Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow computer // brownser !!!


  • This topic is locked This topic is locked
29 replies to this topic

#1 Marioo

Marioo

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 20 November 2014 - 02:56 PM

I have had problems with performance  on my notebook. What would you suggest me to do in this case??//   Thanks!!!



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:03 AM

Posted 26 November 2014 - 09:30 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/556973 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:03 AM

Posted 29 November 2014 - 03:30 PM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi Marioo,
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 29 November 2014 - 05:13 PM

First DDS  txt results as asked:::

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.67.2
Run by Mario at 19:59:15 on 2014-11-29
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3374.2237 [GMT -2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Skype\Updater\Updater.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mDefault_Search_URL = www.google.com
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - 
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - 
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Google Update] "C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRunOnce: [Application Restart #5] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session -- https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=21711&lang=eng&OSVersion=Windows%207%20(64-bit)*&DownloadType=Software%20Applications
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [EmailTray Activator] "C:\Program Files (x86)\EmailTray\bin\etactivator.exe" -autorun -allusers
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRunOnce: [Del180761728] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del"
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - 
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: Interfaces\{57A09F4D-5472-450A-88FA-CD092971DA04}\D4162796F6 : DHCPNameServer = 192.168.1.1 201.17.0.79 201.17.0.119
TCP: Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB} : DHCPNameServer = 201.17.0.79 201.17.0.119 201.6.4.116
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - 
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-mDefault_Page_URL = www.google.com
x64-mDefault_Search_URL = www.google.com
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
x64-Run: [IntelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-3-10 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-3-10 267632]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-3-10 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-3-10 436624]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-12-2 30752]
R1 RawDisk3;RawDisk3;C:\Windows\System32\drivers\rawdsk3.sys [2014-7-23 32912]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-25 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2014-3-10 83280]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-3-10 116728]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-22 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2012-7-18 514048]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-7-12 94208]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-7-12 78848]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-22 271752]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2012-7-18 979456]
R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2012-7-3 84480]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2012-7-3 182272]
R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2012-7-3 84992]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-4 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-12 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-26 287232]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2014-5-15 34544]
R3 USER_ESRV_SVC;User Energy Server Service;C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [2013-11-1 377768]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-4-16 39832]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-7-12 402720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
S2 ESRV_SVC;Energy Server Service;C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [2013-11-1 377768]
S2 SampleCollector;Intel® System Behavior Tracker Collector Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2013-11-1 266168]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
S3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-22 4012248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-11 114688]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-6 19456]
S3 semav6thermal64ro;semav6thermal64ro;C:\Windows\System32\drivers\semav6thermal64ro.sys [2012-11-15 13792]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-12 56832]
S3 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-27 2320920]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2014-7-2 59240]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2014-5-23 1642544]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-24 1255736]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-12 13336]
S4 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe --> C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [?]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-8-24 430136]
S4 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-21 108400]
S4 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-21 67952]
S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-7 304496]
S4 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-7-27 575856]
S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824]
S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456]
S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]
S4 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-7-27 836608]
.
=============== File Associations ===============
.
FileExt: .chm: chm.file="C:\Windows\hh.exe" %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-11-29 15:13:10 -------- d-----w- C:\Users\Mario\AppData\Roaming\iolo
2014-11-22 20:33:04 43152 ----a-w- C:\Windows\avastSS.scr
2014-11-18 23:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-18 23:08:47 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-18 23:08:47 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-18 23:08:46 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-17 20:05:23 -------- d-----w- C:\Windows\SysWow64\vbox
2014-11-17 20:05:23 -------- d-----w- C:\Windows\System32\vbox
2014-11-17 19:51:36 -------- d-----w- C:\Windows\System32\catroot2
2014-11-12 20:31:09 -------- d-sh--w- C:\Users\Mario\AppData\Local\EmieBrowserModeList
2014-11-11 21:28:07 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-11 21:28:07 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-11 21:28:05 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-11-11 21:28:04 77824 ----a-w- C:\Windows\System32\packager.dll
2014-11-11 21:28:04 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-11-11 21:28:02 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-11-11 21:28:02 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-11-11 21:28:01 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-11-11 21:28:01 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-11-10 21:35:07 -------- d-----w- C:\Program Files (x86)\Secunia
2014-11-06 18:21:03 -------- d-----w- C:\Program Files\CCleaner
2014-11-04 19:07:56 -------- d-----w- C:\ProgramData\IntelDLM
2014-11-04 19:06:02 -------- d-----w- C:\Users\Mario\AppData\Local\Intel
2014-11-04 19:04:59 -------- d-----w- C:\ProgramData\Package Cache
.
==================== Find3M  ====================
.
2014-11-26 23:04:33 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-25 20:11:51 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-25 20:11:51 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-22 20:33:25 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-11-22 20:33:05 83280 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2014-11-22 20:33:05 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-11-22 20:33:05 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-11-22 20:33:05 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-11-22 20:33:05 116728 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-11-22 20:33:04 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-10-21 22:27:29 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 16:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 16:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-10-01 13:11:26 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-01 13:11:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 13:11:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-05 02:11:09 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-09-05 01:52:41 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2013-09-20 12:13:38 475136 ----a-w- C:\Program Files (x86)\setup.exe
2013-09-20 12:13:38 2260992 ----a-w- C:\Program Files (x86)\openoffice401.msi
2009-03-19 18:38:48 99480 ----a-w- C:\Program Files\Uninstall.exe
.
============= FINISH: 20:02:12.50 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 12/21/2010 9:53:23 PM
System Uptime: 11/29/2014 7:57:11 PM (1 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core™ i3 CPU       M 370  @ 2.40GHz | N/A | 2394/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 126.09 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Bnbase
Device ID: ROOT\LEGACY_BNBASE\0000
Manufacturer: 
Name: Bnbase
PNP Device ID: ROOT\LEGACY_BNBASE\0000
Service: Bnbase
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Sftfs
Device ID: ROOT\LEGACY_SFTFS\0000
Manufacturer: 
Name: Sftfs
PNP Device ID: ROOT\LEGACY_SFTFS\0000
Service: Sftfs
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Baidu NetDefense
Device ID: ROOT\LEGACY_BNDEF\0000
Manufacturer: 
Name: Baidu NetDefense
PNP Device ID: ROOT\LEGACY_BNDEF\0000
Service: Bndef
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Baidu Protect
Device ID: ROOT\LEGACY_BPROTECT\0000
Manufacturer: 
Name: Baidu Protect
PNP Device ID: ROOT\LEGACY_BPROTECT\0000
Service: Bprotect
.
==== System Restore Points ===================
.
RP862: 9/17/2014 9:08:12 AM - Removed Safari
RP863: 9/17/2014 6:34:55 PM - Revo Uninstaller's restore point - Google Chrome
RP864: 9/17/2014 7:05:27 PM - Revo Uninstaller's restore point - Google Chrome
RP865: 9/17/2014 7:07:18 PM - Revo Uninstaller's restore point - Google Chrome
RP866: 9/17/2014 7:12:34 PM - Revo Uninstaller's restore point - Google Chrome
RP867: 9/18/2014 1:14:18 PM - Revo Uninstaller's restore point - Google Chrome
RP868: 9/18/2014 5:29:52 PM - Removed HP Product Detection
RP869: 9/18/2014 5:30:46 PM - Removed HP Update.
RP870: 9/19/2014 12:10:26 PM - Installed Microsoft Fix it 50195
RP871: 9/22/2014 5:39:19 PM - Removed Google Earth.
RP872: 9/24/2014 3:00:38 PM - Windows Update
RP873: 10/3/2014 4:54:57 PM - Windows Update
RP874: 10/3/2014 6:50:24 PM - Windows Backup
RP875: 10/11/2014 4:23:16 PM - Installed OpenOffice 4.1.1
RP876: 10/11/2014 4:42:38 PM - Instalado OpenOffice 4.1.1 Language Pack (Portuguese (Brazil))
RP877: 10/14/2014 4:40:17 PM - Windows Update
RP878: 10/27/2014 7:52:55 PM - Revo Uninstaller's restore point - Safari
RP879: 10/29/2014 9:52:18 PM - Restore Operation
RP880: 10/29/2014 10:01:19 PM - avast! antivirus system restore point
RP881: 10/29/2014 10:52:03 PM - Installed Xmarks for IE
RP882: 10/29/2014 10:59:09 PM - Revo Uninstaller's restore point - Safari
RP883: 10/31/2014 4:01:32 PM - avast! antivirus system restore point
RP884: 10/31/2014 9:06:39 PM - Windows Backup
RP885: 11/4/2014 5:04:29 PM - Intel® Driver Update Utility
RP886: 11/4/2014 5:24:27 PM - Intel® Driver Update Utility
RP887: 11/8/2014 5:59:08 PM - avast! antivirus system restore point
RP888: 11/10/2014 8:59:55 PM - Revo Uninstaller's restore point - Secunia PSI (3.0.0.9016)
RP889: 11/11/2014 7:33:17 PM - Windows Update
RP890: 11/11/2014 8:09:09 PM - Windows Update
RP891: 11/11/2014 9:02:56 PM - Windows Update
RP892: 11/17/2014 5:01:26 PM - Tweaking.com - Windows Repair
RP893: 11/17/2014 5:11:50 PM - 11-17-14 .. create a restore point
RP894: 11/19/2014 3:00:30 PM - Windows Update
RP895: 11/19/2014 3:28:37 PM - Windows Update
RP896: 11/19/2014 3:44:28 PM - Windows Update
RP897: 11/19/2014 9:16:23 PM - Windows Update
RP898: 11/20/2014 3:01:39 PM - Windows Update
RP899: 11/20/2014 8:18:25 PM - Windows Update
RP900: 11/22/2014 6:31:40 PM - avast! antivirus system restore point
RP901: 11/25/2014 6:38:28 PM - Installed Microsoft Fix it 50202
RP902: 11/25/2014 6:39:36 PM - Installed Microsoft Fix it 50202
RP903: 11/26/2014 9:29:31 PM - Installed 64 Bit HP CIO Components Installer
RP904: 11/26/2014 9:46:51 PM - Installed 64 Bit HP CIO Components Installer
RP905: 11/27/2014 11:32:31 AM - Removido OpenOffice 4.1.1 Language Pack (Portuguese (Brazil))
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Manager for VAIO
ArcSoft WebCam Companion 3
Ashampoo Burning Studio FREE v.1.14.5
Auslogics DiskDefrag
Avast Free Antivirus
Best Buy pc app
Bing Rewards Client Installer
Bonjour
BufferChm
CCleaner
D110
EmailTray 4.0
Facebook Video Calling 3.1.0.521
Google Chrome
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HPAppStudio
HPDiagnosticAlert
Intel PROSet Wireless
Intel WiMAX Tutorial
Intel® Chipset Device Software
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Intel® Wireless Display
Intel® PROSet/Wireless WiMAX Software
Internet Explorer (Enable DEP)
iTunes
Java 7 Update 67
Java 8 Update 20 (64-bit)
Java 8 Update 25 (64-bit)
Java Auto Updater
Java™ 6 Update 33
Malwarebytes Anti-Malware versão 2.0.3.1025
Media Gallery
Microsoft .NET Framework 4.5.1
Microsoft Office Click-to-Run 2010
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Web Platform Installer 5.0
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Network64
NirSoft ShellExView
OOBE
OpenOffice 4.1.1
PlayReady PC Runtime amd64
PMB
PMB VAIO Edition Guide
PMB VAIO Edition plug-in (Click to Disc)
PMB VAIO Edition plug-in (VAIO Image Optimizer)
PMB VAIO Edition plug-in (VAIO Movie Story)
PS_AIO_07_D110_SW_Min
QuickTime 7
QuickTransfer
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Remote Keyboard
Remote Play with PlayStation 3
Remote Play with PlayStation®3
Revo Uninstaller 1.95
Scan
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skype Click to Call
Skype Web Plugin
Skype™ 6.21
Speccy
SQLite_3_7_8_x64
System Requirements Lab for Intel
Toolbox
Tweaking.com - Windows Repair (All in One)
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition plug-in (Click to Disc)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
VAIO - Remote Keyboard
VAIO Care
VAIO Care Recovery
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Health Report
VAIO Help and Support
VAIO Manual
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story Template Data
VAIO Platform Update Program
VAIO Quick Web Access
VAIO Sample Contents
VAIO Smart Network
VAIO Survey
VAIO Transfer Support
VAIO Update
VAIO Wireless Wizard
VGClientX64
VGClientX86
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VU5x64
VU5x86
WebReg
Windows Live Sync
Xmarks for IE
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
11/29/2014 7:58:19 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Bnbase Bndef Bprotect
11/29/2014 7:58:19 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/29/2014 7:57:57 PM, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The dependency service or group failed to start.
11/29/2014 7:57:52 PM, Error: Service Control Manager [7001]  - The Application Virtualization Client service depends on the Sftfs service which failed to start because of the following error:  A device attached to the system is not functioning.
11/29/2014 7:57:52 PM, Error: Service Control Manager [7000]  - The Sftfs service failed to start due to the following error:  A device attached to the system is not functioning.
11/28/2014 6:44:37 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/28/2014 10:13:37 PM, Error: Microsoft-Windows-WMPNSS-Service [14365]  - Proximity detection failed due to unknown error '0x80004004'.  The best proximity time detected was -1 milliseconds.
11/27/2014 1:37:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
11/26/2014 4:05:08 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
11/26/2014 4:02:38 PM, Error: Service Control Manager [7022]  - The Intel® System Behavior Tracker Collector Service service hung on starting.
11/24/2014 3:51:51 PM, Error: Schannel [36888]  - The following fatal alert was generated: 70. The internal error state is 105.
.
==== End Of File ===========================
 

Attached Files


Edited by xXToffeeXx, 30 November 2014 - 09:39 AM.
Posted logs for ease~


#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:03 AM

Posted 30 November 2014 - 09:58 AM

Hi Marioo,
 
We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove".
If you do not use or need these programs then you can uninstall them:

Adobe AIR
Best Buy pc app
Bing Rewards Client Installer
Google Talk Plugin
Google Toolbar for Internet Explorer
Java 7 Update 67
Java 8 Update 20 (64-bit)
Java™ 6 Update 33
Skype Click to Call
Skype Web Plugin
Yahoo! Software Update

Additional instructions can be found here if needed.
 
--------------
 
Please download Autoruns.
 
Open Downloads in your browser and click on the Autoruns download.
 
Click on Run to initiate the installation.
 
When Autoruns loads you will see an image similar to the one below.
 
autorunsscreen_zps2ac55e2e.png
 
Click on File, then click on Save.
 
Choose Desktop as the destination, then click on the down arrow in the Save as type: box and click on Text (*.txt), then click on Save.
 
There will be a Text icon on the desktop titled AutoRuns, click on it to open the log.
 
Copy the log and paste it in your next post.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 30 November 2014 - 01:26 PM

I  already have autoruns latest version  intalled but found no icon to click at the footscreen  in order to download the autoruns file.txt. Can you help me out please???  By the way I have several files not found!!!   Thanks!!!( I have 51 files not found - what about that???)

 

Note>>  I did not find Best Buy pc app and   Bing reawards client installer,  (but best buy pc app is found on register)

 

Google talk plugin -  a display   "Error opening installation log file. Verify tha the specified log file location exists and is writable"

 

Google toolbar for internet Explorer was uninstalled ( Why do I need to uninstall it ???)

 

Skipe click to call  -  displays " Error opening installation log file. Verify that the specified log file location exists and is writalbel"

Skipe web plugin - Why do i need to uninstall it  as  I use skipe all the time!!!!

 

all javas  displeays >>>> WAIT UNTIL THE CURRENT PROGRAM IS FINISHED OR BEING CHANGED

 

Yahoo Software update >>>>   displays the same thing as above!!!

 

 

So I have  thoroghly  tryed to unisntall theses programs but failed   almost each attempt    I   have revo unisntaller already installed. Should I run it??

 

 

Thanksss!!!

Attached Files


Edited by Marioo, 30 November 2014 - 03:20 PM.


#7 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 01 December 2014 - 01:24 PM

I have news about programs unisntalled!!!

 

 

best buy app  is not in the listing

 

bing rewards client installer   is not in the listing ( programs and features)

 

 

Google talk plugin was uninstalled

 

google toolbar for internet Explores was uninstalled

 

java 7 up date 67 was uninstalled

 

java 8 update 20  (64 bit) was uninstalled

 

Java 6 update 33 >>> Error 1723. There is a problem with this windows installer package. A DLL requires for this install to complete  could not be run. Contact your support personel or package vendor.

 

skipe click to call was uninstalled

 

skipe web plugin  was uninstalled

 

yahoo softaware update   was uninstalled

 

 

so it is all for a while...!!!   Thanks!!!


Edited by Marioo, 01 December 2014 - 01:25 PM.


#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:03 AM

Posted 01 December 2014 - 02:44 PM

Hi Marioo,

 

Sounds good, the programs which cannot be found may be hidden. 

 

Please reopen autoruns (right click and choose Run as administrator), press Ctrl and F together and type Adobe ARMPress Find Next and a line will be highlighted. Remove the check from the box, and repeat the steps for the ones listed below:

EmailTray Activator

QuickTime Task

swg

Xmarks

 

Please restart, has there been any difference on performance?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 01 December 2014 - 04:12 PM

well,  almost every one was unchecked but  swg  was not found!!!   Thanks..!!   waiting next steps!!!

 

 

I have a txt.file  "addition",  should I download it  on here???????

 

 

What about Java 6 Update 33 ?????


Edited by Marioo, 01 December 2014 - 04:17 PM.


#10 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:03 AM

Posted 04 December 2014 - 11:42 AM

Hi Marioo,
 
How is the computer running now?
 

What about Java 6 Update 33 ?????

We will get to that, just want to check with this log first.
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#11 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 04 December 2014 - 06:19 PM

By the way I have uninstalled java 6  update 33  and have wainted for your email several days already only today it came to me!!!

Now I have txt.files to you :::   Thanksss!!!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Mario (administrator) on MARIO-VAIO on 04-12-2014 21:05:01
Running from C:\Users\Mario\Desktop
Loaded Profile: Mario (Available profiles: Mario & MARLY SANTOS & Mario II & Guest & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Speedbit Ltd.) C:\Program Files (x86)\Common Files\SpeedBit\SBUpdate\SBUpdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2012-07-25] (Intel® Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-22] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-25] (Google Inc.)
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [Del180761728] => cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" <===== ATTENTION
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * SmartDefragBootTime.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://en.wikipedia.org/wiki/Main_Page
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 201.17.0.79 201.17.0.119 201.6.4.116
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-653965563-4121391022-2668741360-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Mario\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-01]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-10]
 
Chrome: 
=======
CHR HomePage: Profile 2 -> https://www.google.com.br/?gws_rd=ssl
CHR StartupUrls: Profile 2 -> "https://www.google.com.br/?gws_rd=ssl"
CHR DefaultSuggestURL: Profile 2 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]
CHR Extension: (The Latest Versions of Google Chrome) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibclkcoilbnbnppanidhimphmfbjaab [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19]
CHR Extension: (Facebook) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-09-20]
CHR Extension: (Meu endereço IP) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2014-09-20]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19]
CHR Extension: (Secure Profile) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eddeeogaiodnhfkingpegpmhpdiifbgh [2014-09-20]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-11]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (Editor do Office) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2014-11-06]
CHR Extension: (AdBlock) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-20]
CHR Extension: (Office Apps) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbcdbdkiaadpbkggggekjcpmgjekkke [2014-11-06]
CHR Extension: (Mark For Later) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-09-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-04]
CHR Extension: (Google Maps) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-09-20]
CHR Extension: (OneDrive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
CHR Extension: (Outlook.com) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-09-20]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19]
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-19]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-13]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-13]
CHR Extension: (Similar Sites Pro) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl [2014-09-19]
CHR Extension: (Mark For Later) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-09-19]
CHR Extension: (Delicious Bookmarks Extension) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnaelnkmidnndgikjbiifihgklnocljd [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19]
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-19]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]
CHR Extension: (100,000 Books - Wattpad) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgbiianmgbopnpohjfbkmdjmmdlndjfj [2014-09-19]
CHR Extension: (The Latest Versions of Google Chrome) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bibclkcoilbnbnppanidhimphmfbjaab [2014-09-19]
CHR Extension: (Grooveshark) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blelaljgakacjdeaggpjilljobdmboff [2014-10-27]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19]
CHR Extension: (Facebook) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-09-19]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19]
CHR Extension: (Google +) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-09-19]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-11]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (AdBlock) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-25]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-19]
CHR Extension: (Vagalume Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\imgifdjgkjodebilndbbamlpjfeofmfa [2014-10-27]
CHR Extension: (Office Apps) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jdbcdbdkiaadpbkggggekjcpmgjekkke [2014-10-25]
CHR Extension: (Mark For Later) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-09-19]
CHR Extension: (Blogger) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2014-09-19]
CHR Extension: (Google Maps) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-09-19]
CHR Extension: (My Cloud Player) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nbfjhlpinelhnncgfpgfekddidnbnaab [2014-10-25]
CHR Extension: (OneDrive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
CHR Extension: (Outlook.com) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-09-19]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19]
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (The Latest Versions of Google Chrome) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bibclkcoilbnbnppanidhimphmfbjaab [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-11]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-11]
CHR Extension: (Browser Locker) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hnnecpmejibghfcebehiepoppfhceppl [2014-09-20]
CHR Extension: (Mark For Later) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-09-20]
CHR Extension: (Google Play) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-17]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-17]
CHR Extension: (Mark For Later) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-21]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-10-21]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-21]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-21]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-21]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-21]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-21]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-21]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-21]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-10-21]
CHR Extension: (Mark For Later) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-21]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-21]
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Apresentações) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-23]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-23]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-23]
CHR Extension: (Splendid) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-23]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-23]
CHR Extension: (Avast SafePrice) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-23]
CHR Extension: (Planilhas do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-23]
CHR Extension: (Avast Online Security) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-23]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-23]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-23]
CHR HKU\S-1-5-21-653965563-4121391022-2668741360-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-22] (Avast Software)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2012-07-18] (Red Bend Ltd.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
S4 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2012-07-18] (Intel® Corporation) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-22] ()
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-15] (EldoS Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-07-13] (EldoS Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-08-13] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-05-15] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-22] (Avast Software)
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
U2 MSSQL$DDNI; No ImagePath
S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-04 21:04 - 2014-12-04 21:04 - 00000000 ____D () C:\Users\Mario\Desktop\FRST-OlderVersion
2014-12-04 20:43 - 2014-12-04 20:43 - 00003344 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-653965563-4121391022-2668741360-1001
2014-12-04 20:43 - 2014-12-04 20:43 - 00003210 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-653965563-4121391022-2668741360-1001
2014-12-04 20:40 - 2014-12-04 20:40 - 00001281 _____ () C:\Users\Mario\AppData\Local\PDLSetup.20141204.204003.txt
2014-12-04 16:02 - 2014-12-04 16:02 - 00001697 _____ () C:\Users\Mario\Google Drive.lnk
2014-12-04 12:10 - 2014-12-01 20:57 - 00001430 _____ () C:\Users\Mario\Documents\FixExec.txt
2014-12-04 11:59 - 2014-12-04 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-12-04 11:21 - 2014-12-04 20:42 - 00000168 _____ () C:\Windows\setupact.log
2014-12-04 11:21 - 2014-12-04 11:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-01 21:21 - 2014-12-01 21:22 - 00880784 _____ (Google Inc.) C:\Users\Mario\Downloads\googledrivesync.exe
2014-12-01 19:32 - 2014-12-01 19:32 - 01324600 _____ (Sony Corporation) C:\Users\Mario\Downloads\SOOOTH-P0103014-11C0.EXE
2014-11-30 17:23 - 2014-11-30 17:23 - 00001639 _____ () C:\Users\Mario\Desktop\xmarkssync - Shortcut.lnk
2014-11-30 16:55 - 2014-11-30 16:55 - 00099194 _____ () C:\Users\Mario\Desktop\AutoRuns.txt
2014-11-29 21:04 - 2014-11-29 21:04 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xmarks
2014-11-29 21:04 - 2014-11-29 21:04 - 00000000 ____D () C:\Program Files (x86)\Xmarks
2014-11-29 20:21 - 2014-11-29 20:21 - 00112612 _____ () C:\Users\Mario\Desktop\Shortcut.txt
2014-11-29 20:19 - 2014-11-29 20:21 - 00062960 _____ () C:\Users\Mario\Desktop\Addition.txt
2014-11-29 20:17 - 2014-12-04 21:05 - 00035153 _____ () C:\Users\Mario\Desktop\FRST.txt
2014-11-29 20:15 - 2014-12-04 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRST-OlderVersion
2014-11-29 20:04 - 2014-11-29 20:05 - 00003692 _____ () C:\Users\Mario\Desktop\Attach.zip
2014-11-29 20:02 - 2014-11-29 20:02 - 00023137 _____ () C:\Users\Mario\Desktop\dds.txt
2014-11-29 20:02 - 2014-11-29 20:02 - 00010926 _____ () C:\Users\Mario\Desktop\attach.txt
2014-11-29 19:39 - 2014-11-29 19:40 - 00688992 _____ (Swearware) C:\Users\Mario II\Downloads\dds.com
2014-11-29 19:31 - 2014-11-29 19:31 - 00000000 ____D () C:\Users\Mario II\AppData\Local\Adobe
2014-11-29 13:13 - 2014-12-01 19:41 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\iolo
2014-11-28 22:02 - 2014-11-28 22:02 - 00001611 _____ () C:\Users\Mario\Desktop\Media Player - Shortcut.lnk
2014-11-28 19:35 - 2014-11-28 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-28 19:29 - 2014-11-28 19:29 - 00000000 __SHD () C:\Users\Mario II\AppData\Local\EmieBrowserModeList
2014-11-27 11:20 - 2014-11-27 11:20 - 00002980 _____ () C:\Windows\System32\Tasks\{8DA5B3A5-3B74-496F-B202-DAC9D9EB94E1}
2014-11-27 11:02 - 2014-11-27 11:10 - 00000000 ____D () C:\Users\Mario\Downloads\WINDOWS POWER SHEL 3.0
2014-11-27 10:32 - 2014-11-27 12:18 - 00000000 ____D () C:\Users\Mario\Downloads\WINDOWS POWER SHELL 4.0
2014-11-25 18:28 - 2014-11-25 18:28 - 00000782 _____ () C:\Users\Mario\Desktop\CCleaner.lnk
2014-11-25 18:28 - 2014-11-25 18:28 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-25 17:22 - 2014-11-25 17:22 - 00000197 _____ () C:\Windows\system32\2014-11-25-19-22-26.001-AvastVBoxSVC.exe-3084.log
2014-11-24 15:47 - 2014-11-24 15:47 - 00000197 _____ () C:\Windows\system32\2014-11-24-17-47-19.083-AvastVBoxSVC.exe-3440.log
2014-11-22 22:40 - 2014-11-22 22:40 - 00000197 _____ () C:\Windows\system32\2014-11-23-00-40-21.020-AvastVBoxSVC.exe-3344.log
2014-11-22 19:22 - 2014-11-22 19:22 - 00000247 _____ () C:\Windows\system32\2014-11-22-21-22-24.087-aswFe.exe-6644.log
2014-11-22 19:14 - 2014-11-22 19:22 - 00000247 _____ () C:\Windows\system32\2014-11-22-21-14-48.041-aswFe.exe-6052.log
2014-11-22 19:14 - 2014-11-22 19:14 - 00000197 _____ () C:\Windows\system32\2014-11-22-21-14-42.021-AvastVBoxSVC.exe-312.log
2014-11-22 18:33 - 2014-11-22 18:33 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-22 18:33 - 2014-11-22 18:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-21 20:29 - 2014-11-21 20:29 - 00000247 _____ () C:\Windows\system32\2014-11-21-22-29-03.026-aswFe.exe-5188.log
2014-11-21 20:21 - 2014-11-21 20:28 - 00000247 _____ () C:\Windows\system32\2014-11-21-22-21-08.033-aswFe.exe-3052.log
2014-11-21 20:13 - 2014-11-21 20:13 - 00000197 _____ () C:\Windows\system32\2014-11-21-22-13-05.043-AvastVBoxSVC.exe-4140.log
2014-11-21 16:53 - 2014-11-21 18:23 - 00000247 _____ () C:\Windows\system32\2014-11-21-18-53-04.083-aswFe.exe-2112.log
2014-11-21 15:52 - 2014-11-21 15:52 - 00000197 _____ () C:\Windows\system32\2014-11-21-17-52-34.049-AvastVBoxSVC.exe-3500.log
2014-11-21 15:31 - 2014-11-21 15:31 - 00002387 _____ () C:\Users\Mario\Desktop\Inicializador de aplicativos do Google Chrome.lnk
2014-11-20 18:57 - 2014-11-20 18:57 - 00000247 _____ () C:\Windows\system32\2014-11-20-20-57-47.026-aswFe.exe-5328.log
2014-11-20 18:43 - 2014-11-20 18:57 - 00000247 _____ () C:\Windows\system32\2014-11-20-20-43-01.038-aswFe.exe-5508.log
2014-11-20 18:33 - 2014-11-20 18:33 - 00000197 _____ () C:\Windows\system32\2014-11-20-20-33-36.083-AvastVBoxSVC.exe-6968.log
2014-11-20 15:18 - 2014-11-20 15:18 - 00000247 _____ () C:\Windows\system32\2014-11-20-17-18-09.019-aswFe.exe-6164.log
2014-11-20 15:04 - 2014-11-20 15:18 - 00000247 _____ () C:\Windows\system32\2014-11-20-17-04-33.078-aswFe.exe-5904.log
2014-11-20 13:39 - 2014-11-20 15:04 - 00000247 _____ () C:\Windows\system32\2014-11-20-15-39-19.020-aswFe.exe-4408.log
2014-11-20 13:39 - 2014-11-20 13:39 - 00000197 _____ () C:\Windows\system32\2014-11-20-15-39-11.031-AvastVBoxSVC.exe-4772.log
2014-11-19 21:08 - 2014-11-19 21:08 - 00000197 _____ () C:\Windows\system32\2014-11-19-23-08-53.028-AvastVBoxSVC.exe-1936.log
2014-11-19 15:42 - 2014-11-19 15:42 - 00000247 _____ () C:\Windows\system32\2014-11-19-17-42-21.003-aswFe.exe-5228.log
2014-11-19 15:29 - 2014-11-19 15:29 - 00000197 _____ () C:\Windows\system32\2014-11-19-17-29-12.053-AvastVBoxSVC.exe-5636.log
2014-11-19 13:23 - 2014-11-19 13:23 - 00000247 _____ () C:\Windows\system32\2014-11-19-15-23-20.068-aswFe.exe-6128.log
2014-11-19 13:16 - 2014-11-19 13:23 - 00000247 _____ () C:\Windows\system32\2014-11-19-15-16-06.007-aswFe.exe-1140.log
2014-11-19 13:02 - 2014-11-19 13:02 - 00000197 _____ () C:\Windows\system32\2014-11-19-15-02-26.008-AvastVBoxSVC.exe-4212.log
2014-11-18 21:16 - 2014-11-18 21:16 - 00000247 _____ () C:\Windows\system32\2014-11-18-23-16-20.027-aswFe.exe-4404.log
2014-11-18 21:09 - 2014-11-18 21:16 - 00000247 _____ () C:\Windows\system32\2014-11-18-23-09-58.046-aswFe.exe-5256.log
2014-11-18 21:08 - 2014-11-11 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 21:08 - 2014-11-11 01:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 21:08 - 2014-11-11 00:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 21:08 - 2014-11-11 00:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 20:50 - 2014-11-18 20:50 - 00000197 _____ () C:\Windows\system32\2014-11-18-22-50-36.046-AvastVBoxSVC.exe-3984.log
2014-11-18 14:51 - 2014-11-18 14:51 - 00000247 _____ () C:\Windows\system32\2014-11-18-16-51-24.047-aswFe.exe-3680.log
2014-11-18 14:44 - 2014-11-18 14:51 - 00000247 _____ () C:\Windows\system32\2014-11-18-16-44-09.046-aswFe.exe-1776.log
2014-11-18 14:33 - 2014-11-18 14:33 - 00000197 _____ () C:\Windows\system32\2014-11-18-16-33-19.038-AvastVBoxSVC.exe-448.log
2014-11-17 18:19 - 2014-11-17 18:19 - 00000247 _____ () C:\Windows\system32\2014-11-17-20-19-33.032-aswFe.exe-2684.log
2014-11-17 18:12 - 2014-11-17 18:19 - 00000247 _____ () C:\Windows\system32\2014-11-17-20-12-19.083-aswFe.exe-3720.log
2014-11-17 18:12 - 2014-11-17 18:12 - 00000197 _____ () C:\Windows\system32\2014-11-17-20-12-13.023-AvastVBoxSVC.exe-4824.log
2014-11-17 18:05 - 2014-11-17 18:05 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-17 18:05 - 2014-11-17 18:05 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-17 16:30 - 2014-11-17 16:30 - 00003408 ____N () C:\bootsqm.dat
2014-11-12 18:31 - 2014-11-12 18:31 - 00000000 __SHD () C:\Users\Mario\AppData\Local\EmieBrowserModeList
2014-11-11 19:32 - 2014-11-07 17:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:32 - 2014-11-07 17:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:32 - 2014-11-06 02:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:32 - 2014-11-06 02:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:32 - 2014-11-06 02:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:32 - 2014-11-06 01:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:32 - 2014-11-06 01:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:32 - 2014-11-06 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:32 - 2014-11-06 01:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:32 - 2014-11-06 01:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:32 - 2014-11-06 01:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:32 - 2014-11-06 01:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:32 - 2014-11-06 01:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:32 - 2014-11-06 01:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:32 - 2014-11-06 01:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:32 - 2014-11-06 01:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:32 - 2014-11-06 01:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:32 - 2014-11-06 01:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:32 - 2014-11-06 01:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:32 - 2014-11-06 01:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:32 - 2014-11-06 01:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:32 - 2014-11-06 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:32 - 2014-11-06 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:32 - 2014-11-06 01:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:32 - 2014-11-06 01:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:32 - 2014-11-06 01:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:32 - 2014-11-06 01:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:32 - 2014-11-06 01:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:32 - 2014-11-06 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:32 - 2014-11-06 01:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:32 - 2014-11-06 01:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:32 - 2014-11-06 01:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:32 - 2014-11-06 00:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:32 - 2014-11-06 00:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:32 - 2014-11-06 00:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:32 - 2014-11-06 00:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:32 - 2014-11-06 00:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:32 - 2014-11-06 00:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:32 - 2014-11-06 00:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:32 - 2014-11-06 00:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:32 - 2014-11-06 00:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:32 - 2014-11-06 00:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:32 - 2014-11-06 00:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:32 - 2014-11-06 00:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:32 - 2014-11-06 00:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:32 - 2014-11-06 00:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:32 - 2014-11-06 00:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:32 - 2014-11-06 00:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:32 - 2014-11-06 00:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:32 - 2014-11-06 00:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:32 - 2014-11-06 00:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:32 - 2014-11-06 00:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:32 - 2014-11-05 23:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:32 - 2014-11-05 23:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:32 - 2014-11-05 23:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:32 - 2014-11-05 23:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:28 - 2014-11-05 15:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:28 - 2014-11-05 15:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:28 - 2014-11-05 15:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:28 - 2014-10-24 23:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:28 - 2014-10-24 23:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:28 - 2014-08-21 04:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:28 - 2014-08-21 04:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:28 - 2014-08-21 04:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:28 - 2014-08-21 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:27 - 2014-10-18 00:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:27 - 2014-10-17 23:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:27 - 2014-10-14 00:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:27 - 2014-10-14 00:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:27 - 2014-10-14 00:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:27 - 2014-10-14 00:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:27 - 2014-10-14 00:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:27 - 2014-10-14 00:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:27 - 2014-10-13 23:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:27 - 2014-10-13 23:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:27 - 2014-10-13 23:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:27 - 2014-10-13 23:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:27 - 2014-10-13 23:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:27 - 2014-10-09 22:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:27 - 2014-10-03 00:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:27 - 2014-10-03 00:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:27 - 2014-10-03 00:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:27 - 2014-10-03 00:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:27 - 2014-10-03 00:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:27 - 2014-10-02 23:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:27 - 2014-10-02 23:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:27 - 2014-10-02 23:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:27 - 2014-09-19 07:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:27 - 2014-09-19 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:27 - 2014-09-19 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:27 - 2014-09-19 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:27 - 2014-09-19 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:27 - 2014-09-19 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:27 - 2014-09-19 07:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:27 - 2014-09-19 07:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:27 - 2014-09-19 07:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:27 - 2014-09-19 07:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:27 - 2014-09-19 07:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:27 - 2014-09-19 07:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:27 - 2014-08-12 00:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:27 - 2014-08-11 23:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 19:35 - 2014-11-10 21:07 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-08 18:00 - 2014-11-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-06 16:30 - 2014-11-06 16:30 - 00692374 _____ () C:\Users\Mario\Documents\cc_20141106_163002.reg
2014-11-06 16:21 - 2014-11-25 18:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-06 16:21 - 2014-11-14 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-06 16:21 - 2014-11-06 16:21 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 ____D () C:\ProgramData\IntelDLM
2014-11-04 17:06 - 2014-11-04 17:06 - 00000000 ____D () C:\Users\Mario\AppData\Local\Intel
2014-11-04 17:04 - 2014-11-04 17:26 - 00000000 ____D () C:\ProgramData\Package Cache
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-04 21:05 - 2014-10-07 16:08 - 00000000 ____D () C:\FRST
2014-12-04 21:04 - 2014-10-06 21:23 - 02117632 _____ (Farbar) C:\Users\Mario\Desktop\FRST64.exe
2014-12-04 21:01 - 2012-12-03 18:00 - 00000802 _____ () C:\Windows\Tasks\SBWUpdateTask_Time_ba2c0ee9-00231573A50D.job
2014-12-04 21:01 - 2012-12-03 18:00 - 00000802 _____ () C:\Windows\Tasks\SBWUpdateTask_Logon_ba2c0ee9-00231573A50D.job
2014-12-04 21:01 - 2010-07-27 06:05 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 20:57 - 2012-03-05 12:40 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-653965563-4121391022-2668741360-1001UA.job
2014-12-04 20:57 - 2012-03-05 12:40 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-653965563-4121391022-2668741360-1001Core.job
2014-12-04 20:47 - 2009-07-14 02:45 - 00022704 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-04 20:47 - 2009-07-14 02:45 - 00022704 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-04 20:46 - 2010-11-10 07:18 - 01726165 _____ () C:\Windows\WindowsUpdate.log
2014-12-04 20:46 - 2009-07-14 03:13 - 00820096 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 20:42 - 2010-07-27 06:05 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-04 20:42 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-04 20:42 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\tracing
2014-12-04 20:30 - 2010-12-22 12:12 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Skype
2014-12-04 20:22 - 2014-04-08 23:04 - 00000193 _____ () C:\Windows\WORDPAD.INI
2014-12-04 20:19 - 2013-03-10 18:44 - 00000000 ___RD () C:\Users\Mario\Google Drive
2014-12-04 16:11 - 2012-04-01 16:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-04 16:01 - 2010-12-21 21:53 - 00000000 ____D () C:\Users\Mario
2014-12-04 15:49 - 2013-11-28 17:54 - 00000000 ____D () C:\Users\Mario\Documents\P.H.O.T.O.S
2014-12-04 13:59 - 2012-05-16 22:07 - 00000000 ___RD () C:\Users\Mario\Downloads\E-BOOKS  FOLDERS
2014-12-04 12:00 - 2010-12-21 22:04 - 00000000 ____D () C:\Users\Mario\AppData\Local\Google
2014-12-04 11:59 - 2010-07-27 06:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-03 15:34 - 2014-03-10 18:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 15:34 - 2010-12-22 12:12 - 00000000 ____D () C:\ProgramData\Skype
2014-12-03 15:30 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-02 22:10 - 2013-07-25 11:54 - 00000000 ____D () C:\Program Files (x86)\EmailTray
2014-12-02 22:10 - 2013-06-19 19:30 - 00000000 ____D () C:\ProgramData\EmailTray
2014-12-02 12:26 - 2013-11-12 21:51 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-01 19:22 - 2010-07-12 19:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-01 19:06 - 2010-12-21 21:59 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A73F264E-296A-43AC-9E41-48553E92E5D0}
2014-12-01 16:32 - 2013-12-06 23:12 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-01 16:08 - 2011-01-16 19:51 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-12-01 16:08 - 2011-01-16 19:51 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-01 16:06 - 2013-09-28 01:39 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Mozilla
2014-12-01 15:48 - 2014-08-05 16:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-30 16:36 - 2010-07-27 06:05 - 00000000 ____D () C:\ProgramData\Google
2014-11-29 21:04 - 2013-04-09 17:35 - 00000000 ____D () C:\Users\Mario\AppData\Local\Xmarks
2014-11-29 20:15 - 2014-10-06 21:23 - 02117632 _____ (Farbar) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRST64.exe
2014-11-29 19:31 - 2014-05-20 19:02 - 00000000 ____D () C:\Users\Mario II\AppData\Roaming\Adobe
2014-11-29 13:07 - 2014-07-16 20:03 - 00000806 _____ () C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Outlook, Hotmail, Skype, Notícias, Fotos e Vídeos.website
2014-11-28 19:28 - 2014-05-20 19:02 - 00072112 _____ () C:\Users\Mario II\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-28 19:26 - 2009-07-14 02:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-11-28 18:33 - 2011-07-29 13:20 - 00000000 ____D () C:\Users\Mario\Documents\Fatima - Contas da Igreja
2014-11-27 12:18 - 2013-07-11 18:53 - 00000000 ___RD () C:\Users\Mario\Downloads\CONCURSOS
2014-11-27 11:17 - 2012-06-28 01:23 - 01367078 _____ () C:\Windows\SysWOW64\debug.log
2014-11-26 21:04 - 2014-04-14 22:21 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-25 18:11 - 2012-04-01 16:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 18:11 - 2012-04-01 16:31 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 18:11 - 2011-06-16 22:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-24 14:04 - 2010-12-21 22:01 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 18:33 - 2014-10-31 16:09 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-22 18:33 - 2014-04-25 13:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-22 18:33 - 2014-03-10 16:40 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-20 20:20 - 2009-07-14 01:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-17 17:53 - 2010-12-21 21:59 - 00072112 _____ () C:\Users\Mario\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-17 17:50 - 2009-07-14 02:45 - 00318128 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-17 17:44 - 2009-07-14 00:34 - 00000474 _____ () C:\Windows\win.ini
2014-11-16 19:56 - 2010-07-27 06:05 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 19:56 - 2010-07-27 06:05 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 16:16 - 2014-08-01 23:22 - 00002159 _____ () C:\Users\Mario\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-11-14 13:07 - 2013-05-22 20:42 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-11 21:05 - 2014-04-30 16:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-11 19:45 - 2013-07-11 12:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 19:35 - 2011-01-19 15:29 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 10:21 - 2011-07-16 20:36 - 00024403 _____ () C:\ProgramData\hpzinstall.log
2014-11-11 10:07 - 2009-07-14 03:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-06 16:35 - 2014-01-10 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-11-06 16:24 - 2013-01-01 11:12 - 00000000 ___DC () C:\Users\Mario\AppData\Local\MigWiz
2014-11-06 16:24 - 2010-07-12 18:26 - 00000000 ____D () C:\Windows\Panther
2014-11-06 12:37 - 2014-10-29 20:20 - 00001624 _____ () C:\Users\Mario\Desktop\SFCFix.txt
2014-11-06 12:37 - 2014-10-29 20:19 - 00000000 ____D () C:\SFCFix
2014-11-06 12:37 - 2014-10-29 20:01 - 00000000 ____D () C:\Users\Mario\AppData\Local\niemiro
2014-11-04 17:09 - 2010-07-27 05:53 - 00000000 ____D () C:\Program Files\Intel
 
Some content of TEMP:
====================
C:\Users\MARLY SANTOS\AppData\Local\Temp\qxgxtcvx.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-03 19:51
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Mario at 2014-12-04 21:06:54
Running from C:\Users\Mario\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.390 - ArcSoft)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
DealPly (HKU\.DEFAULT\...\DealPly) (Version:  - ) <==== ATTENTION
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{4327107B-E95E-415C-9194-458FCED6BF12}) (Version: 13.03.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java™ 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
Malwarebytes Anti-Malware versão 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
OOBE (x32 Version: 3.10.0630 - Sony Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (x32 Version: 5.8.02.10270 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote Play with PlayStation®3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
VAIO - Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM\...\{55A60C1D-BEBF-4249-BFB2-F4E5C2E77988}) (Version: 8.4.1.07021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 4.3.0.05310 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (x32 Version: 2.2.00.05120 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.2.0.07020 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Help and Support (HKLM-x32\...\{AD3E7141-A22E-40F1-A7A4-55E898AE35E3}) (Version: 12.00.0622 - Sony Corporation)
VAIO Manual (x32 Version: 1.1.0.05280 - Sony Corporation) Hidden
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (x32 Version: 2.1.0.14080 - Sony Corporation) Hidden
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.2.0.16080 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Survey (x32 Version: 6.00.1028 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.2.0.06230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO Wireless Wizard (x32 Version: 3.0.0.06230 - Sony) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Xmarks for IE (HKLM-x32\...\{ABFA6EAE-C9C0-4B39-B722-02094EF6B889}) (Version: 127.0.177 - Xmarks)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\so_activex_x64.dll ()
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-653965563-4121391022-2668741360-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
 
==================== Restore Points  =========================
 
17-09-2014 12:08:12 Removed Safari
17-09-2014 21:34:55 Revo Uninstaller's restore point - Google Chrome
17-09-2014 22:05:27 Revo Uninstaller's restore point - Google Chrome
17-09-2014 22:07:18 Revo Uninstaller's restore point - Google Chrome
17-09-2014 22:12:34 Revo Uninstaller's restore point - Google Chrome
18-09-2014 16:14:18 Revo Uninstaller's restore point - Google Chrome
18-09-2014 20:29:52 Removed HP Product Detection
18-09-2014 20:30:46 Removed HP Update.
19-09-2014 15:10:26 Installed Microsoft Fix it 50195
22-09-2014 20:39:19 Removed Google Earth.
24-09-2014 18:00:38 Windows Update
03-10-2014 19:54:57 Windows Update
03-10-2014 21:50:24 Windows Backup
11-10-2014 19:23:16 Installed OpenOffice 4.1.1
11-10-2014 19:42:38 Instalado OpenOffice 4.1.1 Language Pack (Portuguese (Brazil))
14-10-2014 19:40:17 Windows Update
27-10-2014 21:52:55 Revo Uninstaller's restore point - Safari
29-10-2014 23:52:18 Restore Operation
30-10-2014 00:01:19 avast! antivirus system restore point
30-10-2014 00:52:03 Installed Xmarks for IE
30-10-2014 00:59:09 Revo Uninstaller's restore point - Safari
31-10-2014 18:01:32 avast! antivirus system restore point
31-10-2014 23:06:39 Windows Backup
04-11-2014 19:04:29 Intel® Driver Update Utility
04-11-2014 19:24:27 Intel® Driver Update Utility
08-11-2014 19:59:08 avast! antivirus system restore point
10-11-2014 22:59:55 Revo Uninstaller's restore point - Secunia PSI (3.0.0.9016)
11-11-2014 21:33:17 Windows Update
11-11-2014 22:09:09 Windows Update
11-11-2014 23:02:56 Windows Update
17-11-2014 19:01:26 Tweaking.com - Windows Repair
17-11-2014 19:11:50 11-17-14 .. create a restore point
19-11-2014 17:00:30 Windows Update
19-11-2014 17:28:37 Windows Update
19-11-2014 17:44:28 Windows Update
19-11-2014 23:16:23 Windows Update
20-11-2014 17:01:39 Windows Update
20-11-2014 22:18:25 Windows Update
22-11-2014 20:31:40 avast! antivirus system restore point
25-11-2014 20:38:28 Installed Microsoft Fix it 50202
25-11-2014 20:39:36 Installed Microsoft Fix it 50202
26-11-2014 23:29:31 Installed 64 Bit HP CIO Components Installer
26-11-2014 23:46:51 Installed 64 Bit HP CIO Components Installer
27-11-2014 13:32:31 Removido OpenOffice 4.1.1 Language Pack (Portuguese (Brazil))
29-11-2014 23:03:01 Installed Xmarks for IE
01-12-2014 17:11:40 Windows Backup
01-12-2014 17:46:48 Removed Java 7 Update 67
01-12-2014 17:54:03 Removed Java 8 Update 20 (64-bit)
01-12-2014 18:00:36 Removed Java™ 6 Update 33
01-12-2014 18:02:12 Removed Java™ 6 Update 33
01-12-2014 18:05:59 Removed Google Talk Plugin
01-12-2014 18:06:50 Removed Skype Click to Call
01-12-2014 18:07:46 Removed Skype Web Plugin
03-12-2014 22:05:43 Windows Update
04-12-2014 16:04:51 Mario - restore point - 04/12/14
04-12-2014 22:39:23 Removed Intel® Wireless Display.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 00:34 - 2014-11-17 17:44 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02684F69-A152-40A5-BA1F-82551AEA0323} - System32\Tasks\{990D18E2-77BE-4AD6-9B58-3237E88E72F3} => Chrome.exe 
Task: {049BB052-8827-4801-8587-52EE1523CD80} - System32\Tasks\{71824268-D483-4190-BB34-582A647C2866} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {04C197B8-2B87-46FA-8151-C03D02C5160F} - System32\Tasks\{E7C0FE79-7858-41C3-9C9F-60CA3A42F322} => C:\Users\Mario\Downloads\SOAVCA-00987888-10E0.EXE
Task: {06BE1CAE-D3B5-4551-94A9-9D2121FF0297} - System32\Tasks\{866404B8-740B-4517-AEF4-481ED4DAECF2} => C:\Users\Mario\Downloads\SOAVCA-00987888-10E0.EXE
Task: {06F5F678-6251-42E5-A2AF-A3D6E8E7760F} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {07ED3ACD-8FE4-4EFE-81A1-1A46A3042367} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {086B683C-AB83-46E3-B06E-899FD1191FF9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-653965563-4121391022-2668741360-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {0C5120C3-5591-4EB9-8670-6D0563405B9D} - System32\Tasks\{314518D0-0B97-4859-9D33-17902AC22347} => C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\Silverlight.Configuration.exe
Task: {0D3398CA-CF0D-479A-9232-CD0BEBA44D8F} - System32\Tasks\{16BE8DC9-C315-4C7C-AFA5-E570FF764B37} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {0DD87B3E-6CCE-449D-B0C1-F30A610608B1} - System32\Tasks\{42281327-D011-46DD-B261-7939F8D0AB1E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {114D261E-ECD9-40CF-93F6-783E08C146C5} - System32\Tasks\{5DE4ED2D-EED1-4865-AB73-20323345F909} => msiexec.exe /package "C:\Users\Mario\Downloads\intel_srldetect_4.5.13.0.msi"
Task: {129FAC05-3D29-410C-8746-6D60A7DE858B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-22] (AVAST Software)
Task: {1362DF0F-9144-4060-950D-9842B59502BF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
Task: {14155474-3913-4D13-9A19-D718622DD91C} - System32\Tasks\{CFCA86C7-12E3-4216-ABA6-D00B35C9A29D} => Chrome.exe 
Task: {144AD55D-F330-4CCC-8BAB-24C08BE9F7FF} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {15B1713B-2D9A-4F7B-B4A5-31297F85A51D} - System32\Tasks\{AA29F910-16CD-452E-A200-7D4CBAAC9ED0} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {1A244596-61EF-488B-9B66-9229DEBF11DA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1AA20A02-2DEC-4F17-BE61-652233DA7A9B} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music MARLY SANTOS => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
Task: {1AA96651-0245-44F7-9881-59BA50C6C99B} - System32\Tasks\{D7C31C85-FFD5-4388-BB8F-A48D0FE5C8D3} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {1B613EAC-6C95-4B71-BFF3-4454085A2F89} - System32\Tasks\SBWUpdateTask_Logon_ba2c0ee9-00231573A50D => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2012-12-03] (Speedbit Ltd.)
Task: {1CB0969F-1E28-40D4-8087-FC9DA6F56FAD} - System32\Tasks\{86585BF4-4B4E-47F9-8A41-AA85B6F1019B} => C:\Program Files (x86)\DAP\DAP.exe
Task: {1F3A6BD8-B820-45E4-97D3-4E24691380AB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\esrv\task.vbs"
Task: {240D2AA2-A3C2-4A15-80F7-803A92A1E8D4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {27D41C00-8D7D-4554-99A3-758DB1002BAF} - System32\Tasks\{0389F788-25A8-431B-9D9C-705788A18B09} => msiexec.exe /package "C:\Users\Mario\Downloads\intel_srldetect_4.5.13.0.msi"
Task: {2917E425-9936-49EC-B14D-EAF05C169CA7} - System32\Tasks\{3BB5E895-6A1F-421B-BC9E-969469670738} => Iexplore.exe http://ui.skype.com/ui/0/6.10.59.104/pt/go/help.faq.installer?LastError=1618
Task: {2B429827-BE46-4DF3-A887-A3CF5CA6404C} - System32\Tasks\{8DA5B3A5-3B74-496F-B202-DAC9D9EB94E1} => C:\Program Files (x86)\OpenOffice 4\program\soffice.exe [2014-08-13] (Apache Software Foundation)
Task: {2CAB00C4-F8F4-4AC3-8F86-8847111D676C} - System32\Tasks\{3238E9E4-7B49-46AC-95EB-687D3458CE36} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {2E5703B6-2E0D-4A47-8C12-312E406DE78F} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
Task: {31C879B1-6AB1-4107-AFDA-CC575141F55A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {361B1CBB-99A2-4AC9-A14A-BF97AD283196} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {3A5312A0-D9E8-4E7B-9C16-5569EA920155} - System32\Tasks\{9FB0B7A9-E1F7-4528-89E8-3136DCD1BF74} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/pt/go/help.faq.installer?LastError=1618
Task: {3A598E66-8E04-44E0-BDC9-E6F8B7B95ACF} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {3BF95BAE-21DC-44B1-B4C1-3DCDD68E9B88} - System32\Tasks\{CFFCE908-3057-45A9-B552-6AF87E94E1E3} => C:\Program Files (x86)\BrOffice.org 3\program\soffice.exe
Task: {45052A17-00E9-43E1-B7EA-15A187F45C08} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {4A8DB580-0B8D-458B-8971-7E6AA067719A} - System32\Tasks\{957A57CB-F54E-4361-917D-D728856E3440} => C:\Users\Mario\AppData\Local\Temp\ICReinstall_CodecPackage.exe <==== ATTENTION
Task: {51842E5E-1EDE-41D8-B814-8B909771E110} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {53DA5D98-877E-4DFA-A0AD-52376515F3B1} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {5401C0CB-7E7F-4091-8BE0-19C375EEDB8C} - System32\Tasks\{6675CBBF-9BA5-4EBD-BFA2-56B3DA25B3C8} => C:\Program Files (x86)\InstallShield Installation Information\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}\setup.exe
Task: {5446EEB1-EC5E-4E0F-A905-29C4B543633F} - System32\Tasks\{F08159EA-3DFF-4D67-8D44-12148E94283E} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {55CF1F19-FCEC-4982-A1FA-276F091976C3} - System32\Tasks\{BE38437B-7C4B-49CF-9C5D-8BFCD4CD18A0} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {56181E57-C0AC-4C4E-BEB2-3998EDB3336D} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music MSANTOSP => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
Task: {594613DB-4EC8-4E9B-B1A9-2C39CC297F1C} - System32\Tasks\{ED36F5D2-4908-41AE-890E-ACEC73E00677} => C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe
Task: {5A8F9521-3A8E-485D-8731-7AC162FE1158} - System32\Tasks\{EF180F13-1398-4E60-925A-1E55945A75C8} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {5D9BC78B-B75B-4F94-BBA5-A8E4C756C882} - System32\Tasks\{880B35B6-A326-42CD-9345-62CE8E43903A} => C:\Users\Mario\Downloads\IE11-Windows6.1.exe
Task: {5FF5E81F-E83F-4E5C-A51E-E3D2C6CF4589} - System32\Tasks\Memory_Test => C:\Windows\system32\MdSched.exe [2010-11-20] (Microsoft Corporation)
Task: {60E8562B-7AE8-4547-8613-B03D3BB48A6B} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {650537FE-4B5C-40BE-BB15-916FB20C89AE} - System32\Tasks\{A1A1338A-70FA-470D-BD1C-3B0F8F73AE0A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {65ADA6B1-FDEA-43F4-AC5F-0C8C9DBA57A4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {66250111-E212-40D5-B7D7-0AEEB9CEFAF1} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {7014D10C-0F86-4D35-B588-C9E7405C206B} - System32\Tasks\SBWUpdateTask_Time_ba2c0ee9-00231573A50D => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2012-12-03] (Speedbit Ltd.)
Task: {73873420-99CF-4E43-9FF1-5B8B4106737D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {76F8B9C1-A05F-4D77-A971-08F6AC5EE1C4} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)
Task: {79247FED-4DAF-4AC0-A15E-64F4D0A459A2} - System32\Tasks\{35ED40FB-7E28-4184-97FB-CC46B07FBB9D} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {7AEB3A9A-82AD-4C53-9139-8ED0CF3799A7} - System32\Tasks\DSite => C:\Users\Mario\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7D426B97-8292-46DE-9368-5BF8AAABE8B9} - System32\Tasks\{0AE232A9-A0E0-4B38-98A7-3E459E9CEE08} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {80A3549D-48D2-4D7B-BA7D-7F00DE5B9949} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-653965563-4121391022-2668741360-1001UA => C:\Users\Mario\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {85CD2846-ED71-484B-BF00-F974E632555A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {8671243C-4FFF-4342-A4B4-11854028FE44} - System32\Tasks\{46696535-7D51-4C2E-9308-7ABEAC0BE8E9} => C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe
Task: {87E47C7A-0A45-4436-A743-1278A49B5896} - System32\Tasks\{1AB1899E-AC14-405C-8326-E46E5703E072} => Chrome.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {880EB182-89E8-4F22-86FB-78A16E8E568E} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {88A0EEC0-9478-4075-B878-2EB717EC09F3} - System32\Tasks\{D0D65348-E341-49F0-8070-63AFEE5667D4} => C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\Silverlight.Configuration.exe
Task: {8E787F6B-BCEE-482F-B74B-220FFCD83E11} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-653965563-4121391022-2668741360-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {8FF0A885-3D37-417C-AB1D-980BCB20FB90} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {91F4CFFC-42F3-464D-9689-39D16B525511} - System32\Tasks\{2C4DE6D2-6A4C-41B9-BAF1-EEC11C97DA46} => C:\Program Files (x86)\BrOffice.org 3\program\soffice.exe
Task: {92A37EB9-A0E1-4D53-919E-77377B9C2B64} - System32\Tasks\Driver Booster SkipUAC (Mario) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {95054DCB-9ED7-429D-9D96-877B62648248} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {9507DC5B-758F-4A76-AE43-522F5FEED597} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {979C6D19-0120-40F0-9465-32D9E78768B3} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe
Task: {99EBA0BA-6B05-4527-8369-A209CDBF7344} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)
Task: {9C684F9F-DD03-42D6-95CA-A47EBCAB3F3D} - System32\Tasks\{02D32B21-B70B-4542-A05D-193A7A5D1856} => C:\Program Files (x86)\EmailTray\bin\etEmailTray.exe
Task: {A1384090-F654-42F0-82F6-A0A309505CEB} - System32\Tasks\{89803922-8396-47A3-BF62-91941D3C741A} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {A15D544F-EA0F-4045-B918-B0DFAB8F0FC1} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {A1A2E250-25C1-4DCA-ADB7-AEC6D8359356} - System32\Tasks\4685 => Wscript.exe C:\Users\Mario\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {A4BE20E4-2F03-4933-AA36-A44C0F9EDE3C} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Mario => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
Task: {A95E49E7-CF11-40CF-8FF9-EC00B477F4FE} - System32\Tasks\{4B3A9B44-A852-412D-9C46-749D31FEBFC6} => C:\Program Files (x86)\BrOffice.org 3\program\soffice.exe
Task: {AAAB50A7-3744-42F2-BE00-20A11E37B1D5} - System32\Tasks\{7487B133-1764-4B31-88E1-EACFC466092B} => C:\Program Files (x86)\InstallShield Installation Information\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}\setup.exe
Task: {AB5BDC7A-4920-481C-AA20-F4CCB32446E0} - System32\Tasks\{CAE1C3C5-7108-4306-B818-4B1872EAD591} => Chrome.exe 
Task: {AD0C789B-1375-4BD5-A295-54253FEC99CF} - System32\Tasks\{8EA6EABB-AFE9-4B63-A919-F55BFBCED32E} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {B052B6E9-51EE-45B2-ACCE-FB5F2249668E} - System32\Tasks\{E4DAD258-C86D-4EAF-81BB-06D19AB3BE42} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {B0E89B3A-12B3-459B-AD43-899F111200AC} - System32\Tasks\{EC524F03-1314-4A18-B321-6C53CBB3DF3F} => C:\Program Files (x86)\BrOffice.org 3\program\soffice.exe
Task: {B3EAB967-736C-416F-888D-50AC58CB7DC7} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)
Task: {B5BAFFBC-5E90-401B-B818-E8237D8C2935} - System32\Tasks\{97C4D656-DA68-4964-9310-E12CAE92EA27} => Chrome.exe http://ui.skype.com/ui/0/6.11.0.102/pt/go/help.faq.installer?LastError=1618
Task: {B7065E61-0E7B-4C60-9240-6E66A0821022} - System32\Tasks\{2D688B77-80E1-4FFC-92B6-AD84D8D2DC51} => msiexec.exe /package "C:\Users\Mario\Downloads\intel_srldetect_4.5.13.0.msi"
Task: {B8DAB3EF-B46C-4254-9114-AC253F9B3D0E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {B9520DC5-45E2-4E15-AE19-9E42F6E5BE19} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {B973C5EA-C06E-4AC7-A338-4D7452690B8E} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: {B99F4A95-59B5-4D86-BDC5-186636B3F9DD} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {BA377D65-A810-4CC8-A3F6-36CC50A7E373} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {BAA07C96-039E-4DEB-A6FD-266F9F0D8B7E} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {BE711F50-2033-42FA-9FCF-5994A1266D15} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-653965563-4121391022-2668741360-1001Core => C:\Users\Mario\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {BEDC7512-99D4-4A56-8F36-1ACB60C2EB00} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-653965563-4121391022-2668741360-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {BF93BC85-70DF-4854-8EC5-12AC901219D6} - System32\Tasks\{81E2BCA2-86CD-4797-BDF0-24B88E87725A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {BFDF05D6-1A51-408F-8D4C-7A016BCDA92A} - System32\Tasks\{71EADEA1-A8B1-4510-A729-DD715C867DB2} => Chrome.exe 
Task: {C1244F9C-E086-4DB1-87AB-ECA24BA78B77} - System32\Tasks\{7FA519BD-5E85-4263-8124-5FC126E3EE35} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {C5DA06B8-D0B7-4936-9248-1E0B927BDB37} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-653965563-4121391022-2668741360-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {C60C235D-EC70-4BF6-967A-60C0110D44D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {C80970D7-EE7E-4511-AC48-4D738B5EF8DC} - System32\Tasks\{2D8B2A70-F594-4E56-A8B7-657EC68EACFA} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
Task: {C81E7D23-6BCA-4676-A229-2EA2681B10D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CA698AEA-F27C-4EBB-A0FC-E8A3910F00DF} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: {CC08E16D-42A9-4EBD-8F3C-C121014C7BB0} - System32\Tasks\{5C777F74-2BC3-42CF-9768-EA21F33BA00A} => C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
Task: {CC254755-B567-491D-A88B-A25CB97A4203} - System32\Tasks\Games\UpdateCheck_S-1-5-21-653965563-4121391022-2668741360-1001
Task: {CE690EAD-6CFF-4813-8196-1587D7CE7B72} - System32\Tasks\{5F55B81B-996C-4A40-97DE-6CC4B52649A8} => C:\Program Files (x86)\BrOffice.org 3\program\soffice.exe
Task: {D2604686-FC90-49A7-BF53-4ED73CC1F4B4} - System32\Tasks\{79537740-4CFE-427B-9335-5561506207AA} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {D7678ABF-FE23-4E90-AD3C-FF88AB84DBB5} - System32\Tasks\{63E44B8A-B329-4CB5-A2AB-3204EE3D258A} => Chrome.exe 
Task: {D956007C-A0A3-43A9-8AA4-DA30E629A3AD} - System32\Tasks\{0C01110B-1366-4D67-9DE0-11F1C0E71335} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: {D9ECF27F-66DC-42EA-90C4-083F6BC2A2A5} - System32\Tasks\{3136F726-21DB-4FA2-8577-C4014E907FC9} => C:\Program Files\Sony\VAIO Care\VAIOCare.exe [2014-07-02] (Sony Corporation)
Task: {DAA47F1B-C7D2-43E7-85CD-FD8142951CCB} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {DBC97754-C275-4192-A5E9-094E94C39F34} - System32\Tasks\{18856FC9-0A8D-4852-A253-C487C440E49B} => Chrome.exe http://ui.skype.com/ui/0/6.14.59.104/en/go/help.faq.installer?LastError=1618
Task: {DEF9B2E7-10DD-4A04-AA36-36562ABF287B} - System32\Tasks\{B3EA0115-9263-4E25-8814-DCBB9E9649C9} => C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe [2014-11-06] (Xmarks.com)
Task: {ED14DEC5-72C4-42B8-A8F8-1C40EEE0D842} - System32\Tasks\{F5549ED6-BF9D-457F-BC5E-0A6978E90347} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {F2DC2F91-A56F-46D7-B857-29FF429B718F} - System32\Tasks\{E00CF486-C154-47C5-877D-9E790B80D4B0} => Iexplore.exe http://ui.skype.com/ui/0/6.10.0.104/pt/go/help.faq.installer?LastError=1618
Task: {F6B889D6-80BB-47AC-87A1-03E59EEAE5E1} - System32\Tasks\{3DD4E871-0B88-421F-AB58-1C69BA5C55F6} => C:\Users\Mario\AppData\Local\Temp\ICReinstall_CodecPackage.exe <==== ATTENTION
Task: {F90A87DE-0EDC-4584-851E-BBB9547C2A79} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {FBCE75FA-1E56-4F99-BE82-F0D988856F63} - System32\Tasks\{DD1DFCFA-45A1-4606-85B6-D50D206647B3} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-653965563-4121391022-2668741360-1001Core.job => C:\Users\Mario\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-653965563-4121391022-2668741360-1001UA.job => C:\Users\Mario\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SBWUpdateTask_Logon_ba2c0ee9-00231573A50D.job => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe
Task: C:\Windows\Tasks\SBWUpdateTask_Time_ba2c0ee9-00231573A50D.job => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-01 15:59 - 2013-11-01 15:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-12-04 15:25 - 2014-12-04 15:25 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120401\algo.dll
2014-11-22 18:32 - 2014-11-22 18:32 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-22 18:33 - 2014-11-22 18:33 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-26 16:07 - 2014-11-25 04:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 16:07 - 2014-11-25 04:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 16:07 - 2014-11-25 04:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 16:07 - 2014-11-25 04:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\Users\Mario\Downloads\outlookreportduplicatessetup.exe:BDU
AlternateDataStreams: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Outlook, Hotmail, Skype, Notícias, Fotos e Vídeos.website:TASKICON_0854F4951FCBF6C450892031DA153B1-391562580
AlternateDataStreams: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Outlook, Hotmail, Skype, Notícias, Fotos e Vídeos.website:TASKICON_1854F4951FCBF6C450892031DA153B11026628863
AlternateDataStreams: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Outlook, Hotmail, Skype, Notícias, Fotos e Vídeos.website:TASKICON_2854F4951FCBF6C450892031DA153B1-567912132
AlternateDataStreams: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\MSN Brasil - Outlook, Hotmail, Skype, Notícias, Fotos e Vídeos.website:TASKICON_3854F4951FCBF6C450892031DA153B11041095353
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DMAgent => 2
MSCONFIG\Services: ESRV_SVC => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ioloSystemService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McComponentHostServiceSony => 3
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 2
MSCONFIG\Services: SOHDms => 2
MSCONFIG\Services: SOHDs => 2
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: USER_ESRV_SVC => 3
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VAIO Power Management => 2
MSCONFIG\Services: VCFw => 2
MSCONFIG\Services: VcmIAlzMgr => 2
MSCONFIG\Services: VcmINSMgr => 2
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\Services: WiMAXAppSrv => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EmailTray Activator => "C:\Program Files (x86)\EmailTray\bin\etactivator.exe" -autorun -allusers
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: IntelWirelessWiMAX => "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
MSCONFIG\startupreg: RtHDVBg_Dolby => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
MSCONFIG\startupreg: SHTtray.exe => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Sweetpacks Communicator => 
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-653965563-4121391022-2668741360-500 - Administrator - Disabled)
Guest (S-1-5-21-653965563-4121391022-2668741360-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-653965563-4121391022-2668741360-1004 - Limited - Enabled)
Mario (S-1-5-21-653965563-4121391022-2668741360-1001 - Administrator - Enabled) => C:\Users\Mario
Mario II (S-1-5-21-653965563-4121391022-2668741360-1015 - Limited - Enabled) => C:\Users\Mario II
MARLY SANTOS (S-1-5-21-653965563-4121391022-2668741360-1005 - Limited - Enabled) => C:\Users\MARLY SANTOS
 
==================== Faulty Device Manager Devices =============
 
Name: Bnbase
Description: Bnbase
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bnbase
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Sftfs
Description: Sftfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Sftfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Baidu NetDefense
Description: Baidu NetDefense
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bndef
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Baidu Protect
Description: Baidu Protect
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Bprotect
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/04/2014 08:54:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VCSystemTray.exe, version: 8.4.1.6110, time stamp: 0x53aa90ab
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0xc3c
Faulting application start time: 0xVCSystemTray.exe0
Faulting application path: VCSystemTray.exe1
Faulting module path: VCSystemTray.exe2
Report Id: VCSystemTray.exe3
 
Error: (12/04/2014 08:54:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.ImportCardinalityMismatchException
Stack:
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   at VCSystemTray.ViewModel.MainWindowViewModel.CollectRSOCData(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.TimerQueueTimer.CallCallback()
   at System.Threading.TimerQueueTimer.Fire()
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
 
Error: (12/04/2014 08:50:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VAIOShell.exe, version: 8.4.1.6110, time stamp: 0x53a92a9b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xe0434352
Fault offset: 0x000000000000940d
Faulting process id: 0x155c
Faulting application start time: 0xVAIOShell.exe0
Faulting application path: VAIOShell.exe1
Faulting module path: VAIOShell.exe2
Report Id: VAIOShell.exe3
 
Error: (12/04/2014 08:50:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VAIOShell.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
Stack:
   at System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VAIOShell.App.Main()
 
Error: (12/04/2014 08:50:34 PM) (Source: System.ServiceModel 4.0.0.0) (EventID: 105) (User: Mario-VAIO)
Description: An event or events were not traced.
 
Original event string:
 
<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Critical"><TraceIdentifier>UnhandledException</TraceIdentifier><Description>Unhandled exception</Description><AppDomain>VAIOShell.exe</AppDomain><Exception><ExceptionType>System.ComponentModel.Win32Exception, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Application not found</Message><StackTrace>   at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG&amp;amp; msg)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
   at System.Windows.Application.RunInternal(Window window)
   at System.Windows.Application.Run()
   at VAIOShell.App.Main()</StackTrace><ExceptionString>System.ComponentModel.Win32Exception (0x80004005): Application not found
   at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG&amp;amp; msg)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
   at System.Windows.Application.RunInternal(Window window)
   at System.Windows.Application.Run()
   at VAIOShell.App.Main()</ExceptionString><NativeErrorCode>800401F5</NativeErrorCode><DataItems><Data><Key>System.Object</Key></Data></DataItems></Exception></TraceRecord>
 
Exception: System.NullReferenceException: Object reference not set to an instance of an object.
   at System.Runtime.Diagnostics.DiagnosticTraceBase.AddExceptionToTraceString(XmlWriter xml, Exception exception)
   at System.ServiceModel.Diagnostics.LegacyDiagnosticTrace.BuildTrace(PlainXmlWriter xml, TraceEventType type, String msdnTraceCode, String description, TraceRecord trace, Exception exception, Object source)
   at System.ServiceModel.Diagnostics.LegacyDiagnosticTrace.TraceEvent(TraceEventType type, Int32 code, String msdnTraceCode, String description, TraceRecord trace, Exception exception, Object source)
 
Process Name: VAIOShell
 
Process ID: 5468
 
Error: (12/04/2014 08:45:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IOLOTO~1.EXE, version: 1.0.5.7, time stamp: 0x4f146042
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0x0eedfade
Fault offset: 0x0000c42d
Faulting process id: 0x1330
Faulting application start time: 0xIOLOTO~1.EXE0
Faulting application path: IOLOTO~1.EXE1
Faulting module path: IOLOTO~1.EXE2
Report Id: IOLOTO~1.EXE3
 
Error: (12/04/2014 08:42:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=23, authorId=8086, vendorId=0, vendorType=0
 
Error: (12/04/2014 08:42:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=21, authorId=8086, vendorId=0, vendorType=0
 
Error: (12/04/2014 08:42:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=18, authorId=8086, vendorId=0, vendorType=0
 
Error: (12/04/2014 08:37:54 PM) (Source: MsiInstaller) (EventID: 1013) (User: Mario-VAIO)
Description: Product: Intel® Wireless Display -- This Product is already installed in this system.
 
 
System errors:
=============
Error: (12/04/2014 08:49:59 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:48:25 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:47:59 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:47:47 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:47:25 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:46:51 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:46:32 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:46:08 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:45:58 PM) (Source: DCOM) (EventID: 10016) (User: Mario-VAIO)
Description: application-specificLocalActivation{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}Mario-VAIOMarioS-1-5-21-653965563-4121391022-2668741360-1001LocalHost (Using LRPC)
 
Error: (12/04/2014 08:42:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Bnbase
Bndef
Bprotect
 
 
Microsoft Office Sessions:
=========================
Error: (12/04/2014 08:54:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCSystemTray.exe8.4.1.611053aa90abKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940dc3c01d01013ac988597C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dll713a3b23-7c08-11e4-bf1a-544249f48540
 
Error: (12/04/2014 08:54:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCSystemTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Composition.ImportCardinalityMismatchException
Stack:
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
   at System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   at VCSystemTray.ViewModel.MainWindowViewModel.CollectRSOCData(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.TimerQueueTimer.CallCallback()
   at System.Threading.TimerQueueTimer.Fire()
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
 
Error: (12/04/2014 08:50:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VAIOShell.exe8.4.1.611053a92a9bKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d155c01d0101494076ba4C:\Program Files\Sony\VAIO Care\VAIOShell.exeC:\Windows\system32\KERNELBASE.dllf5765221-7c07-11e4-bf1a-544249f48540
 
Error: (12/04/2014 08:50:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VAIOShell.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
Stack:
   at System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VAIOShell.App.Main()
 
Error: (12/04/2014 08:50:34 PM) (Source: System.ServiceModel 4.0.0.0) (EventID: 105) (User: Mario-VAIO)
Description: <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Critical"><TraceIdentifier>UnhandledException</TraceIdentifier><Description>Unhandled exception</Description><AppDomain>VAIOShell.exe</AppDomain><Exception><ExceptionType>System.ComponentModel.Win32Exception, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Application not found</Message><StackTrace>   at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG&amp;amp; msg)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
   at System.Windows.Application.RunInternal(Window window)
   at System.Windows.Application.Run()
   at VAIOShell.App.Main()</StackTrace><ExceptionString>System.ComponentModel.Win32Exception (0x80004005): Application not found
   at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start(ProcessStartInfo startInfo)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean&amp;amp; handled)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG&amp;amp; msg)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
   at System.Windows.Application.RunInternal(Window window)
   at System.Windows.Application.Run()
   at VAIOShell.App.Main()</ExceptionString><NativeErrorCode>800401F5</NativeErrorCode><DataItems><Data><Key>System.Object</Key></Data></DataItems></Exception></TraceRecord>System.NullReferenceException: Object reference not set to an instance of an object.
   at System.Runtime.Diagnostics.DiagnosticTraceBase.AddExceptionToTraceString(XmlWriter xml, Exception exception)
   at System.ServiceModel.Diagnostics.LegacyDiagnosticTrace.BuildTrace(PlainXmlWriter xml, TraceEventType type, String msdnTraceCode, String description, TraceRecord trace, Exception exception, Object source)
   at System.ServiceModel.Diagnostics.LegacyDiagnosticTrace.TraceEvent(TraceEventType type, Int32 code, String msdnTraceCode, String description, TraceRecord trace, Exception exception, Object source)VAIOShell5468
 
Error: (12/04/2014 08:45:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IOLOTO~1.EXE1.0.5.74f146042KERNELBASE.dll6.1.7601.1840953159a860eedfade0000c42d133001d01014011eb22cC:\PROGRA~1\Sony\VAIOCA~1\Iolo\IOLOTO~1.EXEC:\Windows\syswow64\KERNELBASE.dll4039fd43-7c07-11e4-bf1a-544249f48540
 
Error: (12/04/2014 08:42:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name23808600
 
Error: (12/04/2014 08:42:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name21808600
 
Error: (12/04/2014 08:42:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name18808600
 
Error: (12/04/2014 08:37:54 PM) (Source: MsiInstaller) (EventID: 1013) (User: Mario-VAIO)
Description: Product: Intel® Wireless Display -- This Product is already installed in this system.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-06-24 10:14:40.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_196\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-23 21:20:12.091
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_196\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-23 19:47:17.555
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_196\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-23 19:13:07.783
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_196\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-17 11:07:50.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_195\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-02 22:18:36.317
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_193\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-02 20:23:31.189
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_193\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-06-02 18:11:18.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_193\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-20 12:46:54.437
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_191\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-20 12:12:56.647
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Antivirus Free Edition\avc3\avc3_sig_191\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 70%
Total physical RAM: 3374.1 MB
Available physical RAM: 1005.65 MB
Total Pagefile: 6746.38 MB
Available Pagefile: 3816.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:287.8 GB) (Free:113.78 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 6EA98A7E)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Attached Files


Edited by xXToffeeXx, 06 December 2014 - 11:03 AM.
Posted log for ease~


#12 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 06 December 2014 - 10:34 AM

Opaaa.......have you forgetten me........for a while!!!



#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:03 AM

Posted 06 December 2014 - 11:38 AM

Hi Marioo,
 
Sorry about the delay, sometimes I lack time to reply.
 
We need to run a fix with FRST:

  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Copy and paste the script below in the notepad document:​
HKU\S-1-5-18\...\RunOnce: [Del180761728] => cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" <===== ATTENTION
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
U2 MSSQL$DDNI; No ImagePath
C:\Users\MARLY SANTOS\AppData\Local\Temp\qxgxtcvx.dll
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Task: {65ADA6B1-FDEA-43F4-AC5F-0C8C9DBA57A4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
  • Save the file to your desktop and name it as fixlist.txt

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run.
  • Please copy and paste the log in your next reply.

--------------
 

We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

Best Buy pc app
Bing Rewards Client Installer
DealPly

Additional instructions can be found here if needed.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Fixlog.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:03 AM

Posted 07 December 2014 - 12:37 PM

Now I have the FIXLOG:::

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 01
Ran by Mario at 2014-12-07 15:26:36 Run:1
Running from C:\Users\Mario\Desktop
Loaded Profile: Mario (Available profiles: Mario & MARLY SANTOS & Mario II & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-18\...\RunOnce: [Del180761728] => cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" <===== ATTENTION
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <=======
ATTENTION
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-653965563-4121391022-2668741360-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
U2 MSSQL$DDNI; No ImagePath
C:\Users\MARLY SANTOS\AppData\Local\Temp\qxgxtcvx.dll
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Task: {65ADA6B1-FDEA-43F4-AC5F-0C8C9DBA57A4} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
*****************
 
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Del180761728 => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
ATTENTION => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-653965563-4121391022-2668741360-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
HKU\S-1-5-21-653965563-4121391022-2668741360-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
MSSQL$DDNI => Service deleted successfully.
C:\Users\MARLY SANTOS\AppData\Local\Temp\qxgxtcvx.dll => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}\\SystemComponent => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}\\SystemComponent => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65ADA6B1-FDEA-43F4-AC5F-0C8C9DBA57A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65ADA6B1-FDEA-43F4-AC5F-0C8C9DBA57A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
 
==== End of Fixlog ====

 

Thanks a lot  >>> sk:: mariooinrio

Attached Files


Edited by xXToffeeXx, 08 December 2014 - 02:49 PM.
Posted log for ease~


#15 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:03 AM

Posted 08 December 2014 - 02:50 PM

Hi Marioo,

 

How is your computer running now?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users