Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GameHarbor.org open with Google Chrome at Startup


  • This topic is locked This topic is locked
8 replies to this topic

#1 AzoroFox

AzoroFox

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 13 September 2014 - 08:51 AM

DDS Log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.51.2
Run by Ricardo at 14:46:41 on 2014-09-13
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.351.2070.18.4063.1919 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\ASGT.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\SCP-DS\ScpService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Users\Ricardo\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Users\Ricardo\AppData\Local\Akamai\netsession_win.exe
C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991
uSearch Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Programa Auxiliar de Início de Sessão da conta Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - 
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 
EB: Web Test Recorder 10.0: {3142c289-f319-47f5-a594-a827028714c9} - 
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - 
uRun: [Google Update] "C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
uRun: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart
uRun: [Akamai NetSession Interface] "C:\Users\Ricardo\AppData\Local\Akamai\netsession_win.exe"
uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [AdobeBridge] <no file>
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{C5FCAC48-000B-41B1-864E-5046020F1212} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - 
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: CThemeResourceChangerObject Class - {F791A188-699D-4FD4-955A-EB59E89B1907} - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-4-15 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-13 50976]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-9-14 283200]
R2 ASGT;ASGT;C:\Windows\SysWOW64\ASGT.exe [2012-1-17 55296]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 Ds3Service;SCP DS3 Service;C:\Program Files (x86)\SCP-DS\ScpService.exe [2014-5-12 381952]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-9-4 2525008]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-9-13 161560]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-8-8 377616]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-7-1 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-7-1 21055432]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-6-21 413472]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-9-15 5790064]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-31 5341536]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-9-15 487280]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-9-13 363800]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-8-11 1820184]
R3 IOMap;IOMap;C:\Windows\System32\drivers\IOMap64.sys [2012-9-13 23680]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-7-1 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-7-1 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-9-13 677480]
R3 ScpVBus;Scp Virtual Bus Driver;C:\Windows\System32\drivers\ScpVBus.sys [2014-5-12 39168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-3-4 49152]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2012-4-14 15768]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-12-16 131912]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-9-14 115272]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 NVFLASH;NVFLASH;C:\Windows\System32\drivers\nvflash.sys [2012-12-24 15168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2012-4-14 88960]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-21 42184]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2012-9-15 18288]
S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem --> C:\Windows\System32\xsherlock.xem [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;"c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" --> c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [?]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS --> c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [?]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-09-13 12:50:57 -------- d-----w- C:\FRST
2014-09-12 12:36:31 -------- d-----w- C:\ProgramData\Malwarebytes
2014-09-06 20:27:57 -------- d-----w- C:\Program Files (x86)\Origin Games
2014-09-04 14:30:06 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2014-08-26 15:55:52 -------- d-----w- C:\Program Files (x86)\AVG Security Toolbar
2014-08-26 15:55:41 -------- d-----w- C:\ProgramData\Avg_Update_0814tb
.
==================== Find3M  ====================
.
2014-09-10 19:42:08 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 19:42:08 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-11 22:14:54 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-05-01 20:06:13 84 ----a-w- C:\Program Files (x86)\update-MEdge.bat
2010-08-03 10:11:16 819200 --sha-w- C:\Windows\SysWOW64\xvidcore.dll
2010-08-03 10:11:16 180224 --sha-w- C:\Windows\SysWOW64\xvidvfw.dll
.
============= FINISH: 14:47:07,77 ===============
 
 
 
I also ran FRST and did a Scan, I have FRST.txt and Addition.txt ready if necessary.

Attached Files



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 13 September 2014 - 11:33 AM

Hi,

I have FRST.txt and Addition.txt ready if necessary.

Yes, please post them.

#3 AzoroFox

AzoroFox
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 13 September 2014 - 12:02 PM

FRST.txt :

 

 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Ricardo (administrator) on RICARDO-PC on 13-09-2014 14:14:37
Running from C:\Users\Ricardo\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\SCP-DS\ScpService.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Akamai Technologies, Inc.) C:\Users\Ricardo\AppData\Local\Akamai\netsession_win.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Spotify Ltd) C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Akamai Technologies, Inc.) C:\Users\Ricardo\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Google Inc.) C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Google Inc.) C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Google Update] => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-13] (Google Inc.)
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe -autostart
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ricardo\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Facebook Update] => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-23] (Facebook Inc.)
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [Spotify Web Helper] => C:\Users\Ricardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-03] (Spotify Ltd)
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c167991
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.b1.org/?bsrc=hmior&chid=c167991
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCEC0D376E891CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-PT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={EFA3BBD9-AC15-4E35-A16A-1B2BD1FA1A15}&mid=6e5a68d533e647d09575192946055bce-0a355d0d7372e3a95ccd5e5eb38dbfa9a752a840&lang=pt&ds=AVG&pr=fr&d=2012-09-13 20:53:00&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Programa Auxiliar de Início de Sessão da conta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.kr/RCplugin -> C:\Users\Ricardo\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ricardo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ricardo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR DefaultSearchKeyword: Default -> CE8DAE12546F2B1F380DA3974CE2CA530956F46EDFEDBA08015154F03E667B9C
CHR DefaultSearchURL: Default -> 881F2FBC88785DFDD3A7F26738E05F3ADF732CC69FFE603BC2A46B0B8997BF5B
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (wareztuga.tv streamer) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajnommifabkikkfaponcacapkfaghkcj [2012-11-26]
CHR Extension: (Turn Off the Lights) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2012-12-18]
CHR Extension: (Slinky Elegante) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2014-05-13]
CHR Extension: (AdBlock) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-08]
CHR Extension: (Google Wallet) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Enhanced Steam) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-03-04] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2012-04-14] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files (x86)\SCP-DS\ScpService.exe [381952 2013-12-18] (Scarlet.Crush Productions) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139680 2012-07-09] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-09-25] (Wellbia.com Co., Ltd.) [File not signed]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
S4 MSSQLServerADHelper100; "c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [X]
S4 SQLAgent$SQLEXPRESS; "c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [X]
S4 SQLBrowser; "c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-14] (DT Soft Ltd)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15168 2012-03-10] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VSPerfDrv100; \??\C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 14:14 - 2014-09-13 14:15 - 00026240 _____ () C:\Users\Ricardo\Downloads\FRST.txt
2014-09-13 13:50 - 2014-09-13 14:14 - 00000000 ____D () C:\FRST
2014-09-13 13:50 - 2014-09-13 13:50 - 02105856 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST64.exe
2014-09-12 13:36 - 2014-09-12 13:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 13:14 - 2014-09-12 13:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ricardo\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-09 23:51 - 2014-09-09 21:24 - 206934248 _____ () C:\Users\Ricardo\Downloads\Turma 351_2013_2014_parte 1.mp4
2014-09-09 23:51 - 2014-09-09 21:24 - 123774688 _____ () C:\Users\Ricardo\Downloads\Turma 351_2013_2014_Parte 2.mp4
2014-09-06 21:35 - 2014-09-06 21:35 - 00000000 ____D () C:\Users\Ricardo\Documents\Electronic Arts
2014-09-06 21:27 - 2014-09-06 21:27 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-04 15:30 - 2014-09-04 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 15:30 - 2014-09-04 15:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-01 23:23 - 2014-09-01 23:41 - 00000000 ____D () C:\Users\Ricardo\Desktop\1.8 Server
2014-08-26 16:55 - 2014-08-26 16:55 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-26 16:55 - 2014-08-26 16:55 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-08-26 16:49 - 2014-08-26 16:49 - 00001682 _____ () C:\Users\Ricardo\Desktop\The Escapists.lnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 14:15 - 2014-09-13 14:14 - 00026240 _____ () C:\Users\Ricardo\Downloads\FRST.txt
2014-09-13 14:14 - 2014-09-13 13:50 - 00000000 ____D () C:\FRST
2014-09-13 14:11 - 2012-09-13 19:16 - 01306879 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 14:08 - 2012-09-13 21:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\LogMeIn Hamachi
2014-09-13 14:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-09-13 14:07 - 2014-05-12 18:25 - 00000000 ____D () C:\Program Files (x86)\SCP-DS
2014-09-13 14:07 - 2013-06-07 20:40 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-09-13 14:07 - 2013-05-31 17:46 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-09-13 14:07 - 2013-02-14 17:41 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 14:07 - 2012-12-28 22:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-13 14:07 - 2012-09-13 19:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-13 14:07 - 2010-11-21 04:47 - 01903572 _____ () C:\Windows\PFRO.log
2014-09-13 14:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-13 14:07 - 2009-07-14 05:51 - 00117713 _____ () C:\Windows\setupact.log
2014-09-13 13:58 - 2012-09-15 17:01 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe
2014-09-13 13:50 - 2014-09-13 13:50 - 02105856 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST64.exe
2014-09-13 13:48 - 2013-02-14 17:41 - 00001010 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 13:48 - 2009-07-14 05:45 - 00023136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-13 13:48 - 2009-07-14 05:45 - 00023136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-13 13:46 - 2012-09-13 20:50 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-13 13:42 - 2012-09-14 09:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 13:42 - 2012-09-13 19:16 - 00000000 ____D () C:\Users\Ricardo
2014-09-13 01:19 - 2012-09-13 23:13 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000UA.job
2014-09-13 01:03 - 2012-12-13 14:12 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Skype
2014-09-12 23:54 - 2013-10-23 17:49 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000UA.job
2014-09-12 17:54 - 2013-10-23 17:49 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000Core.job
2014-09-12 17:20 - 2012-09-13 20:10 - 00000000 ____D () C:\Windows\Panther
2014-09-12 15:01 - 2013-03-07 23:34 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-12 14:19 - 2012-09-13 23:13 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000Core.job
2014-09-12 13:36 - 2014-09-12 13:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 13:14 - 2014-09-12 13:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ricardo\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 00:34 - 2014-06-17 13:58 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Spotify
2014-09-11 15:56 - 2012-09-27 20:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-11 14:32 - 2014-03-22 17:22 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\.minecraft
2014-09-11 02:14 - 2012-09-13 23:26 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\BitTorrent
2014-09-10 20:42 - 2012-09-14 09:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 20:42 - 2012-09-14 09:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 20:42 - 2012-09-14 09:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 21:24 - 2014-09-09 23:51 - 206934248 _____ () C:\Users\Ricardo\Downloads\Turma 351_2013_2014_parte 1.mp4
2014-09-09 21:24 - 2014-09-09 23:51 - 123774688 _____ () C:\Users\Ricardo\Downloads\Turma 351_2013_2014_Parte 2.mp4
2014-09-08 23:19 - 2013-01-24 22:30 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\TS3Client
2014-09-08 19:02 - 2014-06-17 13:58 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Spotify
2014-09-07 03:43 - 2013-05-19 15:09 - 00000352 _____ () C:\Windows\Tasks\Driver Robot.job
2014-09-07 00:10 - 2013-07-31 20:31 - 00000000 ____D () C:\ProgramData\Origin
2014-09-06 21:35 - 2014-09-06 21:35 - 00000000 ____D () C:\Users\Ricardo\Documents\Electronic Arts
2014-09-06 21:34 - 2014-05-29 20:23 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-06 21:27 - 2014-09-06 21:27 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-06 21:27 - 2013-07-31 20:32 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Origin
2014-09-04 21:25 - 2012-09-13 23:14 - 00002376 _____ () C:\Users\Ricardo\Desktop\Google Chrome.lnk
2014-09-04 15:30 - 2014-09-04 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 15:30 - 2014-09-04 15:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-01 23:41 - 2014-09-01 23:23 - 00000000 ____D () C:\Users\Ricardo\Desktop\1.8 Server
2014-08-26 16:55 - 2014-08-26 16:55 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-26 16:55 - 2014-08-26 16:55 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-08-26 16:49 - 2014-08-26 16:49 - 00001682 _____ () C:\Users\Ricardo\Desktop\The Escapists.lnk
2014-08-26 16:49 - 2014-03-03 00:26 - 00000000 ____D () C:\Games
2014-08-25 15:54 - 2012-09-13 20:52 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-08-23 20:51 - 2012-11-17 18:28 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\vlc
2014-08-21 15:41 - 2009-07-14 06:08 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-18 23:47 - 2014-06-19 17:29 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\MahJong Suite
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 13:11
 
==================== End Of Log ============================
 
 
 
Addition.txt :
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Ricardo at 2014-09-13 14:15:20
Running from C:\Users\Ricardo\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Actualizações da NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.1.0.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.1.0.1 - ASUSTek COMPUTER INC.) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4015 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - )
Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Blade Symphony (HKLM-x32\...\Steam App 225600) (Version:  - Puny Human Games)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Cargo Commander 1.0.1 (HKLM-x32\...\Cargo Commander 1.0.1) (Version: 1.0.1 - Digital Tribe Games)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Cobalt (HKLM-x32\...\Cobalt) (Version:  - )
Codename Gordon (HKLM-x32\...\Steam App 92) (Version:  - Nuclear Vision)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd)
Dark Souls 2 (HKLM-x32\...\RGFya1NvdWxzMg==_is1) (Version: 1 - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dxtory version 2.0.120 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.120 - Dxtory Software)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Floris Mod Pack 2.54 (HKLM-x32\...\Floris Mod Pack_is1) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gameforge Live 2.0.3 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.3 - Gameforge)
Gods Will Be Watching (HKLM-x32\...\1207664883_is1) (Version: 2.0.0.1 - GOG.com)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hard Time  (HKLM-x32\...\Hard Time) (Version:  - MDickie)
I Am Alive (HKLM-x32\...\InstallShield_{62952508-8C6F-4D31-9802-099FC67B41C3}) (Version: 1.00.0 - Ubisoft)
I Am Alive (x32 Version: 1.00.0 - Ubisoft) Hidden
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\SW5qdXN0aWNlR29kc0Ftb25nVXNVbHRpbWF0ZUVkaXRpb24=_is1) (Version: 1 - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
King Arthur's Gold (HKLM-x32\...\{643B056F-61C1-4489-9797-4D846D101A7A}) (Version: 0.95.428.0 - THD)
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version:  - )
King Arthur's Gold Beta (HKLM-x32\...\{AC34F03B-B4C8-4892-8BD3-34DC1C7E8DE5}) (Version: 0.95.590.0 - THD)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
MahJong Suite 2010 Delux v7.1 (HKLM-x32\...\MahJong Suite_is1) (Version: 7.1.0.0 - TreeCardGames.com)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{9600393b-6ede-469b-a522-689fce1461d1}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version:  - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.7 - Mozilla)
Mozilla Thunderbird 17.0.7 (x86 pt-PT) (HKLM-x32\...\Mozilla Thunderbird 17.0.7 (x86 pt-PT)) (Version: 17.0.7 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.1 - )
NVIDIA Controlador 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Controlador gráfico 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA O controlador de 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA O controlador de HD Audio 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Painel de controlo da NVIDIA 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Reach  (HKLM-x32\...\Reach) (Version:  - MDickie)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Red Faction Guerrilla (HKLM-x32\...\InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}) (Version: 1.00.0000 - Volition Inc.)
Red Faction Guerrilla (x32 Version: 1.00.0000 - Volition Inc.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SFO (HKLM-x32\...\{55DC7C8C-1586-4FB7-BC82-3191B377C68F}) (Version: 1.9.5 - )
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version:  - )
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spacewar (HKLM-x32\...\Steam App 480) (Version:  - Valve)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Starbound (HKLM-x32\...\Starbound) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
The Wolf Among Us (HKLM-x32\...\VGhlV29sZkFtb25nVXM=_is1) (Version: 1 - )
The Wolf Among Us Episode 2 (HKLM-x32\...\The Wolf Among Us Episode 2_is1) (Version:  - CODEX)
Theme Resource Changer X64 v1.0 (HKLM\...\Theme Resource Changer X64 v1.0) (Version:  - Bad Ass Apps)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
Under the Ocean (HKLM-x32\...\Steam App 227720) (Version:  - Near Enough Games)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1523532335-3168408088-3117201863-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1523532335-3168408088-3117201863-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1523532335-3168408088-3117201863-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1523532335-3168408088-3117201863-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
06-09-2014 20:16:53 Installed DirectX
13-09-2014 12:37:29 Removido Creative ALchemy Universal
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-07-31 19:47 - 2014-05-29 20:21 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {032ED03D-1812-45EC-8482-7C936A464CAA} - System32\Tasks\{2F914982-E508-429E-8383-CB1F20AE7EB0} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/pp/abandoninstall?page=tsProgressBar
Task: {179F35FE-984E-416E-82FA-AFE535AAC577} - System32\Tasks\{C9DBEF51-5AAA-42C5-9D19-EB52C586B621} => Chrome.exe http://ui.skype.com/ui/0/6.16.0.105/pp/abandoninstall?page=tsProgressBar
Task: {3340102C-D072-4A62-BD1C-58B20B088578} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {35BEF6E4-0F3D-41AA-AA3F-E55DCC3AD833} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-14] (Google Inc.)
Task: {4426A949-FABA-4075-BB89-94DB793E2338} - System32\Tasks\AdobeAAMUpdater-1.0-Ricardo-PC-Ricardo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {5D03B493-B64F-4427-A8A2-72C2CC00ACBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-14] (Google Inc.)
Task: {6EEAA9CA-86C2-4D43-A31B-A9BB9E24152E} - System32\Tasks\RunOW => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
Task: {7B02C98F-3C16-4BAC-8B4D-4C7FEE6E2340} - System32\Tasks\Driver Robot => C:\Program Files (x86)\Driver Robot\Driver Robot.lnk
Task: {7B24744D-DCEF-4E3A-812A-1ED150747BFB} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{96D0793E-9EF6-41CA-B66D-D1EAADC699AA}.exe
Task: {9022286A-8A51-4178-AC39-4599FB5B36CB} - System32\Tasks\{2622FEA0-93B6-4B21-B14B-AA1EDF04A7A1} => C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe [2012-07-26] (Microsoft Corporation)
Task: {9156E101-08B6-4A3B-90C8-D31928C3CEA0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000UA => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13] (Google Inc.)
Task: {A3245FB9-832E-4A73-A12A-9D56A36C1577} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A76ED031-F5E6-41EE-9715-957A71C43C28} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {BB58EEF7-3FEE-42DE-A7C1-217BD1378057} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000UA => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-23] (Facebook Inc.)
Task: {BE6D9B4D-D640-4413-A70F-A62258BF7759} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{5D9813AB-4F97-4E6F-BE7E-16EA018A5F5C}.exe
Task: {C7FEC3C8-6E70-41C1-BA5A-DD8D87360E4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000Core => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13] (Google Inc.)
Task: {D52E52A2-3B00-437F-8387-5EA423C9DDF9} - System32\Tasks\{4C97C0F1-30FC-4557-B2D7-AC9C90AC099C} => C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe [2012-07-26] (Microsoft Corporation)
Task: {D66ABB33-1FBB-4CD2-B025-BC2FC9F17975} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000Core => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-23] (Facebook Inc.)
Task: {F4BDF66A-8FAD-4646-96B5-7A38612D83DD} - System32\Tasks\{2300BFD6-542F-486D-86BE-0377B1B10B81} => Chrome.exe http://www.skype.com/go/downloading?source=installer&amp;ver=6.3.0.105&amp;LastError=-9
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{96D0793E-9EF6-41CA-B66D-D1EAADC699AA}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{5D9813AB-4F97-4E6F-BE7E-16EA018A5F5C}.exe
Task: C:\Windows\Tasks\Driver Robot.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000Core.job => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000UA.job => C:\Users\Ricardo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000Core.job => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523532335-3168408088-3117201863-1000UA.job => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-07-28 20:17 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-09-15 17:33 - 2010-10-26 22:42 - 01182576 ____N () C:\Program Files\Tablet\Pen\libxml2.dll
2012-09-23 22:13 - 2014-05-29 21:24 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-13 20:52 - 2014-08-25 15:54 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2014-08-11 23:15 - 2014-08-11 23:14 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2012-04-19 14:30 - 2012-04-19 14:30 - 00188416 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2012-04-19 10:01 - 2012-04-19 10:01 - 00049152 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2014-08-11 23:15 - 2014-08-11 23:14 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-09-04 21:25 - 2014-08-30 03:49 - 01098056 _____ () C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 21:25 - 2014-08-30 03:49 - 00174408 _____ () C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 21:25 - 2014-08-30 03:49 - 08577864 _____ () C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 21:25 - 2014-08-30 03:49 - 00331592 _____ () C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 21:25 - 2014-08-30 03:49 - 01660232 _____ () C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2012-09-13 19:27 - 2012-02-07 17:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-09-04 21:25 - 2014-08-30 03:49 - 14669128 _____ () C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/13/2014 02:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 01:41:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 01:35:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/12/2014 05:22:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/12/2014 05:19:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: avgwdsvc.exe, versão: 13.0.0.3456, carimbo de data/hora: 0x528bf6a4
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de excepção: 0xc0000005
Desvio de falha: 0x00000000
ID do processo com falha: 0x7a8
Data/hora de início da aplicação com falha: 0xavgwdsvc.exe0
Caminho da aplicação com falha: avgwdsvc.exe1
Caminho do módulo com falha: avgwdsvc.exe2
ID do Relatório: avgwdsvc.exe3
 
Error: (09/12/2014 03:00:03 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: A geração do contexto de activação falhou para "assemblyIdentity1". Ocorreu um erro no manifesto ou ficheiro de política "assemblyIdentity2" na linha assemblyIdentity3.
O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" do atributo "version" no elemento "assemblyIdentity" é inválido.
 
Error: (09/12/2014 01:11:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2014 02:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2014 01:44:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/10/2014 10:38:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: A geração do contexto de activação falhou para "assemblyIdentity1". Ocorreu um erro no manifesto ou ficheiro de política "assemblyIdentity2" na linha assemblyIdentity3.
O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" do atributo "version" no elemento "assemblyIdentity" é inválido.
 
 
System errors:
=============
Error: (09/13/2014 02:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SQL Server (SQLEXPRESS) terminou inesperadamente. Isto aconteceu 1 vez(es).
 
Error: (09/13/2014 02:06:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou por FailureActions com o seguinte erro: 
%%5
 
Error: (09/13/2014 02:05:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (09/13/2014 01:41:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SQL Server (SQLEXPRESS) terminou inesperadamente. Isto aconteceu 1 vez(es).
 
Error: (09/13/2014 01:39:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: O serviço AVGIDSAgent não foi correctamente encerrado após a recepção de um controlo de pré-encerramento.
 
Error: (09/13/2014 01:38:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou por FailureActions com o seguinte erro: 
%%5
 
Error: (09/13/2014 01:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SQL Server (SQLEXPRESS) terminou inesperadamente. Isto aconteceu 1 vez(es).
 
Error: (09/13/2014 01:24:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Hora do Windows terminou com o seguinte erro: 
%%1115
 
Error: (09/13/2014 01:23:36 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou por FailureActions com o seguinte erro: 
%%5
 
Error: (09/12/2014 05:22:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SQL Server (SQLEXPRESS) terminou inesperadamente. Isto aconteceu 1 vez(es).
 
 
Microsoft Office Sessions:
=========================
Error: (09/13/2014 02:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 01:41:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 01:35:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/12/2014 05:22:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/12/2014 05:19:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgwdsvc.exe13.0.0.3456528bf6a4unknown0.0.0.000000000c0000005000000007a801cfce8284b46b4eC:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exeunknown9a762c41-3a98-11e4-8829-c86000e1b23d
 
Error: (09/12/2014 03:00:03 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (09/12/2014 01:11:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2014 02:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2014 01:44:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/10/2014 10:38:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 4063.14 MB
Available physical RAM: 2082.16 MB
Total Pagefile: 8124.48 MB
Available Pagefile: 5828.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:290.52 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 612EAA3E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 13 September 2014 - 01:14 PM

Ok.


Step 1

Please download this attached Attached File  fixlist.txt   151bytes   6 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download AdwCleaner (by Xplode) and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.


#5 AzoroFox

AzoroFox
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 13 September 2014 - 01:29 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Ricardo at 2014-09-13 19:19:23 Run:2
Running from C:\Users\Ricardo\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************
 
HKU\S-1-5-21-1523532335-3168408088-3117201863-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
EmptyTemp: => Removed 345.3 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
Thank you, a lot.
 
FRST Fix worked, should I still run AdwCleaner?


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 13 September 2014 - 01:39 PM

AdwCleaner would remove some other adware entries.

#7 AzoroFox

AzoroFox
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 13 September 2014 - 01:51 PM

# AdwCleaner v3.310 - Report created 13/09/2014 at 19:46:50
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Ricardo - RICARDO-PC
# Running from : C:\Users\Ricardo\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Browese2ssaaviee
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Ricardo\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Ricardo\AppData\Local\b1e
Folder Deleted : C:\Users\Ricardo\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Ricardo\AppData\Roaming\B1Toolbar
File Deleted : C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Deleted : C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Deleted : C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_ds3-tool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_ds3-tool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_minecraft-server_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_minecraft-server_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16421
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Before]
 
-\\ Google Chrome v
 
[ File : C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPF72B0D8D-61BD-41B5-B3D7-9BE132403976&q={searchTerms}
Deleted [Search Provider] : hxxp://www.softonic.com.br/s/{searchTerms}
Deleted [Search Provider] : hxxp://animeseed.com/index.php/search-results/?s_text={searchTerms}&global_search=Search
Deleted [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [11783 octets] - [13/09/2014 19:45:29]
AdwCleaner[S0].txt - [11681 octets] - [13/09/2014 19:46:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11742 octets] ##########
 
 
Ran it, restarted the computer, this showed up, I guess I'm Adware free?


#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 13 September 2014 - 02:37 PM

Yes it looks good now.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 AM

Posted 19 September 2014 - 03:29 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users