - 02347384 _____ (ESET) C:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
2014-05-05 04:59 - 2014-05-05 08:59 - 136161520 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_05_05_09_48.exe
2014-05-04 09:19 - 2014-05-04 09:20 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-03 09:42 - 2014-05-03 09:42 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267 (1).msi
2014-05-03 00:02 - 2014-05-03 00:02 - 00000000 ____D () C:\Users\Dell\Documents\ProcAlyzer Dumps
2014-05-02 23:53 - 2014-05-04 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-02 23:53 - 2014-05-02 23:53 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-02 23:27 - 2014-05-02 23:36 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.3.exe
2014-05-02 22:59 - 2014-05-02 23:00 - 05616856 _____ () C:\Users\Dell\Downloads\Startups-vf.chm
2014-05-02 22:19 - 2014-05-02 22:19 - 00809692 _____ () C:\Users\Dell\Downloads\WinsockFix_InfoSpyware.zip
2014-05-02 22:18 - 2014-05-02 22:19 - 00791393 _____ (Lars Hederer ) C:\Users\Dell\Downloads\erunt-setup.exe
2014-05-02 22:17 - 2014-05-02 22:17 - 00522240 _____ (OldTimer Tools) C:\Users\Dell\Downloads\OTM.exe
2014-05-02 22:15 - 2014-05-02 22:15 - 00167376 _____ () C:\Users\Dell\Downloads\fileassassin-setup-1.06.esp.exe
2014-05-02 17:30 - 2014-04-29 11:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 17:30 - 2014-04-29 10:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 17:30 - 2014-04-29 09:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 17:30 - 2014-04-29 09:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 15:55 - 2014-05-02 15:55 - 03083248 _____ (Symantec Corporation) C:\Users\Dell\Downloads\NPE Norton Power Erase - anti crimaware.exe
2014-05-02 09:35 - 2014-05-02 09:35 - 00000021 _____ () C:\Users\Dell\Documents\Jiraya.txt
2014-05-02 09:28 - 2014-05-02 09:29 - 08620032 _____ () C:\Users\Dell\Downloads\EMET Setup.msi
2014-05-02 09:23 - 2014-05-02 09:24 - 10868379 _____ () C:\Users\Dell\Downloads\Anti-CryptorBitV2.zip
2014-05-01 23:42 - 2014-05-01 23:37 - 03972608 _____ () C:\Users\Dell\Desktop\RogueKiller.exe
2014-05-01 23:36 - 2014-05-01 23:37 - 03972608 _____ () C:\Users\Dell\Downloads\RogueKiller.exe
2014-05-01 23:35 - 2014-05-01 23:35 - 05698982 _____ () C:\Users\Dell\Downloads\VID-20140305-WA0001.mp4
2014-05-01 20:17 - 2014-05-01 20:17 - 00000975 _____ () C:\Users\Dell\Desktop\NTREGOPT.lnk
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 20:16 - 2014-05-01 20:16 - 00483809 _____ (Lars Hederer ) C:\Users\Dell\Downloads\ntregopt-setup.exe
2014-05-01 20:07 - 2014-05-01 20:07 - 00145237 _____ () C:\Users\Dell\Downloads\ntregopt.zip
2014-05-01 20:07 - 2014-05-01 20:07 - 00000970 _____ () C:\Users\Dell\Downloads\ntregopt-loc_fr.zip
2014-05-01 20:04 - 2014-05-01 20:04 - 00347440 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\MicrosoftFixit-portable.exe
2014-05-01 19:41 - 2014-05-01 19:49 - 00000000 ____D () C:\ProgramData\WRData
2014-05-01 19:35 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Dell\Documents\Simply Super Software
2014-05-01 12:54 - 2014-05-01 12:54 - 00518584 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\MemClean.exe
2014-05-01 12:53 - 2014-05-01 12:54 - 00895184 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\neoSearch.exe
2014-05-01 12:20 - 2014-05-01 12:21 - 26747104 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\Ferramenta Windows software malicioso Windows-KB890830-x64-V5.11.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Setup.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02197440 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Portable.exe
2014-04-30 21:36 - 2014-04-30 21:36 - 00154003 _____ () C:\Users\Dell\Downloads\netcraft_toolbar-1.9-fx.xpi
2014-04-30 17:07 - 2014-04-30 17:07 - 05227019 _____ () C:\Users\Dell\Downloads\namebench-1.3.1-Windows.exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00001036 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-04-30 12:15 - 2014-04-30 12:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 12:12 - 2014-04-30 12:12 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-30 12:03 - 2014-04-30 12:03 - 05329480 _____ (Secunia) C:\Users\Dell\Downloads\Secunia atualizar software PSISetup.exe
2014-04-30 11:19 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-04-30 11:18 - 2014-05-01 10:07 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-04-30 10:12 - 2014-04-30 10:12 - 02405616 _____ (Trend Micro Inc.) C:\Users\Dell\Downloads\HousecallLauncher64.exe
2014-04-29 23:20 - 2014-04-30 13:56 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ZHP
2014-04-29 12:05 - 2014-04-29 12:05 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 11:43 - 2014-04-29 11:49 - 00337888 _____ () C:\Users\Dell\Downloads\360is_min_5.0.0.5000beta.exe
2014-04-29 01:05 - 2014-04-29 01:05 - 00000067 _____ () C:\Users\Dell\Documents\Pai INSS.txt
2014-04-29 01:04 - 2014-04-29 01:04 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-28 15:37 - 2014-04-28 16:05 - 03018304 _____ () C:\Users\Dell\Downloads\Informações temperatura ManicTime.exe
2014-04-28 15:20 - 2014-04-29 01:04 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000974 _____ () C:\Users\Dell\Desktop\SpeedFan.lnk
2014-04-28 15:20 - 2014-04-28 15:20 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:12 - 2014-04-28 15:13 - 06090265 _____ () C:\Users\Dell\Downloads\ManicTimeUsb.zip
2014-04-28 15:12 - 2014-04-28 15:13 - 02143832 _____ () C:\Users\Dell\Downloads\instsf449.exe
2014-04-28 07:27 - 2014-04-28 07:27 - 00013212 _____ () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda.htm
2014-04-28 07:27 - 2014-04-28 07:27 - 00000000 ____D () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda_files
2014-04-27 19:08 - 2014-04-27 19:08 - 00000000 ____D () C:\uninstall27732u
2014-04-27 15:31 - 2014-04-27 15:32 - 02100736 _____ () C:\Users\Dell\Downloads\RIR E O MELHOR REMEDIO.pps
2014-04-27 00:35 - 2014-05-04 11:51 - 00000000 ____D () C:\uninstall8094u
2014-04-26 22:53 - 2014-04-26 22:53 - 00248714 _____ () C:\Users\Dell\Downloads\OCF_20131025.zip
2014-04-26 12:38 - 2014-05-03 08:11 - 06815744 _____ () C:\Users\Dell\ntuser.bak
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:01 - 2014-04-26 05:05 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:51 - 2014-04-26 04:52 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:46 - 2014-04-26 04:47 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 23:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-25 22:57 - 2014-04-30 00:11 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:09 - 2014-04-13 23:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 11:09 - 2014-04-13 23:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-25 11:01 - 2014-04-25 11:02 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:41 - 2014-04-23 00:45 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:56 - 2014-04-22 16:59 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 09:57 - 2014-04-22 10:04 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 09:56 - 2014-04-22 10:03 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 21:59 - 2014-04-21 22:00 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 19:18 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:17 - 2014-04-21 19:19 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 18:54 - 2014-04-21 19:04 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:10 - 2014-04-21 13:11 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-20 19:37 - 2014-04-21 01:04 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 16:50 - 2014-04-20 17:39 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:07 - 2014-04-18 15:08 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:47 - 2014-04-18 10:58 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 08:28 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 08:28 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 08:28 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-18 08:26 - 2014-04-18 08:28 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 15:31 - 2014-04-16 15:32 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:16 - 2014-04-16 15:17 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:37 - 2014-05-04 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-04-15 19:28 - 2014-04-15 19:31 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:27 - 2014-04-15 19:30 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-14 21:54 - 2014-04-14 22:20 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:19 - 2014-04-14 19:32 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:01 - 2014-04-14 11:02 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:02 - 2014-04-14 07:12 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 06:50 - 2014-04-14 06:51 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:50 - 2014-04-14 06:51 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:38 - 2014-04-13 16:39 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:51 - 2014-04-12 09:52 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
 
==================== One Month Modified Files and Folders =======
 
2014-05-12 14:47 - 2014-05-12 14:47 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (3).exe
2014-05-12 14:45 - 2014-05-12 14:37 - 00000000 ____D () C:\Users\Dell\Desktop\FRST 64
2014-05-12 14:45 - 2014-05-05 14:09 - 00000000 ____D () C:\FRST
2014-05-12 14:44 - 2013-12-01 13:17 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Wise Care 365
2014-05-12 14:43 - 2013-04-10 23:23 - 00000029 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat
2014-05-12 14:42 - 2014-05-11 01:03 - 00000280 _____ () C:\Windows\setupact.log
2014-05-12 14:42 - 2013-07-11 18:05 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-12 14:42 - 2013-07-11 18:05 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-12 14:42 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 14:41 - 2013-03-05 19:11 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-05-12 14:40 - 2014-05-10 19:57 - 00051564 _____ () C:\Windows\WindowsUpdate.log
2014-05-12 14:05 - 2013-10-15 12:19 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-12 11:41 - 2014-05-12 11:40 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (2).exe
2014-05-12 11:37 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 11:37 - 2009-07-14 01:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 11:27 - 2014-05-11 01:03 - 00011542 _____ () C:\Windows\PFRO.log
2014-05-12 11:24 - 2013-11-18 11:26 - 00000000 ____D () C:\Windows\CryptoGuard
2014-05-12 11:22 - 2014-05-12 11:22 - 02066944 _____ (Farbar) C:\Users\Dell\Downloads\FRST64 (1).exe
2014-05-12 11:21 - 2014-05-12 11:21 - 01325827 _____ () C:\Users\Dell\Downloads\adwcleaner.exe
2014-05-11 14:00 - 2013-12-01 13:19 - 00000400 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-05-11 12:01 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-11 11:54 - 2014-05-11 11:54 - 00011005 _____ () C:\Users\Dell\Downloads\hijackthis (1).log
2014-05-11 11:36 - 2014-05-11 11:36 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds (1).com
2014-05-11 08:38 - 2013-04-02 21:26 - 02249902 _____ () C:\Windows\system32\Drivers\fvstore.dat
2014-05-11 08:24 - 2013-12-19 06:30 - 00000000 ____D () C:\ProgramData\RegRun
2014-05-11 01:48 - 2013-11-05 18:48 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
2014-05-11 01:48 - 2013-11-05 18:48 - 00000000 ____D () C:\ProgramData\Documents\regruninfo
2014-05-11 01:47 - 2013-11-05 18:49 - 00000000 ____D () C:\Users\Dell\Documents\RegRun2
2014-05-11 01:03 - 2014-05-11 01:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-11 01:02 - 2014-05-11 01:02 - 00003560 ____N () C:\bootsqm.dat
2014-05-10 23:15 - 2013-02-22 09:47 - 00000000 ____D () C:\Users\Dell
2014-05-10 22:10 - 2014-05-10 22:09 - 28172368 _____ (Panda Security ) C:\Users\Dell\Downloads\PandaCloudCleaner.exe
2014-05-10 19:53 - 2013-04-27 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 12:31 - 2014-05-10 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 11:28 - 2014-05-10 11:28 - 00004434 _____ () C:\Users\Dell\Desktop\GVT.htm
2014-05-10 11:28 - 2014-05-10 11:28 - 00000000 ____D () C:\Users\Dell\Desktop\GVT_files
2014-05-10 11:23 - 2014-05-10 11:23 - 00004429 _____ () C:\Users\Dell\Desktop\Tim.htm
2014-05-10 11:23 - 2014-05-10 11:23 - 00000000 ____D () C:\Users\Dell\Desktop\Tim_files
2014-05-09 20:48 - 2014-05-09 20:48 - 00095232 _____ () C:\Users\Dell\Downloads\Cartadeamericano.pps
2014-05-09 20:43 - 2014-05-09 20:43 - 00410173 _____ () C:\Users\Dell\Downloads\srldetect_intel_4.5.15.0.cab
2014-05-09 20:25 - 2014-05-09 20:24 - 09037627 _____ () C:\Users\Dell\Downloads\IL.wmv
2014-05-09 09:45 - 2014-05-09 09:44 - 05196114 _____ () C:\Users\Dell\Downloads\CSC_SETUP_2.2.335611.5_xp_vista_server2003_win7_32bit.zip
2014-05-09 09:34 - 2014-05-09 09:21 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Pointstone
2014-05-09 09:21 - 2014-05-09 09:21 - 00000000 ____D () C:\Users\Dell\AppData\Local\Licenses
2014-05-09 09:16 - 2014-05-09 09:16 - 00921512 _____ (Oracle Corporation) C:\Users\Dell\Downloads\chromeinstall-7u55.exe
2014-05-09 09:15 - 2014-05-09 09:15 - 01055040 _____ (IObit) C:\Users\Dell\Downloads\advanced-systemcare-installer.exe
2014-05-09 09:14 - 2014-05-09 09:14 - 09377312 _____ (Pointstone Software, LLC) C:\Users\Dell\Downloads\SystemCleanerSetup.exe
2014-05-09 07:59 - 2013-11-30 00:06 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\DiskDefrag
2014-05-08 17:48 - 2013-04-01 20:19 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Skype
2014-05-08 16:55 - 2014-05-08 16:53 - 04853491 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_portable.zip
2014-05-08 16:34 - 2014-05-08 16:32 - 05705416 _____ () C:\Users\Dell\Downloads\Drivers instalados tweaking.com_hardware_identify_setup.exe
2014-05-08 08:18 - 2014-05-08 08:17 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Dell\Downloads\limpeza produtos Malweribytes mbam-clean-2.0.2.0.exe
2014-05-08 07:55 - 2014-05-08 07:55 - 00004418 _____ () C:\Users\Dell\Desktop\Unimed.htm
2014-05-08 07:55 - 2014-05-08 07:55 - 00000000 ____D () C:\Users\Dell\Desktop\Unimed_files
2014-05-08 00:02 - 2014-05-08 00:02 - 00015479 _____ () C:\Users\Dell\Downloads\JRT.txt
2014-05-07 09:15 - 2013-05-25 20:37 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-05-07 08:45 - 2014-05-07 08:45 - 00845928 _____ () C:\Users\Dell\Downloads\PandaCloudAntivirus.exe
2014-05-06 17:18 - 2014-05-05 12:11 - 00000000 ____D () C:\Windows\Minidump
2014-05-06 17:03 - 2013-09-09 11:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-05-06 09:13 - 2014-05-06 09:13 - 00688992 _____ (Swearware) C:\Users\Dell\Downloads\dds.com
2014-05-06 03:26 - 2014-05-06 03:25 - 04143997 _____ () C:\Users\Dell\Downloads\tdsskiller.zip
2014-05-06 03:26 - 2014-05-06 03:24 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Desktop\iexplorer.exe.exe
2014-05-06 03:08 - 2014-05-06 03:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill(1).exe
2014-05-05 22:50 - 2014-05-05 22:42 - 00000000 ___SD () C:\ComboFix
2014-05-05 22:43 - 2014-05-05 22:42 - 00000000 ____D () C:\Qoobox
2014-05-05 22:40 - 2013-07-09 18:10 - 00000000 ____D () C:\Windows\erdnt
2014-05-05 22:37 - 2013-08-06 01:05 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 15:00 - 2013-03-05 09:43 - 00000000 ____D () C:\Users\Dell\AppData\Local\Apps\2.0
2014-05-05 14:51 - 2009-07-13 23:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-05 14:14 - 2013-04-02 19:29 - 00000000 ____D () C:\Windows\pss
2014-05-05 14:08 - 2014-05-05 14:07 - 02063872 _____ (Farbar) C:\Users\Dell\Downloads\FRST64.exe
2014-05-05 12:33 - 2014-03-31 10:52 - 05199940 _____ (Swearware) C:\Users\Dell\Downloads\ComboFix.exe
2014-05-05 10:26 - 2014-05-05 10:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\EurekaLab s.a.s
2014-05-05 09:47 - 2014-05-05 09:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\31415875.sys
2014-05-05 08:59 - 2014-05-05 04:59 - 136161520 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_05_05_09_48.exe
2014-05-05 08:20 - 2014-05-05 08:20 - 02347384 _____ (ESET) C:\Users\Dell\Downloads\esetsmartinstaller_enu.exe
2014-05-04 13:46 - 2014-05-02 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-04 13:46 - 2014-03-30 18:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-04 13:46 - 2014-01-26 22:53 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ProductData
2014-05-04 13:46 - 2013-11-09 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-05-04 13:46 - 2013-08-03 23:45 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\TeraCopy
2014-05-04 13:46 - 2013-05-25 19:26 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\QFX Software
2014-05-04 13:46 - 2013-05-25 19:26 - 00000000 ____D () C:\ProgramData\QFX Software
2014-05-04 13:46 - 2013-03-05 19:11 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-05-04 13:46 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\registration
2014-05-04 11:51 - 2014-04-27 00:35 - 00000000 ____D () C:\uninstall8094u
2014-05-04 11:37 - 2014-04-15 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-05-04 11:37 - 2014-04-09 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-04 09:20 - 2014-05-04 09:19 - 00391432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-03 09:42 - 2014-05-03 09:42 - 00991232 _____ () C:\Users\Dell\Downloads\MicrosoftFixit50267 (1).msi
2014-05-03 08:11 - 2014-04-26 12:38 - 06815744 _____ () C:\Users\Dell\ntuser.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 24379392 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00053248 _____ () C:\Windows\system32\config\SAM.bak
2014-05-03 08:11 - 2009-07-13 23:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-03 00:02 - 2014-05-03 00:02 - 00000000 ____D () C:\Users\Dell\Documents\ProcAlyzer Dumps
2014-05-02 23:53 - 2014-05-02 23:53 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:53 - 2014-05-02 23:53 - 00001346 _____ () C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2014-05-02 23:52 - 2014-03-30 18:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-02 23:36 - 2014-05-02 23:27 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Dell\Downloads\spybot-2.3.exe
2014-05-02 23:00 - 2014-05-02 22:59 - 05616856 _____ () C:\Users\Dell\Downloads\Startups-vf.chm
2014-05-02 22:19 - 2014-05-02 22:19 - 00809692 _____ () C:\Users\Dell\Downloads\WinsockFix_InfoSpyware.zip
2014-05-02 22:19 - 2014-05-02 22:18 - 00791393 _____ (Lars Hederer ) C:\Users\Dell\Downloads\erunt-setup.exe
2014-05-02 22:17 - 2014-05-02 22:17 - 00522240 _____ (OldTimer Tools) C:\Users\Dell\Downloads\OTM.exe
2014-05-02 22:15 - 2014-05-02 22:15 - 00167376 _____ () C:\Users\Dell\Downloads\fileassassin-setup-1.06.esp.exe
2014-05-02 19:37 - 2014-01-28 17:52 - 00000882 _____ () C:\Users\Dell\Documents\Padre.txt
2014-05-02 15:55 - 2014-05-02 15:55 - 03083248 _____ (Symantec Corporation) C:\Users\Dell\Downloads\NPE Norton Power Erase - anti crimaware.exe
2014-05-02 09:35 - 2014-05-02 09:35 - 00000021 _____ () C:\Users\Dell\Documents\Jiraya.txt
2014-05-02 09:29 - 2014-05-02 09:28 - 08620032 _____ () C:\Users\Dell\Downloads\EMET Setup.msi
2014-05-02 09:24 - 2014-05-02 09:23 - 10868379 _____ () C:\Users\Dell\Downloads\Anti-CryptorBitV2.zip
2014-05-01 23:57 - 2009-07-14 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 23:37 - 2014-05-01 23:42 - 03972608 _____ () C:\Users\Dell\Desktop\RogueKiller.exe
2014-05-01 23:37 - 2014-05-01 23:36 - 03972608 _____ () C:\Users\Dell\Downloads\RogueKiller.exe
2014-05-01 23:35 - 2014-05-01 23:35 - 05698982 _____ () C:\Users\Dell\Downloads\VID-20140305-WA0001.mp4
2014-05-01 20:17 - 2014-05-01 20:17 - 00000975 _____ () C:\Users\Dell\Desktop\NTREGOPT.lnk
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
2014-05-01 20:17 - 2014-05-01 20:17 - 00000000 ____D () C:\Program Files (x86)\NT Registry Optimizer
2014-05-01 20:16 - 2014-05-01 20:16 - 00483809 _____ (Lars Hederer ) C:\Users\Dell\Downloads\ntregopt-setup.exe
2014-05-01 20:07 - 2014-05-01 20:07 - 00145237 _____ () C:\Users\Dell\Downloads\ntregopt.zip
2014-05-01 20:07 - 2014-05-01 20:07 - 00000970 _____ () C:\Users\Dell\Downloads\ntregopt-loc_fr.zip
2014-05-01 20:04 - 2014-05-01 20:04 - 00347440 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\MicrosoftFixit-portable.exe
2014-05-01 19:49 - 2014-05-01 19:41 - 00000000 ____D () C:\ProgramData\WRData
2014-05-01 19:35 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\Dell\Documents\Simply Super Software
2014-05-01 18:48 - 2013-02-22 05:39 - 00707498 _____ () C:\Windows\system32\prfh0416.dat
2014-05-01 18:48 - 2013-02-22 05:39 - 00148578 _____ () C:\Windows\system32\prfc0416.dat
2014-05-01 18:48 - 2009-07-14 02:13 - 01640864 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 12:54 - 2014-05-01 12:54 - 00518584 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\MemClean.exe
2014-05-01 12:54 - 2014-05-01 12:53 - 00895184 _____ (KoshyJohn.com) C:\Users\Dell\Downloads\neoSearch.exe
2014-05-01 12:48 - 2013-12-06 08:47 - 00000000 ____D () C:\Users\Dell\AppData\Local\CrashDumps
2014-05-01 12:21 - 2014-05-01 12:20 - 26747104 _____ (Microsoft Corporation) C:\Users\Dell\Downloads\Ferramenta Windows software malicioso Windows-KB890830-x64-V5.11.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Setup.exe
2014-05-01 12:19 - 2014-05-01 12:19 - 02197440 _____ (Reason Company Software Inc.) C:\Users\Dell\Downloads\herdProtectScan_Portable.exe
2014-05-01 10:07 - 2014-04-30 11:18 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-04-30 21:36 - 2014-04-30 21:36 - 00154003 _____ () C:\Users\Dell\Downloads\netcraft_toolbar-1.9-fx.xpi
2014-04-30 17:07 - 2014-04-30 17:07 - 05227019 _____ () C:\Users\Dell\Downloads\namebench-1.3.1-Windows.exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00001036 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-04-30 13:56 - 2014-04-29 23:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\ZHP
2014-04-30 12:15 - 2014-04-30 12:15 - 00000000 ____D () C:\Users\Dell\AppData\Local\Secunia PSI
2014-04-30 12:12 - 2014-04-30 12:12 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-30 12:03 - 2014-04-30 12:03 - 05329480 _____ (Secunia) C:\Users\Dell\Downloads\Secunia atualizar software PSISetup.exe
2014-04-30 11:01 - 2013-11-05 21:01 - 00323826 _____ () C:\Users\Dell\AppData\Local\census.cache
2014-04-30 11:01 - 2013-11-05 21:01 - 00000000 _____ () C:\Users\Dell\AppData\Local\ars.cache
2014-04-30 10:12 - 2014-04-30 10:12 - 02405616 _____ (Trend Micro Inc.) C:\Users\Dell\Downloads\HousecallLauncher64.exe
2014-04-30 00:11 - 2014-04-25 22:57 - 00000000 ____D () C:\Users\Dell\.receitanet
2014-04-29 12:05 - 2014-04-29 12:05 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-29 12:05 - 2013-12-11 11:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 12:05 - 2013-10-15 12:19 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 12:05 - 2013-03-05 23:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 11:49 - 2014-04-29 11:43 - 00337888 _____ () C:\Users\Dell\Downloads\360is_min_5.0.0.5000beta.exe
2014-04-29 11:01 - 2014-05-02 17:30 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 10:40 - 2014-05-02 17:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 09:48 - 2014-05-02 17:30 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 09:34 - 2014-05-02 17:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 01:05 - 2014-04-29 01:05 - 00000067 _____ () C:\Users\Dell\Documents\Pai INSS.txt
2014-04-29 01:04 - 2014-04-29 01:04 - 00102960 _____ () C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-29 01:04 - 2014-04-28 15:20 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-04-28 16:05 - 2014-04-28 15:37 - 03018304 _____ () C:\Users\Dell\Downloads\Informações temperatura ManicTime.exe
2014-04-28 15:20 - 2014-04-28 15:20 - 00000974 _____ () C:\Users\Dell\Desktop\SpeedFan.lnk
2014-04-28 15:20 - 2014-04-28 15:20 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:20 - 2014-04-28 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-28 15:13 - 2014-04-28 15:12 - 06090265 _____ () C:\Users\Dell\Downloads\ManicTimeUsb.zip
2014-04-28 15:13 - 2014-04-28 15:12 - 02143832 _____ () C:\Users\Dell\Downloads\instsf449.exe
2014-04-28 07:27 - 2014-04-28 07:27 - 00013212 _____ () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda.htm
2014-04-28 07:27 - 2014-04-28 07:27 - 00000000 ____D () C:\Users\Dell\Documents\Pai - Extrato para Imposto de Renda_files
2014-04-27 19:08 - 2014-04-27 19:08 - 00000000 ____D () C:\uninstall27732u
2014-04-27 18:54 - 2014-01-12 09:44 - 00000000 ____D () C:\Users\Dell\AppData\Local\Adobe
2014-04-27 15:32 - 2014-04-27 15:31 - 02100736 _____ () C:\Users\Dell\Downloads\RIR E O MELHOR REMEDIO.pps
2014-04-26 22:53 - 2014-04-26 22:53 - 00248714 _____ () C:\Users\Dell\Downloads\OCF_20131025.zip
2014-04-26 12:38 - 2014-04-02 07:16 - 72810496 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00311296 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00053248 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-26 12:38 - 2014-04-02 07:16 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-26 10:00 - 2014-04-26 10:00 - 00004177 _____ () C:\Users\Dell\Desktop\Condomínio abril 2014.htm
2014-04-26 10:00 - 2014-04-26 10:00 - 00000000 ____D () C:\Users\Dell\Desktop\Condomínio abril 2014_files
2014-04-26 05:05 - 2014-04-26 05:01 - 135327040 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_26_11_23.exe
2014-04-26 04:52 - 2014-04-26 04:51 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Dell\Downloads\tdsskiller.exe
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Malwarebytes
2014-04-26 04:51 - 2013-10-23 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 04:50 - 2014-04-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-26 04:47 - 2014-04-26 04:46 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\rkill (1).exe
2014-04-26 04:30 - 2014-04-26 04:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Dell\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 11:02 - 2014-04-25 11:01 - 00152270 _____ () C:\Users\Dell\Downloads\Sigcheck.zip
2014-04-25 09:22 - 2014-04-25 09:22 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-04-25 09:22 - 2014-04-25 09:22 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-04-25 09:21 - 2013-03-15 10:32 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-04-24 19:58 - 2014-04-24 19:58 - 00165376 _____ () C:\Users\Dell\Downloads\SystemLook_x64.exe
2014-04-24 19:58 - 2014-04-24 19:58 - 00139264 _____ () C:\Users\Dell\Downloads\SystemLook.exe
2014-04-24 18:36 - 2014-04-24 18:36 - 07200360 _____ () C:\Users\Dell\Downloads\bitdefender_tsecurity_beta.exe
2014-04-23 13:23 - 2014-04-23 13:23 - 00004474 _____ () C:\Users\Dell\Downloads\Gás abril 2014.htm
2014-04-23 13:22 - 2013-07-09 12:52 - 00000000 ____D () C:\Users\Dell\Documents\Limpeza Casas - Margarete Grancoski_files
2014-04-23 13:09 - 2014-04-23 13:09 - 00004474 _____ () C:\Users\Dell\Documents\Gás abril 2014.htm
2014-04-23 00:45 - 2014-04-23 00:41 - 00279889 _____ () C:\Users\Dell\Downloads\360TS_Setup.exe
2014-04-22 16:59 - 2014-04-22 16:56 - 67108864 _____ () C:\Users\Dell\Downloads\xpud-0.9.2.iso
2014-04-22 16:28 - 2014-04-22 16:28 - 14636360 _____ (NoVirusThanks Company Srl ) C:\Users\Dell\Downloads\EXERadar_Pro_x86_x64_Trial_Setup.exe
2014-04-22 11:30 - 2014-04-22 11:30 - 00409600 _____ (Farbar) C:\Users\Dell\Downloads\FSS.exe
2014-04-22 11:16 - 2014-04-22 11:16 - 00121069 _____ () C:\Users\Dell\Downloads\memtest86+-5.01.usb.installer.zip
2014-04-22 10:36 - 2014-03-22 02:14 - 00000000 ____D () C:\Program Files\Java
2014-04-22 10:34 - 2014-04-09 11:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 10:04 - 2014-04-22 09:57 - 159077280 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-i586.exe
2014-04-22 10:03 - 2014-04-22 09:56 - 162717600 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-8u5-windows-x64.exe
2014-04-21 22:17 - 2014-04-21 22:17 - 00448512 _____ (OldTimer Tools) C:\Users\Dell\Downloads\TFC.exe
2014-04-21 22:00 - 2014-04-21 21:59 - 00001731 _____ () C:\Users\Dell\Downloads\fixlist.txt
2014-04-21 19:19 - 2014-04-21 19:18 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64 (1).exe
2014-04-21 19:19 - 2014-04-21 19:17 - 34131368 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-8u5-windows-x64.exe
2014-04-21 19:04 - 2014-04-21 18:54 - 02456273 _____ (Oracle Corporation) C:\Users\Dell\Downloads\Não confirmado 202995.crdownload
2014-04-21 13:11 - 2014-04-21 13:10 - 06863066 _____ (Nicolas Coolman ) C:\Users\Dell\Downloads\zhpdiag2-2014.4.9.16.exe
2014-04-21 10:56 - 2014-03-30 18:50 - 00000000 ____D () C:\Users\Dell\Downloads\Systweak RegClean Pro v6.21.65.2364 With Key [h33t][iahq76]
2014-04-21 10:54 - 2014-04-21 10:54 - 00150281 _____ () C:\Users\Dell\Downloads\ProxyFix.zip
2014-04-21 01:04 - 2014-04-20 19:37 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\96123702.sys
2014-04-20 22:21 - 2014-03-25 15:02 - 00000000 ____D () C:\Users\Dell\AppData\Local\AnVir
2014-04-20 19:05 - 2014-04-20 19:05 - 00007606 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2014-04-20 17:39 - 2014-04-20 16:50 - 2431909888 _____ () C:\Users\Dell\Downloads\X17-59246.iso
2014-04-20 16:29 - 2014-04-20 16:29 - 07752311 _____ (FreeDownloadManager.ORG ) C:\Users\Dell\Downloads\Free download manager fdminst.exe
2014-04-19 23:23 - 2014-04-19 23:23 - 00004096 ___SH () C:\{189147AC-0408-4CA1-9100-C01F40F3E5F5}.CBM
2014-04-19 22:30 - 2013-03-26 09:22 - 00417792 ___SH () C:\EUMONBMP.SYS
2014-04-19 20:57 - 2013-08-18 17:27 - 00000286 __RSH () C:\Users\Dell\ntuser.pol
2014-04-19 18:18 - 2014-04-19 18:18 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-04-19 18:18 - 2014-04-19 18:18 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-19 18:18 - 2014-04-19 18:18 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-04-19 18:12 - 2014-01-17 05:41 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-19 16:28 - 2014-04-19 16:28 - 00390392 _____ (Bleeping Computer, LLC) C:\Users\Dell\Downloads\Lista registro criptografada em caso infecção ListCrilock.exe
2014-04-19 16:06 - 2014-04-19 16:06 - 01876816 _____ (SurfRight B.V.) C:\Users\Dell\Downloads\Anti Ransoware hmpalert25.exe
2014-04-19 12:34 - 2014-04-19 12:34 - 02823116 _____ () C:\Users\Dell\Downloads\CryptolockerPreventionKit.zip
2014-04-19 12:34 - 2014-04-19 12:34 - 00473008 _____ () C:\Users\Dell\Downloads\CryptoPrevent.zip
2014-04-18 15:19 - 2013-11-05 18:48 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
2014-04-18 15:08 - 2014-04-18 15:07 - 07255785 _____ () C:\Users\Dell\Downloads\bc57dc193791f301fb3b2d3522334aa0.mp4
2014-04-18 10:58 - 2014-04-18 10:47 - 535287324 _____ () C:\Users\Dell\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-04-18 09:21 - 2014-04-18 09:21 - 01586165 _____ () C:\Users\Dell\Downloads\ComIntRepair.exe
2014-04-18 08:28 - 2014-04-18 08:26 - 00004244 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 08:25 - 2014-04-18 08:25 - 01586165 _____ () C:\Users\Dell\Downloads\Correção dificuldades da internet ComIntRepair.exe
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2014-04-18 08:19 - 2014-03-26 12:19 - 00001985 _____ () C:\ProgramData\Desktop\COMODO Internet Security.lnk
2014-04-17 10:24 - 2014-04-17 10:24 - 08449818 _____ () C:\Users\Dell\Downloads\VID-20140408-WA0000.mp4
2014-04-17 10:24 - 2014-04-17 10:24 - 04881376 _____ () C:\Users\Dell\Downloads\57071749f97062bf0217533f22776ea5.mp4
2014-04-16 21:43 - 2014-04-16 21:43 - 00078845 _____ () C:\Users\Dell\Downloads\HostsTool.zip
2014-04-16 18:12 - 2014-03-05 12:54 - 00738472 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00105552 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00048360 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2014-04-16 18:12 - 2014-03-05 12:54 - 00023168 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2014-04-16 15:32 - 2014-04-16 15:31 - 04075110 _____ () C:\Users\Dell\Downloads\maparadar.rupi
2014-04-16 15:21 - 2014-04-10 11:18 - 00003007 _____ () C:\Users\Dell\Documents\Sygic - tutorial instalação.txt
2014-04-16 15:17 - 2014-04-16 15:17 - 00457835 _____ () C:\Users\Dell\Downloads\sygic_rupi_convertor.zip
2014-04-16 15:17 - 2014-04-16 15:16 - 01055930 _____ () C:\Users\Dell\Downloads\maparadar.txt
2014-04-16 12:20 - 2014-04-16 12:20 - 03278352 _____ () C:\Users\Dell\Downloads\Corrigir windows tweaking.com_windows_repair_aio.zip
2014-04-16 11:03 - 2013-04-01 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-16 09:19 - 2014-04-16 09:19 - 00000015 _____ () C:\Users\Dell\Desktop\IPVA 2014.txt
2014-04-15 19:41 - 2014-04-15 19:41 - 00000000 ____D () C:\Users\Dell\.jmc
2014-04-15 19:40 - 2014-04-15 19:40 - 00000000 ____D () C:\Users\Dell\.eclipse
2014-04-15 19:31 - 2014-04-15 19:28 - 113510621 _____ () C:\Users\Dell\Downloads\android-sdk_r22.0.5-windows.zip
2014-04-15 19:30 - 2014-04-15 19:27 - 131581344 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jdk-7u55-windows-x64.exe
2014-04-15 17:13 - 2014-04-15 17:13 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-04-15 10:37 - 2014-04-15 10:37 - 00132597 _____ () C:\Users\Dell\Downloads\Desinfectar usb Flash_Disinfector.exe
2014-04-14 22:20 - 2014-04-14 21:54 - 226340888 _____ () C:\Users\Dell\Downloads\EmsisoftEmergencyKit.txt
2014-04-14 20:13 - 2014-04-18 08:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 08:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 08:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 08:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 19:32 - 2014-04-14 12:19 - 00000000 ____D () C:\Users\Dell\Documents\Flight Simulator Files
2014-04-14 15:59 - 2014-04-14 15:59 - 09640719 _____ () C:\Users\Dell\Downloads\Bee Gees 1960 a 2012.wmv
2014-04-14 12:08 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00002113 _____ () C:\ProgramData\Desktop\Microsoft Flight Simulator 2004.lnk
2014-04-14 12:00 - 2014-04-14 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-04-14 11:37 - 2014-04-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:07 - 2014-04-14 11:07 - 00001217 _____ () C:\ProgramData\Desktop\Virtual CloneDrive.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-04-14 11:02 - 2014-04-14 11:01 - 01640984 _____ () C:\Users\Dell\Downloads\Montar e desmontar ISO SetupVirtualCloneDrive5470.exe
2014-04-14 08:46 - 2014-04-14 08:46 - 00015288 _____ () C:\Users\Dell\Downloads\Tabajara.cmd
2014-04-14 07:12 - 2014-04-14 07:02 - 135672432 _____ () C:\Users\Dell\Downloads\setup_11.0.1.1245.x01_2014_04_14_10_30.exe
2014-04-14 07:01 - 2014-04-14 07:01 - 00000176 _____ () C:\Windows\REC-NET.INI
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2014-04-14 07:01 - 2014-04-14 07:01 - 00000000 ____D () C:\Program Files (x86)\Programas RFB
2014-04-14 07:01 - 2013-04-18 12:24 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2014-04-14 07:00 - 2014-04-14 07:00 - 00000000 ____D () C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2014
2014-04-14 07:00 - 2013-04-18 12:25 - 00000000 ____D () C:\Arquivos de Programas RFB
2014-04-14 06:51 - 2014-04-14 06:50 - 22716032 _____ (Receita Federal do Brasil) C:\Users\Dell\Downloads\IRPF2014win32v1.1.exe
2014-04-14 06:51 - 2014-04-14 06:50 - 06182597 _____ (Serpro - Serviço Federal de Processamento de Dados) C:\Users\Dell\Downloads\Receitanet-1.04.exe
2014-04-13 23:24 - 2014-04-25 11:09 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-13 23:19 - 2014-04-25 11:09 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 19:45 - 2014-02-09 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-13 17:38 - 2014-04-13 17:38 - 00000000 ____D () C:\Users\Dell\Downloads\Nova pasta
2014-04-13 16:39 - 2014-04-13 16:38 - 10696960 _____ (Emsisoft GmbH ) C:\Users\Dell\Downloads\OnlineArmorSetup (1).exe
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieUserList
2014-04-13 12:28 - 2014-04-13 12:28 - 00000000 __SHD () C:\Users\Dell\AppData\Local\EmieSiteList
2014-04-12 22:16 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 22:14 - 2014-04-12 22:14 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-12 22:14 - 2014-04-12 22:14 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 22:14 - 2014-04-12 22:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-12 22:14 - 2014-04-12 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 09:52 - 2014-04-12 09:51 - 26455504 _____ () C:\Users\Dell\Downloads\SeaMonkey Setup 2.26b1.exe
2014-04-12 09:14 - 2014-04-11 22:18 - 00022302 _____ () C:\Users\Dell\Downloads\Result.txt
 
Files to move or delete:
====================
C:\ProgramData\RegistryReviver.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-03-05 10:38
 
==================== End Of Log ============================
 
 


#9 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 12 May 2014 - 01:10 PM

1. Remember that post last reboot FRST took 139 s or 2 minutes and 19, which is quite time consuming compared to the previous;

 

2. Sometimes, the Chrome browser information that is not responding.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:11 PM

Posted 13 May 2014 - 08:45 AM

Remember that post last reboot FRST took 139 s or 2 minutes and 19, which is quite time consuming compared to the previous;

Considering the great number of restrictions to repair I'm not surprise.
===
 

Sometimes, the Chrome browser information that is not responding.

Are you referring to this button?

p22003758.gif

I did notice that you have many extensions did you try to disable what you do not use regularly?

#11 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 13 May 2014 - 10:00 AM

We refer to is that earlier, at the beginning of this post, the equipment took about 70 seconds to start, now, even with the Fixlist, is taking almost the same time, ie, 139 s. 
 
Regarding bronser Chrome is what was locking up, so the message:" not responding. "
 
Really, we use 11 extensions, but we have a pretty big of them installed, but not active number. . . and prefer to lose a bit of speed to win in safety. 
 
  The machine is very light and fast now 
 
Could you tell what really happened with equipment. . . was not malware? What did we do wrong? 
 
Think necessary to leave the Malwaribytes Anti Malware Pro, Winpatrol and Spaware Blaster assets in equipment? 
 
Thanks for your attention. 
 
Enjoyed this site. . . is a reference. . .


#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:11 PM

Posted 14 May 2014 - 07:04 AM

quote]Think necessary to leave the Malwaribytes Anti Malware Pro, Winpatrol and Spaware Blaster assets in equipment? [/quote]

You have this version of Malwarebytes Anti-Malware versão 2.0.1.1004 if it's the paid version I would keep it otherwise I would remove it.

Winpatrol and Spyware Blaster are good to have.

As you your problem I do not know and cannot find out what caused all these restrictions.
I hope is not something you did with NTREGOPT. I never used the tool so cannot comment.
I know one thing I never used a Registry cleaner.

===

One last check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

#13 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 14 May 2014 - 07:26 AM

The Malwaribytes Anti Malware version 2.... has bug on some devices, as reported by us previously (increase CPU usage). We will reinstall and follow.

 

Checup txt:
 
 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
COMODO Antivirus   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 Spybot - Search & Destroy 
 Secunia PSI (3.0.0.9016)   
 Adobe Flash Player 13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1) 
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
 Google Chrome Plugins...  
````````Process Check: objlist.exe by Laurent````````  
 WinPatrol winpatrol.exe 
 Comodo Firewall cmdagent.exe 
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: = 
````````````````````End of Log`````````````````````` 


#14 Clade

Clade
  • Topic Starter

  • Members
  • 161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:11 PM

Posted 14 May 2014 - 08:26 AM

I know one thing I never used a Registry cleaner.(???)

 

Can you explain your placement. 

 
Few sites talk about not to move to the Windows registry. . . The majority suggests the use of cleaners and registry optimizers.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:11 PM

Posted 14 May 2014 - 09:20 AM

I have owned computer from the XP, vista and now Windows 7 and never used one.
One wrong removal entry from any of them can render you computer useless.

It will not increase the performance of your computer.
It's a database that programs use as required.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users