Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
6 replies to this topic

#1 Synha

Synha

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 05 September 2014 - 03:56 PM

Attached File  hijackthis.log   11.27KB   9 downloads



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:32 PM

Posted 10 September 2014 - 08:31 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

The HijackThis tool is not ready for the 64 bit operating system.
This one should be used from now on.

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#3 Synha

Synha
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 10 September 2014 - 02:06 PM

Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Severina Dutra at 2014-09-10 15:55:02
Running from C:\Users\Severina Dutra\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Atualizações da NVIDIA 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (x32 Version: 12.0.3205.55 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Expression Web 4 (x32 Version: 4.0.1460.0 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Word MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 pt-BR)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NVIDIA Driver de gráficos 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.14 (HKLM\...\{8DD94059-60C6-42E3-AB59-8F37445ACC79}) (Version: 4.3.14 - Oracle Corporation)
Painel de controle da NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.14 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe No File
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe No File
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll No File
CustomCLSID: HKU\S-1-5-21-887985975-2803371811-2650050332-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Severina Dutra\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
02-09-2014 04:30:58 Removed Bonjour
03-09-2014 20:16:20 Removed SpyHunter
06-09-2014 17:44:49 Removed SpyHunter
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {19B7ADC1-93FF-4E4A-808C-411509867D69} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DC59897-6EB5-44EF-BB6E-DDDD27B35E0B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-23] (AVAST Software)
Task: {2F50F043-54DD-48DA-A3CA-9C57E157ED73} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {33B60B97-890C-4F4C-9C84-9CA90F5ECB14} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E5768FA-DFA2-4FBF-B5F6-521EF679D991} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {58F0CA5A-DBF2-4BC5-875D-D2DA0896583B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-887985975-2803371811-2650050332-1002Core => C:\Users\Severina Dutra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-29] (Facebook Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6CF3B64D-CF9A-4630-AF8B-90DC5D410B16} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {6D1FD782-2FAC-4387-A5B7-DA2AD6400456} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75453182-0BC6-4A51-A4AE-444A8D3E5290} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93CBF177-2F72-4071-9C08-A27CEA9AC60F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {94B2444E-BE92-4064-918A-ACAA0A52A4BB} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9C324752-30D6-4DC9-885E-81EDC1CD07E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-08-13] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A43C709E-B4EC-466F-A502-A3D637E58082} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {ADD3E31E-AB89-4133-AE26-1EF2CBD1FCA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C6FBF964-E774-4B08-A194-22D5229082CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D223D148-EADF-4DDF-85CD-35A459964BDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-26] (Google Inc.)
Task: {D831022A-5FB7-46F5-B73D-946BCBEF42F2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E212F9A8-7A97-46A7-BE1A-F26029EA1A77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1FCF92A-73DE-482D-8C3A-D7338A31D379} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-26] (Google Inc.)
Task: {FD18DB92-102A-418D-83A3-BCCA105EB247} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-02] (Synaptics Incorporated)
Task: {FEFABB97-DDFB-4689-93BF-C85D69C77EA1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-887985975-2803371811-2650050332-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887985975-2803371811-2650050332-1002Core.job => C:\Users\Severina Dutra\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-01 01:56 - 2013-10-23 22:00 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-01 01:57 - 2013-10-23 05:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-01 02:16 - 2014-03-12 12:22 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-07-01 02:16 - 2014-03-12 12:22 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-09-04 23:20 - 2013-09-04 23:20 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-04 23:24 - 2013-09-04 23:24 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-07-01 02:16 - 2014-04-30 10:35 - 00486880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-08-23 19:17 - 2014-08-23 19:17 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-10 12:53 - 2014-09-10 12:53 - 02847744 _____ () C:\Program Files\AVAST Software\Avast\defs\14091000\algo.dll
2014-08-24 02:39 - 2014-06-21 03:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-08-24 02:39 - 2014-06-21 03:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-08-23 19:17 - 2014-08-23 19:17 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-01 02:05 - 2013-03-05 00:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-09-04 16:05 - 2014-08-29 23:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 16:05 - 2014-08-29 23:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-07-01 01:56 - 2013-10-23 22:00 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-04 16:05 - 2014-08-29 23:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 16:05 - 2014-08-29 23:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 16:05 - 2014-08-29 23:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-07-01 01:52 - 2013-09-03 21:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-07-01 02:16 - 2013-12-17 17:47 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-07-01 02:16 - 2012-11-25 23:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-07-01 02:16 - 2012-11-25 23:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Severina Dutra\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/10/2014 03:42:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/10/2014 03:42:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/10/2014 01:02:34 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (09/10/2014 00:52:55 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/10/2014 00:52:55 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/09/2014 04:35:00 PM) (Source: Google Update) (EventID: 20) (User: SINHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/09/2014 01:35:03 PM) (Source: Google Update) (EventID: 20) (User: SINHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/09/2014 01:29:04 PM) (Source: Google Update) (EventID: 20) (User: SINHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/09/2014 01:28:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/09/2014 01:28:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
 
System errors:
=============
Error: (09/10/2014 03:43:52 PM) (Source: DCOM) (EventID: 10010) (User: SINHA)
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
 
Error: (09/10/2014 03:42:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Autodesk Content Service devido ao seguinte erro: 
%%2
 
Error: (09/10/2014 03:41:36 PM) (Source: DCOM) (EventID: 10010) (User: SINHA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (09/10/2014 00:53:53 PM) (Source: DCOM) (EventID: 10010) (User: SINHA)
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
 
Error: (09/10/2014 00:52:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Autodesk Content Service devido ao seguinte erro: 
%%2
 
Error: (09/09/2014 01:28:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Autodesk Content Service devido ao seguinte erro: 
%%2
 
Error: (09/09/2014 05:17:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Superfetch terminou com o erro: 
%%1062
 
Error: (09/09/2014 05:03:54 AM) (Source: DCOM) (EventID: 10010) (User: SINHA)
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
 
Error: (09/09/2014 05:01:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Autodesk Content Service devido ao seguinte erro: 
%%2
 
Error: (09/08/2014 11:39:19 PM) (Source: DCOM) (EventID: 10010) (User: SINHA)
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
 
 
Microsoft Office Sessions:
=========================
Error: (09/10/2014 03:42:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/10/2014 03:42:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/10/2014 01:02:34 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (09/10/2014 00:52:55 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/10/2014 00:52:55 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (09/09/2014 04:35:00 PM) (Source: Google Update) (EventID: 20) (User: SINHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/09/2014 01:35:03 PM) (Source: Google Update) (EventID: 20) (User: SINHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/09/2014 01:29:04 PM) (Source: Google Update) (EventID: 20) (User: SINHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/09/2014 01:28:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (09/09/2014 01:28:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 27%
Total physical RAM: 8096.45 MB
Available physical RAM: 5869.52 MB
Total Pagefile: 16288.45 MB
Available Pagefile: 13874.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:921.2 GB) (Free:805.06 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.45 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:8.93 GB) (Free:0.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0DD89B7B)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

FRST
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Severina Dutra (administrator) on SINHA on 10-09-2014 15:54:09
Running from C:\Users\Severina Dutra\Downloads
Platform: Windows 8.1 Single Language (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Facebook Inc.) C:\Users\Severina Dutra\AppData\Local\Facebook\Update\FacebookUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1360600 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1360600 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760432 2013-08-02] (Dell Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-23] (AVAST Software)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-21] (Autodesk Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-04] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\Run: [Facebook Update] => C:\Users\Severina Dutra\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-29] (Facebook Inc.)
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\Policies\Explorer: [] 
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\MountPoints2: {05651393-1b41-11e4-8259-90489aee9684} - "E:\SETUP.EXE" 
HKU\S-1-5-21-887985975-2803371811-2650050332-1002\...\MountPoints2: {a8288b29-1b59-11e4-825a-90489aee9684} - "E:\Setup.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sh4native Sh4RemovalPCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {534B7286-7730-4FF6-BBC7-4DB366667482} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - {534B7286-7730-4FF6-BBC7-4DB366667482} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKCU - {534B7286-7730-4FF6-BBC7-4DB366667482} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4C941C0E-FCC0-44D8-A0B4-B5CD18781D09}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 
FireFox:
========
FF ProfilePath: C:\Users\Severina Dutra\AppData\Roaming\Mozilla\Firefox\Profiles\pmvaa38b.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Severina Dutra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-23]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-26]
CHR Extension: (Google Drive) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-26]
CHR Extension: (YouTube) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-26]
CHR Extension: (Adblock Plus) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-03]
CHR Extension: (Pesquisa do Google) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-26]
CHR Extension: (avast! Online Security) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-24]
CHR Extension: (Save Sense (Edge)) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlfekbihalclhgcbbdggcnjagkgflgkd [2014-07-26]
CHR Extension: (Google Wallet) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-26]
CHR Extension: (Blue Space Sunset Chrome Theme) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog [2014-07-26]
CHR Extension: (Gmail) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-23]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-21] (Autodesk Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-04] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-23] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-07-01] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-04] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S2 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-23] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-04] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-24] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-02] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 15:54 - 2014-09-10 15:54 - 00021539 _____ () C:\Users\Severina Dutra\Downloads\FRST.txt
2014-09-10 15:54 - 2014-09-10 15:54 - 00000000 ____D () C:\FRST
2014-09-10 15:48 - 2014-09-10 15:49 - 02105856 _____ (Farbar) C:\Users\Severina Dutra\Downloads\FRST64.exe
2014-09-10 15:45 - 2014-09-10 15:45 - 01370467 _____ () C:\Users\Severina Dutra\Downloads\adwcleaner_3.309 (1).exe
2014-09-10 15:43 - 2014-09-10 15:43 - 00000000 ___RD () C:\Users\Severina Dutra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-10 15:39 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-10 15:38 - 2014-09-10 15:41 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:36 - 2014-09-10 15:37 - 01370467 _____ () C:\Users\Severina Dutra\Downloads\adwcleaner_3.309.exe
2014-09-10 12:54 - 2014-09-10 12:54 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Autodesk Application Manager
2014-09-10 12:53 - 2014-09-10 12:53 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Bluetooth Folder
2014-09-08 22:29 - 2014-09-08 22:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-08 22:29 - 2014-09-08 22:29 - 00000000 _____ () C:\Windows\setupact.log
2014-09-08 22:16 - 2014-09-10 15:42 - 00000660 _____ () C:\Windows\PFRO.log
2014-09-08 22:05 - 2014-09-10 15:15 - 00717074 _____ () C:\Windows\WindowsUpdate.log
2014-09-06 04:40 - 2014-09-06 04:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-06 04:40 - 2014-09-06 04:40 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Comodo
2014-09-06 04:30 - 2014-09-06 04:30 - 00001164 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-09-06 04:30 - 2014-09-06 04:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-09-06 04:30 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2014-09-05 17:26 - 2014-09-05 17:46 - 00000000 ____D () C:\MGtools
2014-09-03 17:12 - 2014-09-10 15:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-01 19:45 - 2014-09-01 19:45 - 01990574 _____ () C:\mgtools-32-bits [1].exe
2014-08-31 18:27 - 2014-09-08 19:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-31 18:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-31 18:27 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-31 17:58 - 2014-09-03 19:24 - 00001716 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-08-31 17:58 - 2013-04-08 16:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2014-08-31 17:29 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-08-31 17:28 - 2014-08-31 17:28 - 00001300 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-08-31 17:28 - 2014-08-31 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-08-31 17:28 - 2014-08-31 17:28 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-08-31 17:17 - 2014-08-31 17:17 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-31 17:17 - 2014-08-31 17:17 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-31 17:17 - 2014-08-31 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-31 17:16 - 2014-08-31 17:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-31 15:00 - 2014-09-08 19:47 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-31 15:00 - 2014-09-03 19:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-08-31 15:00 - 2014-09-03 17:12 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\Malwarebytes
2014-08-31 15:00 - 2014-08-31 18:27 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-08-31 15:00 - 2014-08-31 18:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 15:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-27 21:39 - 2014-08-22 21:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 00:42 - 2014-08-26 00:42 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Intel_Corporation
2014-08-25 15:32 - 2014-08-25 15:45 - 00000000 ____D () C:\Users\Severina Dutra\.gimp-2.8
2014-08-25 15:32 - 2014-08-25 15:32 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\gegl-0.2
2014-08-25 00:34 - 2014-09-08 21:46 - 00000000 ____D () C:\Windows\Minidump
2014-08-25 00:20 - 2014-08-25 00:20 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Macromedia
2014-08-25 00:18 - 2014-08-25 00:18 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-25 00:18 - 2014-08-25 00:18 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-25 00:18 - 2014-08-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-25 00:18 - 2014-08-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-24 23:49 - 2014-08-25 04:51 - 00001420 _____ () C:\Users\Severina Dutra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (2).lnk
2014-08-24 23:49 - 2014-08-24 23:52 - 00001390 _____ () C:\Users\Severina Dutra\Desktop\Internet Explorer (3).lnk
2014-08-24 22:58 - 2010-05-13 17:34 - 00014232 _____ () C:\Windows\SysWOW64\sh4native.exe
2014-08-24 22:57 - 2014-09-02 01:47 - 00965755 _____ () C:\spyhunter.fix
2014-08-24 21:56 - 2014-09-06 14:45 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-08-24 21:56 - 2014-08-24 21:56 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-08-24 20:47 - 2014-08-24 20:49 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-08-24 19:38 - 2014-08-24 19:38 - 00000000 _____ () C:\autoexec.bat
2014-08-24 19:37 - 2014-08-24 20:29 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-24 11:36 - 2014-08-24 11:36 - 00003184 _____ () C:\Windows\System32\Tasks\{97D2E719-7889-4ABA-BD48-B95EAE02CBBE}
2014-08-24 02:20 - 2014-08-24 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-08-24 02:19 - 2014-08-24 02:39 - 00000000 ____D () C:\Users\Todos os Usuários\Package Cache
2014-08-24 02:19 - 2014-08-24 02:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 02:16 - 2014-08-24 02:16 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-08-24 02:16 - 2014-08-24 02:16 - 00001964 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-08-24 02:16 - 2014-08-24 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-08-24 02:16 - 2014-08-24 02:16 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-08-23 20:29 - 2014-09-06 12:45 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\vlc
2014-08-23 20:27 - 2014-08-23 20:27 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-23 19:20 - 2014-08-23 19:20 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\AVAST Software
2014-08-23 19:19 - 2014-08-23 19:19 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-23 19:19 - 2014-08-23 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-23 19:18 - 2014-09-08 15:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-23 19:17 - 2014-08-23 19:18 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-23 19:17 - 2014-08-23 19:17 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-23 19:17 - 2014-08-23 19:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-23 19:13 - 2014-08-23 19:13 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-23 19:10 - 2014-08-23 19:13 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software
2014-08-23 19:10 - 2014-08-23 19:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-14 22:15 - 2014-08-14 22:15 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\cache
2014-08-14 05:09 - 2014-08-14 15:00 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-14 05:08 - 2014-08-14 05:08 - 00000000 ____D () C:\Program Files\Alwil Software
2014-08-14 05:08 - 2003-03-18 17:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2014-08-14 05:08 - 2003-03-18 16:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP71.dll
2014-08-14 05:08 - 2003-02-21 00:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCR71.dll
2014-08-13 18:19 - 2014-08-06 19:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 18:19 - 2014-08-02 02:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 18:19 - 2014-08-02 00:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-13 18:19 - 2014-07-10 01:52 - 13292544 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-13 18:19 - 2014-07-10 01:47 - 11794944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-13 18:19 - 2014-07-10 01:33 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-08-13 18:19 - 2014-07-10 01:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-08-13 18:19 - 2014-07-10 00:38 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 18:19 - 2014-07-10 00:36 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-12 18:17 - 2014-07-25 11:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-12 18:17 - 2014-07-25 10:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-12 18:17 - 2014-07-25 10:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-12 18:17 - 2014-07-25 10:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-12 18:17 - 2014-07-25 10:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-12 18:17 - 2014-07-25 09:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-12 18:17 - 2014-07-25 09:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-12 18:17 - 2014-07-25 09:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-12 18:17 - 2014-07-25 09:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-12 18:17 - 2014-07-25 09:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-12 18:17 - 2014-07-25 09:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-12 18:17 - 2014-07-25 09:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-12 18:17 - 2014-07-25 09:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-12 18:17 - 2014-07-25 09:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-12 18:17 - 2014-07-25 09:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-12 18:17 - 2014-07-25 09:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-12 18:17 - 2014-07-25 08:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-12 18:17 - 2014-07-25 08:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-12 18:17 - 2014-07-25 08:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-12 18:17 - 2014-07-25 08:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-12 18:17 - 2014-07-25 08:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-12 18:17 - 2014-07-25 08:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-12 18:17 - 2014-07-25 08:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-12 18:17 - 2014-07-25 08:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-12 18:17 - 2014-07-25 08:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-12 18:17 - 2014-07-25 08:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-12 18:17 - 2014-07-25 08:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-12 18:17 - 2014-07-25 08:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-12 18:17 - 2014-07-25 08:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-12 18:17 - 2014-07-25 07:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-12 18:17 - 2014-07-25 07:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-12 18:17 - 2014-07-25 07:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-12 18:17 - 2014-07-25 07:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-12 18:17 - 2014-07-25 07:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-12 18:17 - 2014-07-25 07:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-12 18:13 - 2014-06-19 22:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-12 18:13 - 2014-06-19 20:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 18:13 - 2014-06-12 22:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-12 18:13 - 2014-06-12 22:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-12 18:13 - 2014-06-12 21:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-12 18:13 - 2014-06-06 08:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-12 18:12 - 2014-07-15 15:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-12 18:12 - 2014-07-15 05:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-12 18:12 - 2014-07-15 05:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-12 18:12 - 2014-07-15 05:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-12 18:12 - 2014-07-10 01:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-12 18:12 - 2014-07-10 01:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-12 18:12 - 2014-07-10 00:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-12 18:12 - 2014-06-09 19:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-12 18:12 - 2014-06-09 19:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-12 18:12 - 2014-05-31 03:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-12 18:12 - 2014-05-13 04:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-12 18:12 - 2014-05-13 02:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-12 18:12 - 2014-05-13 01:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-12 18:12 - 2014-05-13 01:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-12 18:12 - 2014-05-13 00:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-12 18:12 - 2014-05-13 00:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-12 18:12 - 2014-05-03 08:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-12 18:12 - 2014-05-03 06:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-12 18:12 - 2014-05-03 02:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-12 18:12 - 2014-05-03 02:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-12 18:12 - 2014-05-03 02:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-12 18:12 - 2014-05-03 02:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-12 18:12 - 2014-05-03 01:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-12 18:12 - 2014-05-03 01:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-12 18:12 - 2014-05-03 01:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-12 18:12 - 2014-05-02 20:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-12 18:12 - 2014-05-01 02:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-12 18:12 - 2014-04-30 03:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-12 18:12 - 2014-04-30 03:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-12 18:12 - 2014-04-30 03:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-12 18:12 - 2014-04-30 03:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-12 18:12 - 2014-04-30 02:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-12 18:12 - 2014-04-30 01:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-12 18:12 - 2014-04-30 01:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-12 18:12 - 2014-04-30 01:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-12 18:12 - 2014-04-30 01:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-12 18:12 - 2014-04-30 01:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-12 18:12 - 2014-04-30 01:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-12 18:12 - 2014-04-30 00:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-12 18:12 - 2014-04-30 00:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-12 18:12 - 2014-04-30 00:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-12 18:12 - 2014-04-30 00:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-12 18:12 - 2014-04-30 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-12 18:12 - 2014-04-30 00:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-12 18:12 - 2014-04-28 19:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-12 18:12 - 2014-04-26 19:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-12 18:12 - 2014-04-26 17:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-12 18:12 - 2014-04-26 13:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-12 18:12 - 2014-04-14 06:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-12 18:12 - 2014-04-14 05:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-12 18:12 - 2014-04-14 02:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-12 18:12 - 2014-04-09 03:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-12 18:12 - 2014-04-09 02:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-12 18:08 - 2014-08-06 23:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-12 18:08 - 2014-08-02 00:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-12 18:08 - 2014-07-12 01:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-12 18:08 - 2014-06-05 11:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-12 18:08 - 2014-06-05 10:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-12 18:08 - 2014-06-01 23:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-12 18:08 - 2014-05-31 07:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-12 18:08 - 2014-05-31 07:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-12 18:08 - 2014-05-31 07:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-12 18:08 - 2014-05-31 07:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-12 18:08 - 2014-05-31 07:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-12 18:08 - 2014-05-31 03:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-12 18:08 - 2014-05-31 03:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-12 18:08 - 2014-05-31 03:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-12 18:08 - 2014-05-31 01:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-12 18:08 - 2014-05-31 01:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-12 18:08 - 2014-05-31 01:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-12 18:08 - 2014-05-27 12:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-12 18:08 - 2014-05-27 06:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-12 18:08 - 2014-05-27 06:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-12 18:08 - 2014-05-17 01:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-12 18:08 - 2014-05-17 01:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-12 18:08 - 2014-03-31 02:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-12 18:05 - 2014-06-04 06:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-12 18:05 - 2014-06-04 02:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-12 18:05 - 2014-06-04 02:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-12 18:05 - 2014-06-04 01:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-12 18:05 - 2014-06-04 01:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 15:54 - 2014-09-10 15:54 - 00021539 _____ () C:\Users\Severina Dutra\Downloads\FRST.txt
2014-09-10 15:54 - 2014-09-10 15:54 - 00000000 ____D () C:\FRST
2014-09-10 15:52 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-10 15:51 - 2014-09-03 17:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 15:50 - 2014-07-01 02:15 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-09-10 15:49 - 2014-09-10 15:48 - 02105856 _____ (Farbar) C:\Users\Severina Dutra\Downloads\FRST64.exe
2014-09-10 15:48 - 2014-07-26 17:50 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-887985975-2803371811-2650050332-1002
2014-09-10 15:45 - 2014-09-10 15:45 - 01370467 _____ () C:\Users\Severina Dutra\Downloads\adwcleaner_3.309 (1).exe
2014-09-10 15:43 - 2014-09-10 15:43 - 00000000 ___RD () C:\Users\Severina Dutra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-09-10 15:43 - 2014-07-28 15:34 - 00000000 ___DO () C:\Users\Severina Dutra\OneDrive
2014-09-10 15:42 - 2014-09-08 22:16 - 00000660 _____ () C:\Windows\PFRO.log
2014-09-10 15:42 - 2014-07-26 17:53 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 15:42 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 15:41 - 2014-09-10 15:38 - 00000000 ____D () C:\AdwCleaner
2014-09-10 15:41 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-10 15:37 - 2014-09-10 15:36 - 01370467 _____ () C:\Users\Severina Dutra\Downloads\adwcleaner_3.309.exe
2014-09-10 15:15 - 2014-09-08 22:05 - 00717074 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 14:58 - 2014-07-26 17:53 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 13:49 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-10 12:54 - 2014-09-10 12:54 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Autodesk Application Manager
2014-09-10 12:53 - 2014-09-10 12:53 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Bluetooth Folder
2014-09-09 17:52 - 2014-07-30 19:56 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Fanfic
2014-09-09 17:48 - 2014-07-30 19:54 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Estudos
2014-09-09 15:31 - 2014-07-30 19:39 - 00000000 ____D () C:\Users\Severina Dutra\.smplayer
2014-09-09 05:12 - 2014-03-18 07:07 - 01800588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 05:12 - 2014-03-18 06:29 - 00775938 _____ () C:\Windows\system32\prfh0416.dat
2014-09-09 05:12 - 2014-03-18 06:29 - 00159030 _____ () C:\Windows\system32\prfc0416.dat
2014-09-08 22:29 - 2014-09-08 22:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-08 22:29 - 2014-09-08 22:29 - 00000000 _____ () C:\Windows\setupact.log
2014-09-08 22:19 - 2014-07-30 19:35 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Programas
2014-09-08 22:08 - 2014-07-01 02:10 - 00000000 ____D () C:\Users\Todos os Usuários\PCDr
2014-09-08 22:08 - 2014-07-01 02:10 - 00000000 ____D () C:\ProgramData\PCDr
2014-09-08 21:46 - 2014-08-25 00:34 - 00000000 ____D () C:\Windows\Minidump
2014-09-08 21:46 - 2014-07-29 13:52 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\CrashDumps
2014-09-08 19:47 - 2014-08-31 18:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-08 19:47 - 2014-08-31 15:00 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-08 18:21 - 2014-07-31 20:31 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\Skype
2014-09-08 15:48 - 2014-07-28 20:07 - 00003108 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-887985975-2803371811-2650050332-1002
2014-09-08 15:46 - 2014-08-23 19:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-08 03:02 - 2014-07-26 14:02 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Packages
2014-09-07 13:32 - 2014-07-26 14:02 - 00000000 ____D () C:\Users\Severina Dutra
2014-09-07 08:13 - 2014-07-26 17:51 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{86999A85-F370-4DDA-9A41-6890528C2D57}
2014-09-06 14:45 - 2014-08-24 21:56 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-09-06 12:45 - 2014-08-23 20:29 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\vlc
2014-09-06 04:48 - 2014-09-06 04:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-09-06 04:40 - 2014-09-06 04:40 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Comodo
2014-09-06 04:30 - 2014-09-06 04:30 - 00001164 _____ () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-09-06 04:30 - 2014-09-06 04:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-09-06 04:30 - 2014-08-02 12:33 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-09-06 04:30 - 2014-07-30 19:36 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-09-05 17:46 - 2014-09-05 17:26 - 00000000 ____D () C:\MGtools
2014-09-05 17:46 - 2014-07-26 14:02 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\VirtualStore
2014-09-03 20:43 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\System
2014-09-03 19:25 - 2014-08-31 15:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-03 19:24 - 2014-08-31 17:58 - 00001716 _____ () C:\Windows\SysWOW64\BroomData.bit
2014-09-03 17:12 - 2014-08-31 15:00 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\Malwarebytes
2014-09-03 09:10 - 2014-07-30 19:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-02 17:32 - 2014-07-30 20:09 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Filmes
2014-09-02 01:48 - 2013-08-22 11:44 - 00488552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-02 01:47 - 2014-08-24 22:57 - 00965755 _____ () C:\spyhunter.fix
2014-09-02 01:38 - 2014-07-29 15:03 - 00000000 ____D () C:\Users\Todos os Usuários\Apple
2014-09-02 01:38 - 2014-07-29 15:03 - 00000000 ____D () C:\ProgramData\Apple
2014-09-02 01:35 - 2014-07-29 15:04 - 00000000 ____D () C:\Users\Todos os Usuários\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 01:35 - 2014-07-29 15:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 01:30 - 2014-08-04 11:36 - 00000000 ____D () C:\Users\Todos os Usuários\Autodesk
2014-09-02 01:30 - 2014-08-04 11:36 - 00000000 ____D () C:\ProgramData\Autodesk
2014-09-02 01:28 - 2014-08-04 11:36 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\Autodesk
2014-09-01 19:45 - 2014-09-01 19:45 - 01990574 _____ () C:\mgtools-32-bits [1].exe
2014-08-31 18:27 - 2014-08-31 15:00 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-08-31 18:27 - 2014-08-31 15:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 17:28 - 2014-08-31 17:28 - 00001300 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-08-31 17:28 - 2014-08-31 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-08-31 17:28 - 2014-08-31 17:28 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-08-31 17:19 - 2014-08-03 18:41 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\DAEMON Tools Lite
2014-08-31 17:19 - 2014-07-29 18:21 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\uTorrent
2014-08-31 17:18 - 2014-07-01 05:33 - 00000000 ____D () C:\Windows\Panther
2014-08-31 17:17 - 2014-08-31 17:17 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-31 17:17 - 2014-08-31 17:17 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-31 17:17 - 2014-08-31 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-31 17:17 - 2014-08-31 17:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-27 23:36 - 2013-08-22 12:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-26 00:42 - 2014-08-26 00:42 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Intel_Corporation
2014-08-25 16:19 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\rescache
2014-08-25 15:45 - 2014-08-25 15:32 - 00000000 ____D () C:\Users\Severina Dutra\.gimp-2.8
2014-08-25 15:32 - 2014-08-25 15:32 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\gegl-0.2
2014-08-25 04:51 - 2014-08-24 23:49 - 00001420 _____ () C:\Users\Severina Dutra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (2).lnk
2014-08-25 00:20 - 2014-08-25 00:20 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Macromedia
2014-08-25 00:18 - 2014-08-25 00:18 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-25 00:18 - 2014-08-25 00:18 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-25 00:18 - 2014-08-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-25 00:18 - 2014-08-25 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-24 23:52 - 2014-08-24 23:49 - 00001390 _____ () C:\Users\Severina Dutra\Desktop\Internet Explorer (3).lnk
2014-08-24 23:21 - 2014-08-24 02:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-08-24 21:56 - 2014-08-24 21:56 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group
2014-08-24 20:49 - 2014-08-24 20:47 - 00000000 ____D () C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2014-08-24 20:29 - 2014-08-24 19:37 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-24 19:38 - 2014-08-24 19:38 - 00000000 _____ () C:\autoexec.bat
2014-08-24 11:36 - 2014-08-24 11:36 - 00003184 _____ () C:\Windows\System32\Tasks\{97D2E719-7889-4ABA-BD48-B95EAE02CBBE}
2014-08-24 07:07 - 2014-07-01 02:13 - 00000000 ____D () C:\Users\Todos os Usuários\McAfee
2014-08-24 07:07 - 2014-07-01 02:13 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-24 02:39 - 2014-08-24 02:19 - 00000000 ____D () C:\Users\Todos os Usuários\Package Cache
2014-08-24 02:39 - 2014-08-24 02:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 02:39 - 2014-08-05 23:53 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\Autodesk
2014-08-24 02:16 - 2014-08-24 02:16 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-08-24 02:16 - 2014-08-24 02:16 - 00001964 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-08-24 02:16 - 2014-08-24 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-08-24 02:16 - 2014-08-24 02:16 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-08-23 22:30 - 2014-07-30 19:54 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Curriculos
2014-08-23 20:27 - 2014-08-23 20:27 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-23 19:25 - 2013-08-22 12:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-08-23 19:20 - 2014-08-23 19:20 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Roaming\AVAST Software
2014-08-23 19:19 - 2014-08-23 19:19 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-23 19:19 - 2014-08-23 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-23 19:18 - 2014-08-23 19:17 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-23 19:17 - 2014-08-23 19:17 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-23 19:17 - 2014-08-23 19:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-23 19:17 - 2014-08-23 19:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-23 19:13 - 2014-08-23 19:13 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-23 19:13 - 2014-08-23 19:10 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software
2014-08-23 19:13 - 2014-08-23 19:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-23 18:01 - 2014-07-30 19:51 - 00000000 ____D () C:\Users\Severina Dutra\Documents\Animes
2014-08-22 21:42 - 2014-08-27 21:39 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-17 18:15 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-14 22:15 - 2014-08-14 22:15 - 00000000 ____D () C:\Users\Severina Dutra\AppData\Local\cache
2014-08-14 15:12 - 2014-07-26 17:45 - 00000000 ____D () C:\Users\Todos os Usuários\softthinks
2014-08-14 15:12 - 2014-07-26 17:45 - 00000000 ____D () C:\ProgramData\softthinks
2014-08-14 15:00 - 2014-08-14 05:09 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-14 05:08 - 2014-08-14 05:08 - 00000000 ____D () C:\Program Files\Alwil Software
2014-08-14 04:45 - 2013-08-22 12:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-14 04:44 - 2014-07-30 18:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 20:23 - 2014-07-30 18:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 20:19 - 2014-07-30 18:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 05:10 - 2014-07-01 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-08-13 04:59 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 04:59 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-13 04:59 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-13 04:59 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\Camera
2014-08-12 18:07 - 2014-03-18 07:16 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-12 18:05 - 2014-03-18 07:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-12 18:05 - 2014-03-18 07:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-12 18:05 - 2013-08-22 08:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-12 18:05 - 2013-08-22 08:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-12 18:05 - 2013-08-22 08:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-12 18:05 - 2013-08-22 08:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-12 18:05 - 2013-08-22 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-12 18:05 - 2013-08-22 08:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-12 18:05 - 2013-08-22 07:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-12 18:05 - 2013-08-22 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-12 18:05 - 2013-08-22 00:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-12 18:05 - 2013-08-22 00:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-12 18:05 - 2013-08-22 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-12 18:05 - 2013-08-22 00:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-12 18:05 - 2013-08-22 00:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-12 18:04 - 2014-03-18 07:16 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
 
Some content of TEMP:
====================
C:\Users\Severina Dutra\AppData\Local\Temp\AcDeltree.exe
C:\Users\Severina Dutra\AppData\Local\Temp\COMAP.EXE
C:\Users\Severina Dutra\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Severina Dutra\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Severina Dutra\AppData\Local\Temp\ochelper.dll
C:\Users\Severina Dutra\AppData\Local\Temp\ochelper.exe
C:\Users\Severina Dutra\AppData\Local\Temp\ose00001.exe
C:\Users\Severina Dutra\AppData\Local\Temp\Quarantine.exe
C:\Users\Severina Dutra\AppData\Local\Temp\SHSetup.exe
C:\Users\Severina Dutra\AppData\Local\Temp\Spark_Setup_all.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-07 14:35
 
==================== End Of Log ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:32 PM

Posted 11 September 2014 - 07:11 AM

Clean your Temporary files/Folders.

Download TFC to your desktop
  • Close any open windows.
  • Double click the TFC icon to run the program.
  • TFC will close all open programs itself in order to run.
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted, it should not take long to finish.
  • Once it's finished, click OK to reboot.
  • If it does not reboot, reboot your system manually.
  • ===

    Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

    start
    SearchScopes: HKLM - {534B7286-7730-4FF6-BBC7-4DB366667482} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
    SearchScopes: HKLM-x32 - {534B7286-7730-4FF6-BBC7-4DB366667482} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
    SearchScopes: HKCU - {534B7286-7730-4FF6-BBC7-4DB366667482} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
    CHR Extension: (Save Sense (Edge)) - C:\Users\Severina Dutra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlfekbihalclhgcbbdggcnjagkgflgkd [2014-07-26]
    S2 Autodesk Content Service; "C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe" [X]
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    
    End
    
    Save the files as fixlist.txt into the same folder as FRST

    Run FRST and click Fix only once and wait.

    Restart the computer normally to reset the registry.

    The tool will create a log (Fixlog.txt) please post it to your reply.
    ===

    Download Security Check by screen317 from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    p.s.
    If the SecurityCheck program fails to run for any reason, run it as an Administrator.

    If the site is busy or not available use this mirror site:
    http://www.bleepingcomputer.com/download/securitycheck/
    ===

    How is the computer running now?


#5 Synha

Synha
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 12 September 2014 - 03:46 PM

It's so much better, thank you 
 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Panda Cloud Cleaner   
 Adobe Flash Player 14.0.0.179  
 Adobe Reader XI  
 Mozilla Firefox (31.0) 
 Google Chrome 36.0.1985.143  
 Google Chrome 37.0.2062.103  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:32 PM

Posted 13 September 2014 - 08:16 AM

The security check log is clean.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:32 PM

Posted 13 September 2014 - 08:17 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users