Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

buyerschoice


  • This topic is locked This topic is locked
12 replies to this topic

#1 steingt

steingt

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 06 December 2014 - 05:48 PM

I have this "buyerschoice" process running with Chrome. From time to time when I click a link it opens an ad window instead. I've used AdwCleaner, Malwarebytes, ESET NOD32 and some other stuff and nothing gets rid of it. I didn't find anyhting about it on the internet so I'm looking for help from you guys.

 

What logs do you need?



BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 06 December 2014 - 06:21 PM

:welcome:

Hello steingt,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.



***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 steingt

steingt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 06 December 2014 - 06:42 PM

Thank for the quick reply. Here you go:
 
 Results of screen317's Security Check version 0.99.91  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
ESET NOD32 Antivirus 8.0   
Windows Defender           
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java 7 Update 71  
 Adobe Flash Player 15.0.0.239  
 Adobe Reader XI  
 Mozilla Firefox (33.1) 
 Mozilla Thunderbird (24.6.0) 
 Google Chrome 38.0.2125.104 Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
 
 
 
 
 
 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014 02
Ran by Gustavo (administrator) on NB-GUSTAVO on 06-12-2014 21:38:23
Running from C:\Users\Gustavo\Desktop
Loaded Profile: Gustavo (Available profiles: Gustavo)
Platform: Windows 8.1 Single Language (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(FSPro Labs) C:\Windows\SysWOW64\fsproflt2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\DS3\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(FSPro Labs) C:\Program Files\MsConfig\hf.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Spotify Ltd) C:\Users\Gustavo\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Gustavo\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.3.9600.16384_none_861fd11a22b451de\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2877192 2013-08-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3059360 2012-08-14] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Google Update] => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-26] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [BitTorrent] => C:\Users\Gustavo\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Spotify Web Helper] => C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Facebook Update] => "C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Google+ Auto Backup] => C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Spotify] => C:\Users\Gustavo\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\MountPoints2: {a0b8406e-084a-11e4-825f-d8a0e057fe23} - "D:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-09-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-09-13] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002 -> {F7439E1F-8B31-4A74-B0E9-752B4C087DDF} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
 
FireFox:
========
FF ProfilePath: C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Gustavo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustavo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: gastecnologia.com.br/sf/abn -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: gastecnologia.com.br/sf/bb -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF Extension: Flash Video Downloader - Full HD Download (4K) - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\artur.dubovoy@gmail.com [2014-12-02]
FF Extension: Cookies Manager+ - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2014-06-30]
FF Extension: CookieKeeper - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi [2014-10-22]
FF Extension: Top Video Downloader - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\tvd@link64.xpi [2014-06-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-06-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-08-19]
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2014-10-01]
FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E886C} [Not Found]
FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E8874} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://economia.terra.com.br/", "https://www.facebook.com/"
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2014-06-26]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-06-26]
CHR Extension: (Tweepi Bulk Default Action (aka Select All)) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpniicpnanbaopgkcagaphglbeaejnph [2014-10-29]
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2014-06-26]
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Google Docs) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Google Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (Pesquisa do Google) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2014-04-30] (Fork Ltd.) [File not signed]
R2 Ds3Service; C:\Program Files (x86)\DS3\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 fsproflt2; C:\Windows\SysWOW64\fsproflt2.exe [49512 2012-07-12] (FSPro Labs)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
R2 valWBFPolicyService; c:\Windows\system32\valWBFPolicyService.exe [32768 2013-07-17] (Validity Sensors, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [502592 2014-04-01] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-06] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-04] (FSPro Labs)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-10-01] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-06 21:38 - 2014-12-06 21:39 - 00032180 _____ () C:\Users\Gustavo\Desktop\FRST.txt
2014-12-06 21:38 - 2014-12-06 21:38 - 00000000 ____D () C:\FRST
2014-12-06 21:33 - 2014-12-06 21:33 - 00852487 _____ () C:\Users\Gustavo\Desktop\SecurityCheck.exe
2014-12-06 21:32 - 2014-12-06 21:32 - 02119168 _____ (Farbar) C:\Users\Gustavo\Desktop\FRST64.exe
2014-12-06 15:04 - 2014-12-06 15:04 - 00000900 _____ () C:\Users\Gustavo\Desktop\JRT.txt
2014-12-06 15:00 - 2014-12-06 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-12-06 13:46 - 2014-12-06 13:46 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Downloads\JRT.exe
2014-12-06 13:42 - 2014-12-06 15:00 - 00000000 ____D () C:\Users\Todos os Usuários\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 15:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 13:42 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-12-06 13:39 - 2014-12-06 15:11 - 00000165 _____ () C:\AdwCleanerDebug.txt
2014-12-06 13:39 - 2014-12-06 13:39 - 02153472 _____ () C:\Users\Gustavo\Downloads\adwcleaner_4.104.exe
2014-12-06 13:37 - 2014-12-06 13:37 - 16409960 ____R (Safer Networking Limited ) C:\Users\Gustavo\Downloads\spybotsd162-setup.exe
2014-12-05 00:16 - 2014-12-05 00:16 - 00005137 _____ () C:\Users\Gustavo\Downloads\emissorNFe (1).jnlp
2014-12-05 00:16 - 2014-12-05 00:16 - 00002281 _____ () C:\Users\Gustavo\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Sun
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\log
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\database
2014-12-05 00:11 - 2014-12-05 00:11 - 00005137 _____ () C:\Users\Gustavo\Downloads\emissorNFe.jnlp
2014-12-04 13:04 - 2014-12-04 13:04 - 00101248 _____ () C:\Users\Gustavo\Downloads\Extras.Txt
2014-12-04 13:03 - 2014-12-04 13:03 - 00209386 _____ () C:\Users\Gustavo\Downloads\OTL.Txt
2014-12-04 12:51 - 2014-12-04 12:51 - 02154496 _____ () C:\Users\Gustavo\Downloads\adwcleaner_4.103.exe
2014-12-04 12:47 - 2014-12-04 12:47 - 05600479 _____ (Swearware) C:\Users\Gustavo\Downloads\ComboFix.exe
2014-12-04 12:44 - 2014-12-04 12:44 - 00602112 _____ (OldTimer Tools) C:\Users\Gustavo\Downloads\OTL.exe
2014-12-03 18:30 - 2014-12-03 18:30 - 00001358 _____ () C:\Users\Gustavo\Downloads\18737540000118000000267816R&00036_2014_12_03182922.txt.gz
2014-12-03 14:12 - 2014-12-03 14:12 - 00018760 _____ () C:\Users\Gustavo\Downloads\orders (1).xml
2014-12-03 13:49 - 2014-12-05 14:20 - 00002463 _____ () C:\Windows\setupact.log
2014-12-03 13:49 - 2014-12-03 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Users\Todos os Usuários\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Program Files\ESET
2014-12-02 22:19 - 2014-12-06 15:10 - 00001156 _____ () C:\Windows\PFRO.log
2014-12-02 19:46 - 2014-12-02 19:46 - 00000368 _____ () C:\Users\Gustavo\Downloads\download.htm
2014-12-02 19:19 - 2014-12-02 19:19 - 00000000 ____D () C:\Users\Gustavo\Downloads\Malwarebytes Anti-Malware Premium 2.0.3.1025 Final + Keys [ATOM]
2014-12-02 17:14 - 2014-12-02 17:14 - 1495768206 _____ () C:\Windows\MEMORY.DMP
2014-12-02 17:14 - 2014-12-02 17:14 - 00302368 _____ () C:\Windows\Minidump\120214-30031-01.dmp
2014-12-02 16:43 - 2014-12-06 16:54 - 00699757 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 16:11 - 2014-12-02 16:11 - 00081372 _____ () C:\Users\Gustavo\Documents\cc_20141202_161144.reg
2014-12-02 15:52 - 2014-12-02 15:52 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Gustavo\Downloads\rkill.exe
2014-12-02 14:07 - 2014-12-02 14:07 - 00000000 ____D () C:\Users\Gustavo\.android
2014-12-02 14:05 - 2014-12-02 14:05 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2014-12-02 14:05 - 2014-12-02 14:05 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2014-12-02 14:03 - 2014-12-02 14:04 - 11060224 _____ () C:\Users\Gustavo\Downloads\CarbonSetup.msi
2014-12-02 14:01 - 2014-12-02 14:02 - 08551232 _____ (Motorola) C:\Users\Gustavo\Downloads\MotoHelper_2.1.32_Driver_5.4.0.exe
2014-11-29 23:38 - 2014-11-29 23:38 - 00005688 _____ () C:\Users\Gustavo\Downloads\orders.xml
2014-11-29 23:38 - 2014-11-29 23:38 - 00001118 _____ () C:\Users\Gustavo\Downloads\orders.csv
2014-11-29 23:11 - 2014-11-29 23:11 - 00007148 _____ () C:\Users\Gustavo\Downloads\extrato (1).txt
2014-11-29 22:50 - 2014-11-29 22:50 - 00007208 _____ () C:\Users\Gustavo\Downloads\extrato.txt
2014-11-29 00:37 - 2014-11-29 00:37 - 02140160 _____ () C:\Users\Gustavo\Downloads\adwcleaner-4-101-multi-win.exe
2014-11-28 13:02 - 2014-11-28 13:02 - 00004464 _____ () C:\Users\Gustavo\Downloads\members_Black_Friday_Copy_01__click_activity_Nov_28_2014.csv
2014-11-28 13:01 - 2014-11-28 13:01 - 00001909 _____ () C:\Users\Gustavo\Downloads\members_Black_Friday_Copy_01__opened_Nov_28_2014.csv
2014-11-28 03:33 - 2014-11-28 03:33 - 00019960 _____ () C:\Users\Gustavo\Downloads\customers.csv
2014-11-21 01:26 - 2014-11-21 01:27 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Cockatrice
2014-11-21 01:24 - 2014-11-21 01:24 - 00000000 ____D () C:\Program Files (x86)\Cockatrice
2014-11-20 20:53 - 2014-11-24 22:18 - 00000000 ____D () C:\Users\Gustavo\Downloads\Modern.Family.S05E01-24.WEB-DL.x264.AAC
2014-11-20 15:50 - 2014-10-03 17:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-20 15:50 - 2014-10-03 17:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-19 17:00 - 2014-11-19 17:00 - 00000165 ____H () C:\Users\Gustavo\Desktop\~$Pasta1.xlsx
2014-11-19 12:44 - 2014-11-09 21:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 12:44 - 2014-11-09 21:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 12:44 - 2014-11-09 21:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 12:44 - 2014-11-09 21:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-17 17:13 - 2014-11-17 17:14 - 00231766 _____ () C:\Users\Gustavo\Documents\cc_20141117_171356.reg
2014-11-17 16:56 - 2014-11-17 16:56 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-17 16:55 - 2014-11-17 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-17 16:55 - 2014-11-17 16:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\stetic
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\MonoDevelop-Unity-4.0
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\MonoDevelop-Unity-4.0
2014-11-17 01:26 - 2014-11-17 01:27 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Unity
2014-11-17 01:23 - 2014-11-17 01:27 - 00000000 ____D () C:\Users\Todos os Usuários\Unity
2014-11-17 01:23 - 2014-11-17 01:27 - 00000000 ____D () C:\ProgramData\Unity
2014-11-17 01:17 - 2014-11-17 01:22 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Unity
2014-11-17 01:15 - 2014-11-17 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-11-17 01:15 - 2014-11-17 01:15 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-11-17 01:03 - 2014-11-17 01:17 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-11-13 14:00 - 2014-10-31 20:27 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2014-11-13 14:00 - 2014-10-23 17:05 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2014-11-12 12:22 - 2014-10-13 00:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-12 12:22 - 2014-10-10 22:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 12:22 - 2014-10-10 22:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 12:22 - 2014-10-08 05:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-12 12:22 - 2014-10-08 05:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-12 12:22 - 2014-10-08 04:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-12 12:22 - 2014-10-08 03:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-12 12:22 - 2014-10-08 03:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-12 12:22 - 2014-09-22 02:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-12 12:22 - 2014-09-22 01:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-12 12:22 - 2014-09-22 01:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-12 12:22 - 2014-09-22 00:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-12 12:22 - 2014-09-18 22:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-12 12:22 - 2014-09-02 20:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-12 12:22 - 2014-09-02 20:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-12 12:11 - 2014-09-10 04:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-12 12:11 - 2014-09-08 01:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-12 12:11 - 2014-09-08 01:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-12 12:11 - 2014-09-07 20:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-12 12:11 - 2014-09-04 20:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-12 12:11 - 2014-09-04 20:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-12 12:11 - 2014-09-04 01:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-12 12:11 - 2014-09-04 00:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-12 12:11 - 2014-09-03 23:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-12 12:11 - 2014-09-03 22:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-12 12:11 - 2014-08-30 22:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-12 12:11 - 2014-08-30 22:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-12 12:11 - 2014-08-30 20:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-12 12:11 - 2014-08-30 20:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-12 12:11 - 2014-08-30 19:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-12 12:11 - 2014-08-30 19:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-12 12:11 - 2014-08-30 18:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-12 12:11 - 2014-08-30 18:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-12 12:11 - 2014-08-28 00:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-12 12:11 - 2014-08-27 22:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-12 12:11 - 2014-08-27 22:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-12 12:11 - 2014-08-23 03:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-12 12:11 - 2014-08-23 03:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-12 12:11 - 2014-08-23 02:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-12 12:11 - 2014-08-01 22:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-12 12:11 - 2014-08-01 22:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-12 12:10 - 2014-09-27 05:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-12 12:10 - 2014-09-27 03:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-12 12:10 - 2014-09-27 01:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 12:10 - 2014-09-27 01:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-12 12:10 - 2014-09-27 01:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 12:09 - 2014-10-09 23:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:09 - 2014-10-09 23:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-12 12:09 - 2014-10-09 23:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-12 12:09 - 2014-10-08 05:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 12:09 - 2014-10-08 05:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 12:09 - 2014-10-08 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-12 12:09 - 2014-10-08 05:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-12 12:09 - 2014-10-08 04:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-12 12:09 - 2014-10-08 04:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 12:09 - 2014-10-08 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 12:09 - 2014-10-08 04:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-12 12:09 - 2014-10-08 04:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 12:09 - 2014-10-08 03:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-12 12:07 - 2014-10-18 07:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-12 12:07 - 2014-10-18 06:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-12 12:07 - 2014-10-18 06:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-12 12:07 - 2014-10-18 05:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-12 12:07 - 2014-10-18 04:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-12 12:07 - 2014-10-18 04:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-12 12:07 - 2014-10-18 04:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-12 12:07 - 2014-10-18 04:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-12 12:07 - 2014-10-18 04:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-12 12:07 - 2014-10-18 04:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-12 12:07 - 2014-10-18 04:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-12 12:07 - 2014-10-18 04:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-12 12:07 - 2014-10-18 04:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-12 12:07 - 2014-10-18 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-12 12:07 - 2014-10-18 04:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-12 12:07 - 2014-10-18 04:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-12 12:07 - 2014-10-17 05:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 12:07 - 2014-10-17 04:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 12:03 - 2014-10-31 03:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 12:03 - 2014-10-31 01:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 12:03 - 2014-10-31 01:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 12:02 - 2014-10-31 03:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-12 12:02 - 2014-10-31 03:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 12:02 - 2014-10-31 03:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-12 12:02 - 2014-10-31 03:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-12 12:02 - 2014-10-31 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 12:02 - 2014-10-31 03:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 12:02 - 2014-10-31 03:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 12:02 - 2014-10-31 03:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-12 12:02 - 2014-10-31 03:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 12:02 - 2014-10-31 02:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 12:02 - 2014-10-31 02:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 12:02 - 2014-10-31 02:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-12 12:02 - 2014-10-31 02:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 12:02 - 2014-10-31 02:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-12 12:02 - 2014-10-31 02:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 12:02 - 2014-10-31 02:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 12:02 - 2014-10-31 02:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 12:02 - 2014-10-31 02:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 12:02 - 2014-10-31 02:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 12:02 - 2014-10-31 02:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-12 12:02 - 2014-10-31 02:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 12:02 - 2014-10-31 02:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:02 - 2014-10-31 02:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-12 12:02 - 2014-10-31 02:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-12 12:02 - 2014-10-31 02:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-12 12:02 - 2014-10-31 02:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 12:02 - 2014-10-31 02:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 12:02 - 2014-10-31 02:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 12:02 - 2014-10-31 02:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-12 12:02 - 2014-10-31 02:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 12:02 - 2014-10-31 02:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-12 12:02 - 2014-10-31 02:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-12 12:02 - 2014-10-31 02:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-12 12:02 - 2014-10-31 02:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 12:02 - 2014-10-31 02:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 12:02 - 2014-10-31 02:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 12:02 - 2014-10-31 02:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 12:02 - 2014-10-31 01:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 12:02 - 2014-10-31 01:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-12 12:02 - 2014-10-31 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-12 12:02 - 2014-10-31 01:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 12:02 - 2014-10-31 01:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-12 12:02 - 2014-10-31 01:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 12:02 - 2014-10-31 01:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-12 12:02 - 2014-10-31 01:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-12 12:02 - 2014-10-31 01:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 12:02 - 2014-10-31 01:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 12:02 - 2014-10-31 01:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 12:02 - 2014-10-31 01:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 12:02 - 2014-10-31 01:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-12 12:02 - 2014-10-31 01:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 12:02 - 2014-10-31 01:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 12:02 - 2014-10-31 01:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 12:02 - 2014-10-31 01:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 12:02 - 2014-10-31 01:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 12:02 - 2014-10-31 01:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 12:02 - 2014-10-31 01:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-12 12:02 - 2014-10-31 01:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 12:02 - 2014-10-31 01:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-12 12:02 - 2014-10-31 01:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 12:02 - 2014-10-31 01:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 12:02 - 2014-10-31 01:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 12:02 - 2014-10-31 01:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-12 12:02 - 2014-10-31 01:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 12:02 - 2014-10-31 00:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-12 12:02 - 2014-10-31 00:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 12:02 - 2014-10-31 00:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 12:02 - 2014-10-31 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 12:02 - 2014-10-31 00:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-12 12:02 - 2014-10-31 00:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 12:02 - 2014-10-31 00:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-12 12:02 - 2014-10-31 00:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 12:02 - 2014-10-31 00:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-12 12:02 - 2014-10-31 00:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-12 12:02 - 2014-10-31 00:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 12:02 - 2014-10-31 00:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 12:02 - 2014-10-31 00:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 12:02 - 2014-10-31 00:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 12:02 - 2014-10-31 00:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-12 12:02 - 2014-10-31 00:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-12 12:02 - 2014-10-31 00:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 12:02 - 2014-10-31 00:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 12:02 - 2014-10-31 00:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 11:59 - 2014-10-23 03:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 11:59 - 2014-10-23 03:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 11:59 - 2014-10-07 04:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-12 11:59 - 2014-10-07 04:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 11:59 - 2014-10-07 01:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 11:59 - 2014-10-07 01:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 11:59 - 2014-10-07 01:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 11:59 - 2014-10-07 01:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 11:59 - 2014-10-06 23:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-12 11:59 - 2014-10-06 23:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 11:59 - 2014-08-23 03:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 11:59 - 2014-08-23 03:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-10 13:38 - 2014-11-10 13:38 - 00001418 _____ () C:\Users\Gustavo\Desktop\EZBlocker.lnk
2014-11-07 15:43 - 2014-11-07 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Users\Todos os Usuários\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Program Files\iTunes
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-07 15:42 - 2014-11-07 15:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-07 00:23 - 2014-11-07 00:23 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-06 21:00 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-06 20:27 - 2014-06-26 12:44 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-573635229-3962155130-232007431-1002
2014-12-06 20:12 - 2014-06-26 13:08 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Spotify
2014-12-06 20:00 - 2014-10-30 01:27 - 00000118 _____ () C:\Users\Gustavo\Documents\unf2.0.mcr
2014-12-06 19:59 - 2014-05-06 14:02 - 01800588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 19:59 - 2013-08-22 20:59 - 00775938 _____ () C:\Windows\system32\prfh0416.dat
2014-12-06 19:59 - 2013-08-22 20:59 - 00159030 _____ () C:\Windows\system32\prfc0416.dat
2014-12-06 19:33 - 2014-11-03 12:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-06 19:04 - 2014-06-26 12:43 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AC9DABB9-6BB3-4B84-8741-3383882E21C2}
2014-12-06 15:13 - 2014-11-03 12:41 - 00000000 ____D () C:\AdwCleaner
2014-12-06 15:12 - 2014-10-22 15:07 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01.job
2014-12-06 15:11 - 2014-10-10 13:57 - 00000000 ____D () C:\Temp
2014-12-06 15:11 - 2014-06-26 14:14 - 00000000 ___RD () C:\Users\Gustavo\Google Drive
2014-12-06 15:10 - 2014-07-24 23:17 - 00000000 ____D () C:\Program Files (x86)\DS3
2014-12-06 15:10 - 2013-08-22 12:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 15:09 - 2013-08-22 11:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-06 13:48 - 2014-06-27 01:20 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\FileZilla
2014-12-06 13:48 - 2014-06-26 13:06 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Skype
2014-12-06 13:48 - 2014-06-26 13:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\BitTorrent
2014-12-05 16:00 - 2014-10-09 19:03 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\ViberPC
2014-12-05 12:24 - 2014-10-09 19:01 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Viber
2014-12-05 00:33 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-04 14:42 - 2014-06-26 13:10 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Spotify
2014-12-04 12:32 - 2014-06-26 12:50 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-12-04 12:32 - 2014-06-26 12:50 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-12-03 22:25 - 2014-11-03 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-03 22:25 - 2014-11-03 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 18:40 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-03 14:12 - 2014-06-26 12:38 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Packages
2014-12-02 22:19 - 2014-06-27 05:00 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 22:19 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\IME
2014-12-02 22:18 - 2014-06-26 12:37 - 00000000 ____D () C:\Users\Gustavo
2014-12-02 19:59 - 2014-09-22 15:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-02 19:59 - 2014-06-26 13:06 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2014-12-02 19:59 - 2014-06-26 13:06 - 00000000 ____D () C:\ProgramData\Skype
2014-12-02 17:26 - 2014-06-27 05:00 - 00003792 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-02 17:14 - 2014-07-24 23:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-28 17:26 - 2014-06-28 01:24 - 00001456 _____ () C:\Users\Gustavo\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-11-28 13:16 - 2014-06-27 01:31 - 00002481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-11-28 13:16 - 2014-06-27 01:31 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-11-28 13:16 - 2014-06-27 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-11-28 12:19 - 2013-08-22 13:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-27 22:13 - 2014-06-27 05:18 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\vlc
2014-11-27 11:12 - 2014-06-26 13:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-25 16:44 - 2014-07-16 17:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-11-24 20:29 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\rescache
2014-11-21 06:14 - 2014-11-03 12:43 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-11-03 12:43 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-11-03 12:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 18:51 - 2014-07-02 01:58 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-20 18:51 - 2014-07-02 01:58 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-20 14:27 - 2014-06-27 04:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-20 14:11 - 2014-10-22 15:07 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0.job
2014-11-20 14:11 - 2014-06-26 14:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 14:11 - 2014-06-26 14:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-20 14:11 - 2014-06-26 12:44 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA.job
2014-11-20 14:11 - 2014-06-26 12:44 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core.job
2014-11-18 16:21 - 2014-06-27 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-18 16:21 - 2014-06-27 01:20 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-17 17:06 - 2014-06-26 13:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-17 17:06 - 2014-05-06 18:15 - 00000000 ____D () C:\Windows\Panther
2014-11-17 16:57 - 2014-07-08 17:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-17 16:56 - 2014-07-08 17:58 - 00000000 ____D () C:\Users\Todos os Usuários\Apple
2014-11-17 16:56 - 2014-07-08 17:58 - 00000000 ____D () C:\ProgramData\Apple
2014-11-17 16:53 - 2014-10-22 15:07 - 00004072 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0
2014-11-17 16:53 - 2014-10-10 13:57 - 00003492 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-11-17 16:53 - 2014-10-10 13:57 - 00003474 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-11-17 16:53 - 2014-10-10 13:57 - 00003300 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-11-17 16:53 - 2014-10-03 15:22 - 00003182 _____ () C:\Windows\System32\Tasks\{A2AF8A23-1A98-47FD-B65B-41922D215EB8}
2014-11-17 16:53 - 2014-06-26 14:00 - 00004072 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-17 16:53 - 2014-06-26 14:00 - 00003836 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-17 16:53 - 2014-06-26 12:44 - 00004060 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA
2014-11-17 16:53 - 2014-06-26 12:44 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core
2014-11-17 01:31 - 2014-11-03 12:53 - 00000004 _____ () C:\Users\Gustavo\AppData\Roaming\appdataFr2.bin
2014-11-17 01:23 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Apple Computer
2014-11-17 01:23 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Apple Computer
2014-11-14 20:45 - 2013-08-22 12:44 - 05183504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 20:43 - 2013-08-22 13:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 20:42 - 2013-08-22 13:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-14 20:40 - 2014-06-26 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-14 20:40 - 2014-06-26 14:17 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-11-14 20:40 - 2014-06-26 14:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 20:38 - 2014-06-29 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 20:29 - 2014-06-29 01:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 14:01 - 2014-07-16 17:35 - 00000000 ____D () C:\Users\Todos os Usuários\Razer
2014-11-13 14:01 - 2014-07-16 17:35 - 00000000 ____D () C:\ProgramData\Razer
2014-11-13 12:12 - 2013-08-22 11:25 - 00000199 _____ () C:\Windows\win.ini
2014-11-10 13:38 - 2014-10-28 21:53 - 00000000 ____D () C:\Program Files\EZBlocker
2014-11-10 13:38 - 2014-06-27 21:12 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Eric_Zhang
2014-11-07 15:42 - 2014-07-11 18:19 - 00000000 ____D () C:\Users\Todos os Usuários\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-07 15:42 - 2014-07-11 18:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-06 20:15 - 2014-08-25 23:37 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Adobe
2014-11-06 16:04 - 2014-07-23 18:37 - 00000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-11-06 15:06 - 2014-06-26 14:19 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-06 15:06 - 2014-06-26 14:19 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-11-06 15:06 - 2014-06-26 14:19 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-06 15:06 - 2014-06-26 14:19 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
 
Files to move or delete:
====================
C:\ProgramData\ISTask.dll
C:\Users\Todos os Usuários\ISTask.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-28 12:17
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014 02
Ran by Gustavo at 2014-12-06 21:39:25
Running from C:\Users\Gustavo\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atualizações da NVIDIA 16.13.65 (Version: 16.13.65 - NVIDIA Corporation) Hidden
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitTorrent (HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Cockatrice (HKLM-x32\...\Cockatrice) (Version:  - )
Compiled Driver Disk(Motorola) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811202}_is1) (Version: 1.0.8.0 - COMPELSON Labs)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dell Custom Help (Version: 16.05.1000.0264 - Intel Corporation) Hidden
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.11.2 - ELAN Microelectronic Corp.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Deskjet 3050 J610 series Software básico do dispositivo (HKLM\...\{E6E28DE7-446E-4E27-BE37-4B6D925A385B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Macro Recorder 5.7.7 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.7 - Jitbit Software)
Malwarebytes Anti-Malware versão 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft1.7.10 (HKLM-x32\...\Minecraft1.7.10) (Version:  - )
MoboRobo 2.1.6.107 (HKLM-x32\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.6.107 - MoboRobo Inc.)
Módulo de Proteção - Banco Santander (Brasil) S.A. (HKLM-x32\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: 3.11.0.1 - )
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.10.0.1 - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 pt-BR)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 pt-BR)) (Version: 24.6.0 - Mozilla)
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NVIDIA Driver de áudio HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Driver de gráficos 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Painel de controle da NVIDIA 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.2.05 - Dell Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Nome de sua empresa:)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7024 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{0d7a3647-915a-40be-a6ba-a0228bd48150}) (Version: 16.5.3 - Intel Corporation)
Spotify (HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The Sims 4 Deluxe Edition version 1.0 Update 1 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.0 Update 1 - GMT-MAX.ORG)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nome de sua empresa:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Validity WBF Driver 5011 (11) (HKLM\...\{469B8A11-A73B-4A78-A596-AC86592E9592}) (Version: 4.5.226.0 - Validity Sensors, Inc.)
Viber (HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VNC Server 5.1.1 (HKLM\...\{060CA2F4-3B7B-4CEA-ADF3-E930C62E162D}) (Version: 5.1.1 - RealVNC Ltd)
VNC Viewer 5.1.1 (HKLM\...\{72D6F59C-FDC3-4E68-B776-E92E5D389F48}) (Version: 5.1.1 - RealVNC Ltd)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-573635229-3962155130-232007431-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-573635229-3962155130-232007431-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-573635229-3962155130-232007431-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-573635229-3962155130-232007431-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-573635229-3962155130-232007431-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-573635229-3962155130-232007431-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
20-11-2014 17:51:20 DirectX instalado
28-11-2014 14:17:48 Windows Update
02-12-2014 16:04:26 Installed Helium
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 11:25 - 2013-08-22 11:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1479CAD8-A6AC-4D30-B487-375F51421DF5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {1A8BB5AD-4ABB-42D1-A9F6-17EF8B35C76A} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {22572E41-43EE-46A2-A16D-5BA0A434BF08} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {34DA08CB-90ED-44D3-A570-FA0938AABEA8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3566C46B-DC97-47B3-88D7-CE55980B0AA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {3DA737AD-F149-4371-ACA6-F425C40D3906} - \AutoKMS No Task File <==== ATTENTION
Task: {4325F817-D6B9-409C-9F46-2CD3F8A92956} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {461147EC-2683-4D54-AF68-367C06E7AEC0} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {48EDF80B-CBB5-4A2A-AF61-F9B238746B57} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core => C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {4F2E2422-7824-447A-8F41-8ED201B59BCC} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {50C7BBB7-F9C7-4888-914A-4F0878ED4308} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {50E91D74-8AE0-41DB-9B1F-AED010990380} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {63BC06E8-918A-456C-9838-1395A4DB0E9E} - System32\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {9139E1FD-1855-4A82-8807-CC8191EA3CEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {94BEC1A1-118F-4D69-997B-D41928215562} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-02] (Adobe Systems Incorporated)
Task: {9BB94045-93F3-4587-A683-E65BBA74515C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A1262976-8CE4-4A0E-9EA5-9310D4E2B36A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA => C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {A224C9FE-D1D6-43BC-A111-6F623E4246A3} - System32\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {AD598AA8-AD11-4DFD-A689-C9BCBC23D8AE} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {B166BD90-D1D6-46A0-B717-1DAB620DE048} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {ECD10627-B828-418C-985D-C3049911F5F0} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {FD5AA21B-9563-4693-8BFE-314C87BA7EBE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core.job => C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA.job => C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core.job => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA.job => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-06 14:22 - 2014-09-13 21:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-06 14:23 - 2014-09-13 19:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 17:29 - 2014-05-01 17:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-10-31 20:27 - 2014-10-31 20:27 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-06-26 13:10 - 2014-10-13 17:42 - 00613944 _____ () C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-12-06 21:33 - 2014-12-06 21:33 - 00852487 _____ () C:\Users\Gustavo\Desktop\SecurityCheck.exe
2014-10-21 14:16 - 2014-10-21 14:16 - 00179712 _____ () C:\Users\Gustavo\AppData\Local\Packages\tradingviewinc.tradingviewstocksforexandbitcoin_ybq2y2jtf5wm6\AC\Microsoft\CLR_v4.0\NativeImages\LiveTilesUpdater\d45cbd07f4bb2b045bdcb144fc708e87\LiveTilesUpdater.ni.dll
2014-10-21 13:58 - 2014-10-21 13:58 - 01782784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2014-10-21 14:15 - 2014-10-21 14:15 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2014-10-21 14:16 - 2014-10-21 14:16 - 00059904 _____ () C:\Users\Gustavo\AppData\Local\Packages\tradingviewinc.tradingviewstocksforexandbitcoin_ybq2y2jtf5wm6\AC\Microsoft\CLR_v4.0\NativeImages\Tickers\11d0ccb831ad1130b72377739cc0e4df\Tickers.ni.dll
2014-10-21 14:15 - 2014-10-21 14:15 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2014-07-16 14:16 - 2014-07-16 14:16 - 00332288 _____ () C:\Users\Gustavo\AppData\Local\Packages\tradingviewinc.tradingviewstocksforexandbitcoin_ybq2y2jtf5wm6\AC\Microsoft\CLR_v4.0\NativeImages\Rendering\6f48a103f5ffd2700f52ad123203cabd\Rendering.ni.dll
2014-10-21 14:15 - 2014-10-21 14:15 - 01278464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2014-10-22 15:04 - 2014-10-22 15:04 - 00177664 _____ () C:\Users\Gustavo\AppData\Local\Packages\tradingviewinc.tradingviewstocksforexandbitcoin_ybq2y2jtf5wm6\AC\Microsoft\CLR_v4.0\NativeImages\Notificatio4f2f02c9#\550b1b4f299efe1d0e250451fd7f9537\NotificationsExtensions.WinRT.ni.dll
2014-06-29 00:30 - 2014-06-29 00:30 - 00001662 ____R () C:\Program Files\MsConfig\msimg32.dll
2013-10-31 13:05 - 2013-10-31 13:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-08-12 20:29 - 2014-08-12 20:29 - 03219456 _____ () C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2014-12-06 15:11 - 2014-12-06 15:11 - 00098816 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32api.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00110080 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\pywintypes27.dll
2014-12-06 15:11 - 2014-12-06 15:11 - 00364544 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\pythoncom27.dll
2014-12-06 15:11 - 2014-12-06 15:11 - 00045568 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\_socket.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 01160704 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\_ssl.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00320512 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32com.shell.shell.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00713216 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\_hashlib.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 01175040 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._core_.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00805888 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._gdi_.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00811008 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._windows_.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 01062400 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._controls_.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00735232 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._misc_.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00128512 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\_elementtree.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00127488 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\pyexpat.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00557056 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\pysqlite2._sqlite.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00007168 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\hashobjs_ext.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00087552 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\_ctypes.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00119808 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32file.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00108544 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32security.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00018432 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32event.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00038912 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32inet.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00070656 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._html2.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00167936 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32gui.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00011264 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32crypt.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00027136 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\_multiprocessing.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00686080 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\unicodedata.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00122368 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._wizard.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00010240 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\select.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00024064 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32pipe.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00025600 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32pdh.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00525640 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\windows._lib_cacheinvalidation.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00035840 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32process.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00017408 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32profile.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00022528 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\win32ts.pyd
2014-12-06 15:11 - 2014-12-06 15:11 - 00078336 _____ () C:\Users\Gustavo\AppData\Local\Temp\_MEI65482\wx._animate.pyd
2014-05-06 14:17 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-06-26 13:10 - 2014-10-13 17:43 - 36966968 _____ () C:\Users\Gustavo\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-06 14:22 - 2014-09-13 21:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-01 15:04 - 2014-10-13 17:42 - 00867896 _____ () C:\Users\Gustavo\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-06-26 13:10 - 2014-10-13 17:42 - 00886840 _____ () C:\Users\Gustavo\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-06-26 13:10 - 2014-10-13 17:42 - 00108600 _____ () C:\Users\Gustavo\AppData\Roaming\Spotify\Data\libegl.dll
2014-10-27 21:14 - 2014-10-22 02:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-27 21:14 - 2014-10-22 02:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-27 21:14 - 2014-10-22 02:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 21:14 - 2014-10-22 02:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-27 21:14 - 2014-10-22 02:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
2014-10-16 07:15 - 2014-10-16 07:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 14:41 - 2014-05-24 14:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\System32:031B07E0_Bb.gbp
AlternateDataStreams: C:\Windows\System32:84672418_Bb.gbp
AlternateDataStreams: C:\Users\Gustavo\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt2 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\fsproflt2 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "InstallerLauncher"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_47C5E710ECE926F3AE2B611C0D7C5655"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "FlashPlayerUpdate"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\StartupApproved\Run: => "AdobeBridge"
 
========================= Accounts: ==========================
 
Administrador (S-1-5-21-573635229-3962155130-232007431-500 - Administrator - Disabled)
Convidado (S-1-5-21-573635229-3962155130-232007431-501 - Limited - Disabled)
Gustavo (S-1-5-21-573635229-3962155130-232007431-1002 - Administrator - Enabled) => C:\Users\Gustavo
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/06/2014 03:09:42 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]
 
 
System errors:
=============
Error: (12/06/2014 06:16:44 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Falha indeterminada do adaptador Bluetooth local; ele não será usado. O driver foi descarregado.
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
Error: (12/06/2014 03:11:23 PM) (Source: DCOM) (EventID: 10016) (User: NB-Gustavo)
Description: específico do aplicativoLocalIniciar{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NB-GustavoGustavoS-1-5-21-573635229-3962155130-232007431-1002LocalHost (Usando LRPC)Não DisponívelNão Disponível
 
 
Microsoft Office Sessions:
=========================
Error: (12/06/2014 03:09:42 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan continue stopping. [1008]
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-12 16:15:19.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-12 14:25:17.474
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-12 14:25:16.424
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-04 15:14:55.298
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-04 15:14:14.186
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-04 15:13:34.881
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-04 14:43:39.439
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-10-04 14:43:24.937
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-13 10:35:59.469
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-08-29 22:34:21.002
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 60%
Total physical RAM: 8097.07 MB
Available physical RAM: 3205.04 MB
Total Pagefile: 16289.07 MB
Available Pagefile: 10882.67 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:456.35 GB) (Free:178.33 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0D7D612E)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 07 December 2014 - 06:50 AM

Hello steingt,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 steingt

steingt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 07 December 2014 - 12:49 PM

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
 
Database version: v2014.12.07.08
 
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17416
Gustavo :: NB-GUSTAVO [administrator]
 
07/12/2014 15:23:14
mbar-log-2014-12-07 (15-23-14).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 337055
Time elapsed: 20 minute(s), 55 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
 
 
 
 
 
 
 
 
 
 
 
# AdwCleaner v4.104 - Relatório criado 07/12/2014 às 15:47:37
# Atualizado 05/12/2014 por Xplode
# Database : 2014-12-01.1 [Live]
# Sistema Operacional : Windows 8.1 Single Language  (64 bits)
# Usuário : Gustavo - NB-GUSTAVO
# Executando de : C:\Users\Gustavo\Downloads\AdwCleaner.exe
# Opção : Examinar
 
***** [ Serviços ] *****
 
 
***** [ Arquivos / Pastas ] *****
 
 
***** [ Tarefas ] *****
 
 
***** [ Atalhos ] *****
 
 
***** [ Registro ] *****
 
 
***** [ Navegadores ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v33.1 (x86 pt-BR)
 
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R0].txt - [1324 octets] - [03/11/2014 12:41:34]
AdwCleaner[R10].txt - [1703 octets] - [06/12/2014 15:11:56]
AdwCleaner[R11].txt - [776 octets] - [07/12/2014 15:47:37]
AdwCleaner[R1].txt - [1384 octets] - [06/11/2014 17:26:30]
AdwCleaner[R2].txt - [1280 octets] - [06/11/2014 20:14:55]
AdwCleaner[R3].txt - [1340 octets] - [06/11/2014 20:17:19]
AdwCleaner[R4].txt - [1562 octets] - [13/11/2014 11:17:50]
AdwCleaner[R5].txt - [1635 octets] - [27/11/2014 11:06:29]
AdwCleaner[R6].txt - [1412 octets] - [29/11/2014 00:37:27]
AdwCleaner[R7].txt - [1560 octets] - [04/12/2014 12:51:30]
AdwCleaner[R8].txt - [1620 octets] - [06/12/2014 13:42:18]
AdwCleaner[R9].txt - [2558 octets] - [06/12/2014 15:07:22]
AdwCleaner[S0].txt - [2096 octets] - [06/11/2014 17:28:49]
AdwCleaner[S1].txt - [1396 octets] - [07/11/2014 13:16:34]
AdwCleaner[S2].txt - [1612 octets] - [13/11/2014 11:36:11]
AdwCleaner[S3].txt - [1685 octets] - [27/11/2014 11:10:07]
AdwCleaner[S4].txt - [2608 octets] - [06/12/2014 15:09:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R11].txt - [1676 octets] ##########
 


#6 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 07 December 2014 - 03:35 PM

Hello steingt,

Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run the Farbar Recovery Scan Tool again.
  • Double-click to run FSRT / FSRT64. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 steingt

steingt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 07 December 2014 - 03:49 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Gustavo on 07/12/2014 at 18:36:18,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/12/2014 at 18:39:33,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
 
 
 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Gustavo (administrator) on NB-GUSTAVO on 07-12-2014 18:43:11
Running from C:\Users\Gustavo\Desktop
Loaded Profiles: Gustavo &  (Available profiles: Gustavo)
Platform: Windows 8.1 Single Language (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(FSPro Labs) C:\Windows\SysWOW64\fsproflt2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\DS3\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(FSPro Labs) C:\Program Files\MsConfig\hf.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2877192 2013-08-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3059360 2012-08-14] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Google Update] => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-26] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [BitTorrent] => C:\Users\Gustavo\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Spotify Web Helper] => C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Facebook Update] => "C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Google+ Auto Backup] => C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Spotify] => C:\Users\Gustavo\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [10845184 2014-12-05] (Sand Studio)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\MountPoints2: {a0b8406e-084a-11e4-825f-d8a0e057fe23} - "D:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-26] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent] => C:\Users\Gustavo\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => "C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google+ Auto Backup] => C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Gustavo\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a0b8406e-084a-11e4-825f-d8a0e057fe23} - "D:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002 -> {F7439E1F-8B31-4A74-B0E9-752B4C087DDF} URL = 
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F7439E1F-8B31-4A74-B0E9-752B4C087DDF} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
 
FireFox:
========
FF ProfilePath: C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Gustavo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustavo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: gastecnologia.com.br/sf/abn -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: gastecnologia.com.br/sf/bb -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Gustavo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustavo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: gastecnologia.com.br/sf/abn -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: gastecnologia.com.br/sf/bb -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF Extension: Flash Video Downloader - Full HD Download (4K) - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\artur.dubovoy@gmail.com [2014-12-02]
FF Extension: Cookies Manager+ - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2014-06-30]
FF Extension: CookieKeeper - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi [2014-10-22]
FF Extension: Top Video Downloader - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\tvd@link64.xpi [2014-06-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-06-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-08-19]
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2014-10-01]
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E886C} [Not Found]
FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E8874} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://economia.terra.com.br/", "https://www.facebook.com/"
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2014-06-26]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-06-26]
CHR Extension: (Tweepi Bulk Default Action (aka Select All)) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpniicpnanbaopgkcagaphglbeaejnph [2014-10-29]
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2014-06-26]
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Google Docs) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Google Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (Pesquisa do Google) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
CHR HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Gustavo\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2014-04-30] (Fork Ltd.) [File not signed]
R2 Ds3Service; C:\Program Files (x86)\DS3\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 fsproflt2; C:\Windows\SysWOW64\fsproflt2.exe [49512 2012-07-12] (FSPro Labs)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
R2 valWBFPolicyService; c:\Windows\system32\valWBFPolicyService.exe [32768 2013-07-17] (Validity Sensors, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [502592 2014-04-01] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-06] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-04] (FSPro Labs)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-10-01] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 18:43 - 2014-12-07 18:43 - 00000000 ____D () C:\Users\Gustavo\Desktop\FRST-OlderVersion
2014-12-07 18:39 - 2014-12-07 18:39 - 00000632 _____ () C:\Users\Gustavo\Desktop\JRT.txt
2014-12-07 18:35 - 2014-12-07 18:35 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Downloads\JRT (1).exe
2014-12-07 18:35 - 2014-12-07 18:35 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Desktop\JRT (1).exe
2014-12-07 17:30 - 2014-12-07 17:31 - 00000000 ____D () C:\Users\Gustavo\Documents\AirDroid
2014-12-07 17:30 - 2014-12-07 17:30 - 00001859 _____ () C:\Users\Public\Desktop\AirDroid.lnk
2014-12-07 17:30 - 2014-12-07 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2014-12-07 17:30 - 2014-12-07 17:30 - 00000000 ____D () C:\Program Files (x86)\AirDroid
2014-12-07 17:28 - 2014-12-07 17:29 - 08298116 _____ () C:\Users\Gustavo\Downloads\AirDroid_Desktop_Client_3.0.1.exe
2014-12-07 15:23 - 2014-12-07 15:46 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)
2014-12-07 15:23 - 2014-12-07 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-07 15:16 - 2014-12-07 15:46 - 00000000 ____D () C:\Users\Gustavo\Desktop\mbar
2014-12-07 15:16 - 2014-12-07 15:16 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Gustavo\Downloads\mbar-1.08.2.1001.exe
2014-12-07 15:16 - 2014-12-07 15:16 - 02153472 _____ () C:\Users\Gustavo\Downloads\AdwCleaner.exe
2014-12-06 21:52 - 2014-12-06 21:52 - 00002235 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-06 21:52 - 2014-12-06 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-06 21:51 - 2014-12-06 21:51 - 00000000 __SHD () C:\Users\Gustavo\AppData\Local\EmieBrowserModeList
2014-12-06 21:49 - 2014-12-06 21:49 - 00880784 _____ (Google Inc.) C:\Users\Gustavo\Downloads\ChromeSetup.exe
2014-12-06 21:49 - 2014-12-06 21:49 - 00003828 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d011af4978d87a
2014-12-06 21:49 - 2014-12-06 21:49 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d011af4978d87a.job
2014-12-06 21:39 - 2014-12-06 21:40 - 00046517 _____ () C:\Users\Gustavo\Desktop\Addition.txt
2014-12-06 21:38 - 2014-12-07 18:43 - 00035657 _____ () C:\Users\Gustavo\Desktop\FRST.txt
2014-12-06 21:38 - 2014-12-07 18:43 - 00000000 ____D () C:\FRST
2014-12-06 21:33 - 2014-12-06 21:33 - 00852487 _____ () C:\Users\Gustavo\Desktop\SecurityCheck.exe
2014-12-06 21:32 - 2014-12-07 18:43 - 02119680 _____ (Farbar) C:\Users\Gustavo\Desktop\FRST64.exe
2014-12-06 15:00 - 2014-12-06 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-12-06 13:46 - 2014-12-06 13:46 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Downloads\JRT.exe
2014-12-06 13:42 - 2014-12-06 15:00 - 00000000 ____D () C:\Users\Todos os Usuários\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 15:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 13:42 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-12-06 13:39 - 2014-12-07 15:47 - 00000275 _____ () C:\AdwCleanerDebug.txt
2014-12-06 13:39 - 2014-12-06 13:39 - 02153472 _____ () C:\Users\Gustavo\Downloads\adwcleaner_4.104.exe
2014-12-06 13:37 - 2014-12-06 13:37 - 16409960 ____R (Safer Networking Limited ) C:\Users\Gustavo\Downloads\spybotsd162-setup.exe
2014-12-05 00:16 - 2014-12-05 00:16 - 00005137 _____ () C:\Users\Gustavo\Downloads\emissorNFe (1).jnlp
2014-12-05 00:16 - 2014-12-05 00:16 - 00002281 _____ () C:\Users\Gustavo\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Sun
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\log
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\database
2014-12-05 00:11 - 2014-12-05 00:11 - 00005137 _____ () C:\Users\Gustavo\Downloads\emissorNFe.jnlp
2014-12-04 13:04 - 2014-12-04 13:04 - 00101248 _____ () C:\Users\Gustavo\Downloads\Extras.Txt
2014-12-04 13:03 - 2014-12-04 13:03 - 00209386 _____ () C:\Users\Gustavo\Downloads\OTL.Txt
2014-12-04 12:51 - 2014-12-04 12:51 - 02154496 _____ () C:\Users\Gustavo\Downloads\adwcleaner_4.103.exe
2014-12-04 12:47 - 2014-12-04 12:47 - 05600479 _____ (Swearware) C:\Users\Gustavo\Downloads\ComboFix.exe
2014-12-04 12:44 - 2014-12-04 12:44 - 00602112 _____ (OldTimer Tools) C:\Users\Gustavo\Downloads\OTL.exe
2014-12-03 18:30 - 2014-12-03 18:30 - 00001358 _____ () C:\Users\Gustavo\Downloads\18737540000118000000267816R&00036_2014_12_03182922.txt.gz
2014-12-03 14:12 - 2014-12-03 14:12 - 00018760 _____ () C:\Users\Gustavo\Downloads\orders (1).xml
2014-12-03 13:49 - 2014-12-05 14:20 - 00002463 _____ () C:\Windows\setupact.log
2014-12-03 13:49 - 2014-12-03 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Users\Todos os Usuários\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Program Files\ESET
2014-12-02 22:19 - 2014-12-06 15:10 - 00001156 _____ () C:\Windows\PFRO.log
2014-12-02 19:46 - 2014-12-02 19:46 - 00000368 _____ () C:\Users\Gustavo\Downloads\download.htm
2014-12-02 19:19 - 2014-12-02 19:19 - 00000000 ____D () C:\Users\Gustavo\Downloads\Malwarebytes Anti-Malware Premium 2.0.3.1025 Final + Keys [ATOM]
2014-12-02 17:14 - 2014-12-02 17:14 - 1495768206 _____ () C:\Windows\MEMORY.DMP
2014-12-02 17:14 - 2014-12-02 17:14 - 00302368 _____ () C:\Windows\Minidump\120214-30031-01.dmp
2014-12-02 16:43 - 2014-12-07 18:21 - 00840813 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 16:11 - 2014-12-02 16:11 - 00081372 _____ () C:\Users\Gustavo\Documents\cc_20141202_161144.reg
2014-12-02 15:52 - 2014-12-02 15:52 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Gustavo\Downloads\rkill.exe
2014-12-02 14:07 - 2014-12-02 14:07 - 00000000 ____D () C:\Users\Gustavo\.android
2014-12-02 14:05 - 2014-12-02 14:05 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2014-12-02 14:05 - 2014-12-02 14:05 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2014-12-02 14:03 - 2014-12-02 14:04 - 11060224 _____ () C:\Users\Gustavo\Downloads\CarbonSetup.msi
2014-12-02 14:01 - 2014-12-02 14:02 - 08551232 _____ (Motorola) C:\Users\Gustavo\Downloads\MotoHelper_2.1.32_Driver_5.4.0.exe
2014-11-29 23:38 - 2014-11-29 23:38 - 00005688 _____ () C:\Users\Gustavo\Downloads\orders.xml
2014-11-29 23:38 - 2014-11-29 23:38 - 00001118 _____ () C:\Users\Gustavo\Downloads\orders.csv
2014-11-29 23:11 - 2014-11-29 23:11 - 00007148 _____ () C:\Users\Gustavo\Downloads\extrato (1).txt
2014-11-29 22:50 - 2014-11-29 22:50 - 00007208 _____ () C:\Users\Gustavo\Downloads\extrato.txt
2014-11-29 00:37 - 2014-11-29 00:37 - 02140160 _____ () C:\Users\Gustavo\Downloads\adwcleaner-4-101-multi-win.exe
2014-11-28 13:02 - 2014-11-28 13:02 - 00004464 _____ () C:\Users\Gustavo\Downloads\members_Black_Friday_Copy_01__click_activity_Nov_28_2014.csv
2014-11-28 13:01 - 2014-11-28 13:01 - 00001909 _____ () C:\Users\Gustavo\Downloads\members_Black_Friday_Copy_01__opened_Nov_28_2014.csv
2014-11-28 03:33 - 2014-11-28 03:33 - 00019960 _____ () C:\Users\Gustavo\Downloads\customers.csv
2014-11-21 01:26 - 2014-11-21 01:27 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Cockatrice
2014-11-21 01:24 - 2014-11-21 01:24 - 00000000 ____D () C:\Program Files (x86)\Cockatrice
2014-11-20 20:53 - 2014-11-24 22:18 - 00000000 ____D () C:\Users\Gustavo\Downloads\Modern.Family.S05E01-24.WEB-DL.x264.AAC
2014-11-20 15:50 - 2014-10-03 17:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-20 15:50 - 2014-10-03 17:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-19 17:00 - 2014-11-19 17:00 - 00000165 ____H () C:\Users\Gustavo\Desktop\~$Pasta1.xlsx
2014-11-19 12:44 - 2014-11-09 21:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 12:44 - 2014-11-09 21:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 12:44 - 2014-11-09 21:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 12:44 - 2014-11-09 21:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-17 17:13 - 2014-11-17 17:14 - 00231766 _____ () C:\Users\Gustavo\Documents\cc_20141117_171356.reg
2014-11-17 16:56 - 2014-11-17 16:56 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-17 16:55 - 2014-11-17 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-17 16:55 - 2014-11-17 16:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\stetic
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\MonoDevelop-Unity-4.0
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\MonoDevelop-Unity-4.0
2014-11-17 01:26 - 2014-11-17 01:27 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Unity
2014-11-17 01:23 - 2014-11-17 01:27 - 00000000 ____D () C:\Users\Todos os Usuários\Unity
2014-11-17 01:23 - 2014-11-17 01:27 - 00000000 ____D () C:\ProgramData\Unity
2014-11-17 01:17 - 2014-11-17 01:22 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Unity
2014-11-17 01:15 - 2014-11-17 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-11-17 01:15 - 2014-11-17 01:15 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-11-17 01:03 - 2014-11-17 01:17 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-11-13 14:00 - 2014-10-31 20:27 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2014-11-13 14:00 - 2014-10-23 17:05 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2014-11-12 12:22 - 2014-10-13 00:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-12 12:22 - 2014-10-10 22:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 12:22 - 2014-10-10 22:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 12:22 - 2014-10-08 05:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-12 12:22 - 2014-10-08 05:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-12 12:22 - 2014-10-08 04:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-12 12:22 - 2014-10-08 03:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-12 12:22 - 2014-10-08 03:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-12 12:22 - 2014-09-22 02:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-12 12:22 - 2014-09-22 01:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-12 12:22 - 2014-09-22 01:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-12 12:22 - 2014-09-22 00:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-12 12:22 - 2014-09-18 22:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-12 12:22 - 2014-09-02 20:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-12 12:22 - 2014-09-02 20:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-12 12:11 - 2014-09-10 04:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-12 12:11 - 2014-09-08 01:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-12 12:11 - 2014-09-08 01:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-12 12:11 - 2014-09-07 20:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-12 12:11 - 2014-09-04 20:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-12 12:11 - 2014-09-04 20:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-12 12:11 - 2014-09-04 01:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-12 12:11 - 2014-09-04 00:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-12 12:11 - 2014-09-03 23:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-12 12:11 - 2014-09-03 22:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-12 12:11 - 2014-08-30 22:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-12 12:11 - 2014-08-30 22:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-12 12:11 - 2014-08-30 20:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-12 12:11 - 2014-08-30 20:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-12 12:11 - 2014-08-30 19:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-12 12:11 - 2014-08-30 19:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-12 12:11 - 2014-08-30 18:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-12 12:11 - 2014-08-30 18:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-12 12:11 - 2014-08-28 00:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-12 12:11 - 2014-08-27 22:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-12 12:11 - 2014-08-27 22:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-12 12:11 - 2014-08-23 03:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-12 12:11 - 2014-08-23 03:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-12 12:11 - 2014-08-23 02:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-12 12:11 - 2014-08-01 22:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-12 12:11 - 2014-08-01 22:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-12 12:10 - 2014-09-27 05:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-12 12:10 - 2014-09-27 03:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-12 12:10 - 2014-09-27 01:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 12:10 - 2014-09-27 01:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-12 12:10 - 2014-09-27 01:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 12:09 - 2014-10-09 23:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:09 - 2014-10-09 23:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-12 12:09 - 2014-10-09 23:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-12 12:09 - 2014-10-08 05:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 12:09 - 2014-10-08 05:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 12:09 - 2014-10-08 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-12 12:09 - 2014-10-08 05:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-12 12:09 - 2014-10-08 04:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-12 12:09 - 2014-10-08 04:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 12:09 - 2014-10-08 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 12:09 - 2014-10-08 04:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-12 12:09 - 2014-10-08 04:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 12:09 - 2014-10-08 03:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-12 12:07 - 2014-10-18 07:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-12 12:07 - 2014-10-18 06:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-12 12:07 - 2014-10-18 06:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-12 12:07 - 2014-10-18 05:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-12 12:07 - 2014-10-18 04:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-12 12:07 - 2014-10-18 04:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-12 12:07 - 2014-10-18 04:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-12 12:07 - 2014-10-18 04:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-12 12:07 - 2014-10-18 04:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-12 12:07 - 2014-10-18 04:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-12 12:07 - 2014-10-18 04:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-12 12:07 - 2014-10-18 04:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-12 12:07 - 2014-10-18 04:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-12 12:07 - 2014-10-18 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-12 12:07 - 2014-10-18 04:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-12 12:07 - 2014-10-18 04:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-12 12:07 - 2014-10-17 05:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 12:07 - 2014-10-17 04:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 12:03 - 2014-10-31 03:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 12:03 - 2014-10-31 01:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 12:03 - 2014-10-31 01:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 12:02 - 2014-10-31 03:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-12 12:02 - 2014-10-31 03:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 12:02 - 2014-10-31 03:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-12 12:02 - 2014-10-31 03:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-12 12:02 - 2014-10-31 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 12:02 - 2014-10-31 03:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 12:02 - 2014-10-31 03:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 12:02 - 2014-10-31 03:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-12 12:02 - 2014-10-31 03:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 12:02 - 2014-10-31 02:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 12:02 - 2014-10-31 02:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 12:02 - 2014-10-31 02:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-12 12:02 - 2014-10-31 02:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 12:02 - 2014-10-31 02:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-12 12:02 - 2014-10-31 02:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 12:02 - 2014-10-31 02:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 12:02 - 2014-10-31 02:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 12:02 - 2014-10-31 02:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 12:02 - 2014-10-31 02:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 12:02 - 2014-10-31 02:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-12 12:02 - 2014-10-31 02:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 12:02 - 2014-10-31 02:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:02 - 2014-10-31 02:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-12 12:02 - 2014-10-31 02:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-12 12:02 - 2014-10-31 02:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-12 12:02 - 2014-10-31 02:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 12:02 - 2014-10-31 02:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 12:02 - 2014-10-31 02:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 12:02 - 2014-10-31 02:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-12 12:02 - 2014-10-31 02:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 12:02 - 2014-10-31 02:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-12 12:02 - 2014-10-31 02:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-12 12:02 - 2014-10-31 02:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-12 12:02 - 2014-10-31 02:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 12:02 - 2014-10-31 02:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 12:02 - 2014-10-31 02:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 12:02 - 2014-10-31 02:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 12:02 - 2014-10-31 01:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 12:02 - 2014-10-31 01:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-12 12:02 - 2014-10-31 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-12 12:02 - 2014-10-31 01:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 12:02 - 2014-10-31 01:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-12 12:02 - 2014-10-31 01:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 12:02 - 2014-10-31 01:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-12 12:02 - 2014-10-31 01:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-12 12:02 - 2014-10-31 01:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 12:02 - 2014-10-31 01:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 12:02 - 2014-10-31 01:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 12:02 - 2014-10-31 01:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 12:02 - 2014-10-31 01:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-12 12:02 - 2014-10-31 01:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 12:02 - 2014-10-31 01:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 12:02 - 2014-10-31 01:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 12:02 - 2014-10-31 01:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 12:02 - 2014-10-31 01:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 12:02 - 2014-10-31 01:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 12:02 - 2014-10-31 01:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-12 12:02 - 2014-10-31 01:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 12:02 - 2014-10-31 01:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-12 12:02 - 2014-10-31 01:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 12:02 - 2014-10-31 01:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 12:02 - 2014-10-31 01:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 12:02 - 2014-10-31 01:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-12 12:02 - 2014-10-31 01:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 12:02 - 2014-10-31 00:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-12 12:02 - 2014-10-31 00:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 12:02 - 2014-10-31 00:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 12:02 - 2014-10-31 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 12:02 - 2014-10-31 00:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-12 12:02 - 2014-10-31 00:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 12:02 - 2014-10-31 00:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-12 12:02 - 2014-10-31 00:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 12:02 - 2014-10-31 00:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-12 12:02 - 2014-10-31 00:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-12 12:02 - 2014-10-31 00:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 12:02 - 2014-10-31 00:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 12:02 - 2014-10-31 00:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 12:02 - 2014-10-31 00:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 12:02 - 2014-10-31 00:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-12 12:02 - 2014-10-31 00:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-12 12:02 - 2014-10-31 00:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 12:02 - 2014-10-31 00:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 12:02 - 2014-10-31 00:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 11:59 - 2014-10-23 03:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 11:59 - 2014-10-23 03:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 11:59 - 2014-10-07 04:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-12 11:59 - 2014-10-07 04:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 11:59 - 2014-10-07 01:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 11:59 - 2014-10-07 01:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 11:59 - 2014-10-07 01:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 11:59 - 2014-10-07 01:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 11:59 - 2014-10-06 23:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-12 11:59 - 2014-10-06 23:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 11:59 - 2014-08-23 03:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 11:59 - 2014-08-23 03:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-10 13:38 - 2014-11-10 13:38 - 00001418 _____ () C:\Users\Gustavo\Desktop\EZBlocker.lnk
2014-11-07 15:43 - 2014-11-07 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Users\Todos os Usuários\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Program Files\iTunes
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-07 15:42 - 2014-11-07 15:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-07 00:23 - 2014-11-07 00:23 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 18:42 - 2014-06-26 12:44 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-573635229-3962155130-232007431-1002
2014-12-07 18:34 - 2014-06-26 13:06 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Skype
2014-12-07 18:12 - 2014-10-22 15:07 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0.job
2014-12-07 18:12 - 2014-06-26 14:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 18:00 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-07 17:59 - 2014-06-26 12:44 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA.job
2014-12-07 15:48 - 2014-11-03 12:41 - 00000000 ____D () C:\AdwCleaner
2014-12-07 15:23 - 2014-11-03 12:44 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 15:23 - 2014-10-22 15:07 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01.job
2014-12-07 15:23 - 2014-10-10 13:57 - 00000000 ____D () C:\Temp
2014-12-07 15:23 - 2014-06-26 14:14 - 00000000 ___RD () C:\Users\Gustavo\Google Drive
2014-12-07 15:23 - 2014-06-26 14:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 15:22 - 2014-06-26 12:44 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core.job
2014-12-07 15:21 - 2014-06-26 12:43 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AC9DABB9-6BB3-4B84-8741-3383882E21C2}
2014-12-07 15:16 - 2014-11-03 12:43 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-07 15:16 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-06 21:52 - 2014-06-26 14:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-06 21:51 - 2014-06-26 12:51 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-12-06 21:51 - 2014-06-26 12:51 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-12-06 21:51 - 2014-06-26 12:51 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-12-06 21:49 - 2014-10-22 15:07 - 00003828 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01
2014-12-06 21:48 - 2014-06-26 12:44 - 00004058 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA
2014-12-06 21:48 - 2014-06-26 12:44 - 00003678 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core
2014-12-06 21:47 - 2014-10-22 15:07 - 00004070 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0
2014-12-06 21:47 - 2014-06-26 14:00 - 00004070 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-06 21:47 - 2014-06-26 14:00 - 00003834 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-06 21:45 - 2014-06-26 13:08 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Spotify
2014-12-06 20:00 - 2014-10-30 01:27 - 00000118 _____ () C:\Users\Gustavo\Documents\unf2.0.mcr
2014-12-06 19:59 - 2014-05-06 14:02 - 01800588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 19:59 - 2013-08-22 20:59 - 00775938 _____ () C:\Windows\system32\prfh0416.dat
2014-12-06 19:59 - 2013-08-22 20:59 - 00159030 _____ () C:\Windows\system32\prfc0416.dat
2014-12-06 15:10 - 2014-07-24 23:17 - 00000000 ____D () C:\Program Files (x86)\DS3
2014-12-06 15:10 - 2013-08-22 12:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 15:09 - 2013-08-22 11:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-06 13:48 - 2014-06-27 01:20 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\FileZilla
2014-12-06 13:48 - 2014-06-26 13:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\BitTorrent
2014-12-05 16:00 - 2014-10-09 19:03 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\ViberPC
2014-12-05 12:24 - 2014-10-09 19:01 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Viber
2014-12-04 14:42 - 2014-06-26 13:10 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Spotify
2014-12-04 12:32 - 2014-06-26 12:50 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-12-04 12:32 - 2014-06-26 12:50 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-12-03 22:25 - 2014-11-03 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-03 22:25 - 2014-11-03 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 18:40 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-03 14:12 - 2014-06-26 12:38 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Packages
2014-12-02 22:19 - 2014-06-27 05:00 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 22:19 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\IME
2014-12-02 22:18 - 2014-06-26 12:37 - 00000000 ____D () C:\Users\Gustavo
2014-12-02 19:59 - 2014-09-22 15:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-02 19:59 - 2014-06-26 13:06 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2014-12-02 19:59 - 2014-06-26 13:06 - 00000000 ____D () C:\ProgramData\Skype
2014-12-02 17:26 - 2014-06-27 05:00 - 00003792 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-02 17:14 - 2014-07-24 23:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-28 17:26 - 2014-06-28 01:24 - 00001456 _____ () C:\Users\Gustavo\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-11-28 13:16 - 2014-06-27 01:31 - 00002481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-11-28 13:16 - 2014-06-27 01:31 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-11-28 13:16 - 2014-06-27 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-11-28 12:19 - 2013-08-22 13:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-27 22:13 - 2014-06-27 05:18 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\vlc
2014-11-27 11:12 - 2014-06-26 13:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-25 16:44 - 2014-07-16 17:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-11-24 20:29 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\rescache
2014-11-21 06:14 - 2014-11-03 12:43 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-11-03 12:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 18:51 - 2014-07-02 01:58 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-20 18:51 - 2014-07-02 01:58 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-20 14:27 - 2014-06-27 04:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 16:21 - 2014-06-27 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-18 16:21 - 2014-06-27 01:20 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-17 17:06 - 2014-06-26 13:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-17 17:06 - 2014-05-06 18:15 - 00000000 ____D () C:\Windows\Panther
2014-11-17 16:57 - 2014-07-08 17:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-17 16:56 - 2014-07-08 17:58 - 00000000 ____D () C:\Users\Todos os Usuários\Apple
2014-11-17 16:56 - 2014-07-08 17:58 - 00000000 ____D () C:\ProgramData\Apple
2014-11-17 16:53 - 2014-10-10 13:57 - 00003492 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-11-17 16:53 - 2014-10-10 13:57 - 00003474 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-11-17 16:53 - 2014-10-10 13:57 - 00003300 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-11-17 16:53 - 2014-10-03 15:22 - 00003182 _____ () C:\Windows\System32\Tasks\{A2AF8A23-1A98-47FD-B65B-41922D215EB8}
2014-11-17 01:31 - 2014-11-03 12:53 - 00000004 _____ () C:\Users\Gustavo\AppData\Roaming\appdataFr2.bin
2014-11-17 01:23 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Apple Computer
2014-11-17 01:23 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Apple Computer
2014-11-14 20:45 - 2013-08-22 12:44 - 05183504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 20:43 - 2013-08-22 13:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 20:42 - 2013-08-22 13:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-14 20:40 - 2014-06-26 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-14 20:40 - 2014-06-26 14:17 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-11-14 20:40 - 2014-06-26 14:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 20:38 - 2014-06-29 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 20:29 - 2014-06-29 01:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 14:01 - 2014-07-16 17:35 - 00000000 ____D () C:\Users\Todos os Usuários\Razer
2014-11-13 14:01 - 2014-07-16 17:35 - 00000000 ____D () C:\ProgramData\Razer
2014-11-13 12:12 - 2013-08-22 11:25 - 00000199 _____ () C:\Windows\win.ini
2014-11-10 13:38 - 2014-10-28 21:53 - 00000000 ____D () C:\Program Files\EZBlocker
2014-11-10 13:38 - 2014-06-27 21:12 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Eric_Zhang
2014-11-07 15:42 - 2014-07-11 18:19 - 00000000 ____D () C:\Users\Todos os Usuários\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-07 15:42 - 2014-07-11 18:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
 
Files to move or delete:
====================
C:\ProgramData\ISTask.dll
C:\Users\Todos os Usuários\ISTask.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-28 12:17
 
==================== End Of Log ============================


#8 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 07 December 2014 - 05:01 PM

Hello steingt,
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt

 
start
EmptyTemp:
C:\ProgramData\ISTask.dll 
C:\Users\Todos os Usuários\ISTask.dll
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.


***


FRST / FSRT64: run it again.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 steingt

steingt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 07 December 2014 - 05:32 PM

After my computer restarted I got this from Malwarbytes
 
 
Detection, 07/12/2014 20:25:36, SYSTEM, NB-GUSTAVO, Protection, Malicious Website Protection, IP, 80.82.78.169, 49264, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 07/12/2014 20:25:36, SYSTEM, NB-GUSTAVO, Protection, Malicious Website Protection, IP, 80.82.78.169, 49264, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 07/12/2014 20:25:40, SYSTEM, NB-GUSTAVO, Protection, Malicious Website Protection, IP, 80.82.78.169, 49270, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
 
(end)
 
 
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Gustavo (administrator) on NB-GUSTAVO on 07-12-2014 20:27:47
Running from C:\Users\Gustavo\Desktop
Loaded Profile: Gustavo (Available profiles: Gustavo)
Platform: Windows 8.1 Single Language (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(FSPro Labs) C:\Windows\SysWOW64\fsproflt2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\DS3\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(FSPro Labs) C:\Program Files\MsConfig\hf.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2877192 2013-08-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3059360 2012-08-14] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Google Update] => C:\Users\Gustavo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-26] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [BitTorrent] => C:\Users\Gustavo\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-12-01] (BitTorrent Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Spotify Web Helper] => C:\Users\Gustavo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Facebook Update] => "C:\Users\Gustavo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Google+ Auto Backup] => C:\Users\Gustavo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [Spotify] => C:\Users\Gustavo\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-13] (Spotify Ltd)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [10845184 2014-12-05] (Sand Studio)
HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\MountPoints2: {a0b8406e-084a-11e4-825f-d8a0e057fe23} - "D:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-09-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-09-13] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-573635229-3962155130-232007431-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-573635229-3962155130-232007431-1002 -> {F7439E1F-8B31-4A74-B0E9-752B4C087DDF} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
 
FireFox:
========
FF ProfilePath: C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Gustavo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Gustavo\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gustavo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: gastecnologia.com.br/sf/abn -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-573635229-3962155130-232007431-1002: gastecnologia.com.br/sf/bb -> C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF Extension: Flash Video Downloader - Full HD Download (4K) - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\artur.dubovoy@gmail.com [2014-12-02]
FF Extension: Cookies Manager+ - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2014-06-30]
FF Extension: CookieKeeper - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\cookiekeeper@cookiekeeper.mozdev.org.xpi [2014-10-22]
FF Extension: Top Video Downloader - C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r4vo0kj.default\Extensions\tvd@link64.xpi [2014-06-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-06-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-08-19]
FF HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Gustavo\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2014-10-01]
FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E886C} [Not Found]
FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E8874} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://economia.terra.com.br/", "https://www.facebook.com/"
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2014-06-26]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-06-26]
CHR Extension: (Tweepi Bulk Default Action (aka Select All)) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpniicpnanbaopgkcagaphglbeaejnph [2014-10-29]
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2014-06-26]
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-28]
CHR Extension: (Google Docs) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-28]
CHR Extension: (Google Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-28]
CHR Extension: (YouTube) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-28]
CHR Extension: (Pesquisa do Google) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-28]
CHR Extension: (Google Wallet) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28]
CHR Extension: (Gmail) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-28]
CHR HKU\S-1-5-21-573635229-3962155130-232007431-1002\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Gustavo\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2014-04-30] (Fork Ltd.) [File not signed]
R2 Ds3Service; C:\Program Files (x86)\DS3\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 fsproflt2; C:\Windows\SysWOW64\fsproflt2.exe [49512 2012-07-12] (FSPro Labs)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
R2 valWBFPolicyService; c:\Windows\system32\valWBFPolicyService.exe [32768 2013-07-17] (Validity Sensors, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [502592 2014-04-01] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-06] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-04] (FSPro Labs)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-10-01] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 18:43 - 2014-12-07 18:43 - 00000000 ____D () C:\Users\Gustavo\Desktop\FRST-OlderVersion
2014-12-07 18:39 - 2014-12-07 18:39 - 00000632 _____ () C:\Users\Gustavo\Desktop\JRT.txt
2014-12-07 18:35 - 2014-12-07 18:35 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Downloads\JRT (1).exe
2014-12-07 18:35 - 2014-12-07 18:35 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Desktop\JRT (1).exe
2014-12-07 17:30 - 2014-12-07 20:21 - 00000000 ____D () C:\Program Files (x86)\AirDroid
2014-12-07 17:30 - 2014-12-07 20:19 - 00000000 ____D () C:\Users\Gustavo\Documents\AirDroid
2014-12-07 17:30 - 2014-12-07 17:30 - 00001859 _____ () C:\Users\Public\Desktop\AirDroid.lnk
2014-12-07 17:30 - 2014-12-07 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2014-12-07 17:28 - 2014-12-07 17:29 - 08298116 _____ () C:\Users\Gustavo\Downloads\AirDroid_Desktop_Client_3.0.1.exe
2014-12-07 15:23 - 2014-12-07 15:46 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)
2014-12-07 15:23 - 2014-12-07 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-07 15:16 - 2014-12-07 15:46 - 00000000 ____D () C:\Users\Gustavo\Desktop\mbar
2014-12-07 15:16 - 2014-12-07 15:16 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Gustavo\Downloads\mbar-1.08.2.1001.exe
2014-12-07 15:16 - 2014-12-07 15:16 - 02153472 _____ () C:\Users\Gustavo\Downloads\AdwCleaner.exe
2014-12-06 21:52 - 2014-12-06 21:52 - 00002235 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-06 21:52 - 2014-12-06 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-06 21:51 - 2014-12-06 21:51 - 00000000 __SHD () C:\Users\Gustavo\AppData\Local\EmieBrowserModeList
2014-12-06 21:49 - 2014-12-06 21:49 - 00880784 _____ (Google Inc.) C:\Users\Gustavo\Downloads\ChromeSetup.exe
2014-12-06 21:49 - 2014-12-06 21:49 - 00003828 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d011af4978d87a
2014-12-06 21:49 - 2014-12-06 21:49 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d011af4978d87a.job
2014-12-06 21:39 - 2014-12-06 21:40 - 00046517 _____ () C:\Users\Gustavo\Desktop\Addition.txt
2014-12-06 21:38 - 2014-12-07 20:28 - 00000000 ____D () C:\FRST
2014-12-06 21:38 - 2014-12-07 20:27 - 00030634 _____ () C:\Users\Gustavo\Desktop\FRST.txt
2014-12-06 21:33 - 2014-12-06 21:33 - 00852487 _____ () C:\Users\Gustavo\Desktop\SecurityCheck.exe
2014-12-06 21:32 - 2014-12-07 18:43 - 02119680 _____ (Farbar) C:\Users\Gustavo\Desktop\FRST64.exe
2014-12-06 15:00 - 2014-12-06 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-12-06 13:46 - 2014-12-06 13:46 - 01707646 _____ (Thisisu) C:\Users\Gustavo\Downloads\JRT.exe
2014-12-06 13:42 - 2014-12-06 15:00 - 00000000 ____D () C:\Users\Todos os Usuários\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 15:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2014-12-06 13:42 - 2014-12-06 13:42 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-12-06 13:39 - 2014-12-07 15:47 - 00000275 _____ () C:\AdwCleanerDebug.txt
2014-12-06 13:39 - 2014-12-06 13:39 - 02153472 _____ () C:\Users\Gustavo\Downloads\adwcleaner_4.104.exe
2014-12-06 13:37 - 2014-12-06 13:37 - 16409960 ____R (Safer Networking Limited ) C:\Users\Gustavo\Downloads\spybotsd162-setup.exe
2014-12-05 00:16 - 2014-12-05 00:16 - 00005137 _____ () C:\Users\Gustavo\Downloads\emissorNFe (1).jnlp
2014-12-05 00:16 - 2014-12-05 00:16 - 00002281 _____ () C:\Users\Gustavo\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Sun
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\log
2014-12-05 00:16 - 2014-12-05 00:16 - 00000000 ____D () C:\database
2014-12-05 00:11 - 2014-12-05 00:11 - 00005137 _____ () C:\Users\Gustavo\Downloads\emissorNFe.jnlp
2014-12-04 13:04 - 2014-12-04 13:04 - 00101248 _____ () C:\Users\Gustavo\Downloads\Extras.Txt
2014-12-04 13:03 - 2014-12-04 13:03 - 00209386 _____ () C:\Users\Gustavo\Downloads\OTL.Txt
2014-12-04 12:51 - 2014-12-04 12:51 - 02154496 _____ () C:\Users\Gustavo\Downloads\adwcleaner_4.103.exe
2014-12-04 12:47 - 2014-12-04 12:47 - 05600479 _____ (Swearware) C:\Users\Gustavo\Downloads\ComboFix.exe
2014-12-04 12:44 - 2014-12-04 12:44 - 00602112 _____ (OldTimer Tools) C:\Users\Gustavo\Downloads\OTL.exe
2014-12-03 18:30 - 2014-12-03 18:30 - 00001358 _____ () C:\Users\Gustavo\Downloads\18737540000118000000267816R&00036_2014_12_03182922.txt.gz
2014-12-03 14:12 - 2014-12-03 14:12 - 00018760 _____ () C:\Users\Gustavo\Downloads\orders (1).xml
2014-12-03 13:49 - 2014-12-05 14:20 - 00002463 _____ () C:\Windows\setupact.log
2014-12-03 13:49 - 2014-12-03 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Users\Todos os Usuários\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\ProgramData\ESET
2014-12-02 23:47 - 2014-12-02 23:47 - 00000000 ____D () C:\Program Files\ESET
2014-12-02 22:19 - 2014-12-07 20:23 - 00003668 _____ () C:\Windows\PFRO.log
2014-12-02 19:46 - 2014-12-02 19:46 - 00000368 _____ () C:\Users\Gustavo\Downloads\download.htm
2014-12-02 19:19 - 2014-12-02 19:19 - 00000000 ____D () C:\Users\Gustavo\Downloads\Malwarebytes Anti-Malware Premium 2.0.3.1025 Final + Keys [ATOM]
2014-12-02 17:14 - 2014-12-02 17:14 - 1495768206 _____ () C:\Windows\MEMORY.DMP
2014-12-02 17:14 - 2014-12-02 17:14 - 00302368 _____ () C:\Windows\Minidump\120214-30031-01.dmp
2014-12-02 16:43 - 2014-12-07 18:21 - 00840813 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 16:11 - 2014-12-02 16:11 - 00081372 _____ () C:\Users\Gustavo\Documents\cc_20141202_161144.reg
2014-12-02 15:52 - 2014-12-02 15:52 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Gustavo\Downloads\rkill.exe
2014-12-02 14:07 - 2014-12-02 14:07 - 00000000 ____D () C:\Users\Gustavo\.android
2014-12-02 14:05 - 2014-12-02 14:05 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2014-12-02 14:05 - 2014-12-02 14:05 - 00000000 ____D () C:\Program Files (x86)\ClockworkMod
2014-12-02 14:03 - 2014-12-02 14:04 - 11060224 _____ () C:\Users\Gustavo\Downloads\CarbonSetup.msi
2014-12-02 14:01 - 2014-12-02 14:02 - 08551232 _____ (Motorola) C:\Users\Gustavo\Downloads\MotoHelper_2.1.32_Driver_5.4.0.exe
2014-11-29 23:38 - 2014-11-29 23:38 - 00005688 _____ () C:\Users\Gustavo\Downloads\orders.xml
2014-11-29 23:38 - 2014-11-29 23:38 - 00001118 _____ () C:\Users\Gustavo\Downloads\orders.csv
2014-11-29 23:11 - 2014-11-29 23:11 - 00007148 _____ () C:\Users\Gustavo\Downloads\extrato (1).txt
2014-11-29 22:50 - 2014-11-29 22:50 - 00007208 _____ () C:\Users\Gustavo\Downloads\extrato.txt
2014-11-29 00:37 - 2014-11-29 00:37 - 02140160 _____ () C:\Users\Gustavo\Downloads\adwcleaner-4-101-multi-win.exe
2014-11-28 13:02 - 2014-11-28 13:02 - 00004464 _____ () C:\Users\Gustavo\Downloads\members_Black_Friday_Copy_01__click_activity_Nov_28_2014.csv
2014-11-28 13:01 - 2014-11-28 13:01 - 00001909 _____ () C:\Users\Gustavo\Downloads\members_Black_Friday_Copy_01__opened_Nov_28_2014.csv
2014-11-28 03:33 - 2014-11-28 03:33 - 00019960 _____ () C:\Users\Gustavo\Downloads\customers.csv
2014-11-21 01:26 - 2014-11-21 01:27 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Cockatrice
2014-11-21 01:24 - 2014-11-21 01:24 - 00000000 ____D () C:\Program Files (x86)\Cockatrice
2014-11-20 20:53 - 2014-11-24 22:18 - 00000000 ____D () C:\Users\Gustavo\Downloads\Modern.Family.S05E01-24.WEB-DL.x264.AAC
2014-11-20 15:50 - 2014-10-03 17:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-20 15:50 - 2014-10-03 17:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-19 17:00 - 2014-11-19 17:00 - 00000165 ____H () C:\Users\Gustavo\Desktop\~$Pasta1.xlsx
2014-11-19 12:44 - 2014-11-09 21:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 12:44 - 2014-11-09 21:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 12:44 - 2014-11-09 21:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 12:44 - 2014-11-09 21:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-17 17:13 - 2014-11-17 17:14 - 00231766 _____ () C:\Users\Gustavo\Documents\cc_20141117_171356.reg
2014-11-17 16:56 - 2014-11-17 16:56 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-17 16:55 - 2014-11-17 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-17 16:55 - 2014-11-17 16:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\stetic
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\MonoDevelop-Unity-4.0
2014-11-17 01:28 - 2014-11-17 01:28 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\MonoDevelop-Unity-4.0
2014-11-17 01:26 - 2014-11-17 01:27 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Unity
2014-11-17 01:23 - 2014-11-17 01:27 - 00000000 ____D () C:\Users\Todos os Usuários\Unity
2014-11-17 01:23 - 2014-11-17 01:27 - 00000000 ____D () C:\ProgramData\Unity
2014-11-17 01:17 - 2014-11-17 01:22 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Unity
2014-11-17 01:15 - 2014-11-17 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-11-17 01:15 - 2014-11-17 01:15 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-11-17 01:03 - 2014-11-17 01:17 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-11-13 14:00 - 2014-10-31 20:27 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2014-11-13 14:00 - 2014-10-23 17:05 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2014-11-12 12:22 - 2014-10-13 00:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-12 12:22 - 2014-10-10 22:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 12:22 - 2014-10-10 22:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 12:22 - 2014-10-08 05:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-12 12:22 - 2014-10-08 05:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-12 12:22 - 2014-10-08 04:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-12 12:22 - 2014-10-08 03:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-12 12:22 - 2014-10-08 03:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-12 12:22 - 2014-09-22 02:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-12 12:22 - 2014-09-22 01:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-12 12:22 - 2014-09-22 01:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-12 12:22 - 2014-09-22 00:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-12 12:22 - 2014-09-18 22:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-12 12:22 - 2014-09-02 20:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-12 12:22 - 2014-09-02 20:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-12 12:11 - 2014-09-10 04:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-12 12:11 - 2014-09-08 01:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-12 12:11 - 2014-09-08 01:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-12 12:11 - 2014-09-07 20:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-12 12:11 - 2014-09-04 20:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-12 12:11 - 2014-09-04 20:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-12 12:11 - 2014-09-04 01:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-12 12:11 - 2014-09-04 00:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-12 12:11 - 2014-09-03 23:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-12 12:11 - 2014-09-03 22:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-12 12:11 - 2014-08-30 22:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-12 12:11 - 2014-08-30 22:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-12 12:11 - 2014-08-30 20:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-12 12:11 - 2014-08-30 20:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-12 12:11 - 2014-08-30 19:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-12 12:11 - 2014-08-30 19:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-12 12:11 - 2014-08-30 18:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-12 12:11 - 2014-08-30 18:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-12 12:11 - 2014-08-28 00:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-12 12:11 - 2014-08-27 22:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-12 12:11 - 2014-08-27 22:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-12 12:11 - 2014-08-23 03:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-12 12:11 - 2014-08-23 03:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-12 12:11 - 2014-08-23 02:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-12 12:11 - 2014-08-01 22:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-12 12:11 - 2014-08-01 22:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-12 12:10 - 2014-09-27 05:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-12 12:10 - 2014-09-27 03:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-12 12:10 - 2014-09-27 01:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 12:10 - 2014-09-27 01:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-12 12:10 - 2014-09-27 01:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 12:09 - 2014-10-09 23:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:09 - 2014-10-09 23:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-12 12:09 - 2014-10-09 23:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-12 12:09 - 2014-10-08 05:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 12:09 - 2014-10-08 05:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 12:09 - 2014-10-08 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-12 12:09 - 2014-10-08 05:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-12 12:09 - 2014-10-08 04:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-12 12:09 - 2014-10-08 04:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 12:09 - 2014-10-08 04:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 12:09 - 2014-10-08 04:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-12 12:09 - 2014-10-08 04:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 12:09 - 2014-10-08 03:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-12 12:07 - 2014-10-18 07:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-12 12:07 - 2014-10-18 06:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-12 12:07 - 2014-10-18 06:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-12 12:07 - 2014-10-18 05:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-12 12:07 - 2014-10-18 04:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-12 12:07 - 2014-10-18 04:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-12 12:07 - 2014-10-18 04:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-12 12:07 - 2014-10-18 04:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-12 12:07 - 2014-10-18 04:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-12 12:07 - 2014-10-18 04:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-12 12:07 - 2014-10-18 04:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-12 12:07 - 2014-10-18 04:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-12 12:07 - 2014-10-18 04:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-12 12:07 - 2014-10-18 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-12 12:07 - 2014-10-18 04:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-12 12:07 - 2014-10-18 04:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-12 12:07 - 2014-10-17 05:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 12:07 - 2014-10-17 04:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 12:03 - 2014-10-31 03:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 12:03 - 2014-10-31 01:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 12:03 - 2014-10-31 01:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 12:02 - 2014-10-31 03:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-12 12:02 - 2014-10-31 03:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 12:02 - 2014-10-31 03:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-12 12:02 - 2014-10-31 03:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-12 12:02 - 2014-10-31 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 12:02 - 2014-10-31 03:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 12:02 - 2014-10-31 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 12:02 - 2014-10-31 03:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 12:02 - 2014-10-31 03:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-12 12:02 - 2014-10-31 03:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 12:02 - 2014-10-31 02:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 12:02 - 2014-10-31 02:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 12:02 - 2014-10-31 02:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-12 12:02 - 2014-10-31 02:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 12:02 - 2014-10-31 02:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-12 12:02 - 2014-10-31 02:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 12:02 - 2014-10-31 02:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 12:02 - 2014-10-31 02:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 12:02 - 2014-10-31 02:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 12:02 - 2014-10-31 02:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 12:02 - 2014-10-31 02:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-12 12:02 - 2014-10-31 02:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 12:02 - 2014-10-31 02:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:02 - 2014-10-31 02:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-12 12:02 - 2014-10-31 02:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-12 12:02 - 2014-10-31 02:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-12 12:02 - 2014-10-31 02:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 12:02 - 2014-10-31 02:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 12:02 - 2014-10-31 02:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 12:02 - 2014-10-31 02:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-12 12:02 - 2014-10-31 02:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 12:02 - 2014-10-31 02:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-12 12:02 - 2014-10-31 02:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-12 12:02 - 2014-10-31 02:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-12 12:02 - 2014-10-31 02:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 12:02 - 2014-10-31 02:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 12:02 - 2014-10-31 02:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 12:02 - 2014-10-31 02:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 12:02 - 2014-10-31 01:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 12:02 - 2014-10-31 01:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-12 12:02 - 2014-10-31 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-12 12:02 - 2014-10-31 01:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 12:02 - 2014-10-31 01:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-12 12:02 - 2014-10-31 01:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 12:02 - 2014-10-31 01:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-12 12:02 - 2014-10-31 01:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-12 12:02 - 2014-10-31 01:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-12 12:02 - 2014-10-31 01:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 12:02 - 2014-10-31 01:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 12:02 - 2014-10-31 01:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 12:02 - 2014-10-31 01:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-12 12:02 - 2014-10-31 01:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 12:02 - 2014-10-31 01:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 12:02 - 2014-10-31 01:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 12:02 - 2014-10-31 01:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 12:02 - 2014-10-31 01:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 12:02 - 2014-10-31 01:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 12:02 - 2014-10-31 01:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-12 12:02 - 2014-10-31 01:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 12:02 - 2014-10-31 01:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-12 12:02 - 2014-10-31 01:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 12:02 - 2014-10-31 01:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 12:02 - 2014-10-31 01:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 12:02 - 2014-10-31 01:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-12 12:02 - 2014-10-31 01:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 12:02 - 2014-10-31 00:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-12 12:02 - 2014-10-31 00:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-12 12:02 - 2014-10-31 00:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 12:02 - 2014-10-31 00:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 12:02 - 2014-10-31 00:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 12:02 - 2014-10-31 00:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-12 12:02 - 2014-10-31 00:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 12:02 - 2014-10-31 00:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-12 12:02 - 2014-10-31 00:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 12:02 - 2014-10-31 00:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-12 12:02 - 2014-10-31 00:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-12 12:02 - 2014-10-31 00:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 12:02 - 2014-10-31 00:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 12:02 - 2014-10-31 00:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 12:02 - 2014-10-31 00:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 12:02 - 2014-10-31 00:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-12 12:02 - 2014-10-31 00:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-12 12:02 - 2014-10-31 00:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 12:02 - 2014-10-31 00:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 12:02 - 2014-10-31 00:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 11:59 - 2014-10-23 03:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 11:59 - 2014-10-23 03:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 11:59 - 2014-10-07 04:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 11:59 - 2014-10-07 04:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-12 11:59 - 2014-10-07 04:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 11:59 - 2014-10-07 01:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 11:59 - 2014-10-07 01:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 11:59 - 2014-10-07 01:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 11:59 - 2014-10-07 01:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 11:59 - 2014-10-06 23:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-12 11:59 - 2014-10-06 23:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 11:59 - 2014-08-23 03:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 11:59 - 2014-08-23 03:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-10 13:38 - 2014-11-10 13:38 - 00001418 _____ () C:\Users\Gustavo\Desktop\EZBlocker.lnk
2014-11-07 15:43 - 2014-11-07 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Users\Todos os Usuários\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Program Files\iTunes
2014-11-07 15:42 - 2014-11-07 15:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-07 15:42 - 2014-11-07 15:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-07 00:23 - 2014-11-07 00:23 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 20:25 - 2014-11-03 12:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 20:25 - 2014-06-26 14:14 - 00000000 ___RD () C:\Users\Gustavo\Google Drive
2014-12-07 20:24 - 2014-10-10 13:57 - 00000000 ____D () C:\Temp
2014-12-07 20:24 - 2014-07-24 23:17 - 00000000 ____D () C:\Program Files (x86)\DS3
2014-12-07 20:23 - 2014-10-22 15:07 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01.job
2014-12-07 20:23 - 2014-06-26 14:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 20:23 - 2014-06-26 12:51 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-12-07 20:23 - 2014-06-26 12:51 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-12-07 20:23 - 2013-08-22 12:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 20:22 - 2014-06-26 13:06 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Skype
2014-12-07 20:12 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-07 19:14 - 2014-06-26 12:44 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-573635229-3962155130-232007431-1002
2014-12-07 19:12 - 2014-10-22 15:07 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0.job
2014-12-07 19:12 - 2014-06-26 14:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 18:59 - 2014-06-26 12:44 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA.job
2014-12-07 15:48 - 2014-11-03 12:41 - 00000000 ____D () C:\AdwCleaner
2014-12-07 15:22 - 2014-06-26 12:44 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core.job
2014-12-07 15:21 - 2014-06-26 12:43 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AC9DABB9-6BB3-4B84-8741-3383882E21C2}
2014-12-07 15:16 - 2014-11-03 12:43 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-07 15:16 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-06 21:52 - 2014-06-26 14:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-06 21:51 - 2014-06-26 12:51 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-12-06 21:49 - 2014-10-22 15:07 - 00003828 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfee1a9cb23e01
2014-12-06 21:48 - 2014-06-26 12:44 - 00004058 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002UA
2014-12-06 21:48 - 2014-06-26 12:44 - 00003678 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-573635229-3962155130-232007431-1002Core
2014-12-06 21:47 - 2014-10-22 15:07 - 00004070 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfee1a9d2717d0
2014-12-06 21:47 - 2014-06-26 14:00 - 00004070 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-06 21:47 - 2014-06-26 14:00 - 00003834 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-06 21:45 - 2014-06-26 13:08 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Spotify
2014-12-06 20:00 - 2014-10-30 01:27 - 00000118 _____ () C:\Users\Gustavo\Documents\unf2.0.mcr
2014-12-06 19:59 - 2014-05-06 14:02 - 01800588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 19:59 - 2013-08-22 20:59 - 00775938 _____ () C:\Windows\system32\prfh0416.dat
2014-12-06 19:59 - 2013-08-22 20:59 - 00159030 _____ () C:\Windows\system32\prfc0416.dat
2014-12-06 15:09 - 2013-08-22 11:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-06 13:48 - 2014-06-27 01:20 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\FileZilla
2014-12-06 13:48 - 2014-06-26 13:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\BitTorrent
2014-12-05 16:00 - 2014-10-09 19:03 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\ViberPC
2014-12-05 12:24 - 2014-10-09 19:01 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Viber
2014-12-04 14:42 - 2014-06-26 13:10 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Spotify
2014-12-04 12:32 - 2014-06-26 12:50 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-12-04 12:32 - 2014-06-26 12:50 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-12-03 22:25 - 2014-11-03 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-03 22:25 - 2014-11-03 12:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 18:40 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-03 14:12 - 2014-06-26 12:38 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Packages
2014-12-02 22:19 - 2014-06-27 05:00 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 22:19 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\IME
2014-12-02 22:18 - 2014-06-26 12:37 - 00000000 ____D () C:\Users\Gustavo
2014-12-02 19:59 - 2014-09-22 15:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-02 19:59 - 2014-06-26 13:06 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2014-12-02 19:59 - 2014-06-26 13:06 - 00000000 ____D () C:\ProgramData\Skype
2014-12-02 17:26 - 2014-06-27 05:00 - 00003792 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-02 17:14 - 2014-07-24 23:47 - 00000000 ____D () C:\Windows\Minidump
2014-11-28 17:26 - 2014-06-28 01:24 - 00001456 _____ () C:\Users\Gustavo\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-11-28 13:16 - 2014-06-27 01:31 - 00002481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-11-28 13:16 - 2014-06-27 01:31 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-11-28 13:16 - 2014-06-27 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-11-28 12:19 - 2013-08-22 13:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-27 22:13 - 2014-06-27 05:18 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\vlc
2014-11-27 11:12 - 2014-06-26 13:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-25 16:44 - 2014-07-16 17:35 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-11-24 20:29 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\rescache
2014-11-21 06:14 - 2014-11-03 12:43 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-11-03 12:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 18:51 - 2014-07-02 01:58 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-20 18:51 - 2014-07-02 01:58 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-20 14:27 - 2014-06-27 04:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-20 14:14 - 2013-08-22 13:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 16:21 - 2014-06-27 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-18 16:21 - 2014-06-27 01:20 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-17 17:06 - 2014-06-26 13:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-17 17:06 - 2014-05-06 18:15 - 00000000 ____D () C:\Windows\Panther
2014-11-17 16:57 - 2014-07-08 17:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-17 16:56 - 2014-07-08 17:58 - 00000000 ____D () C:\Users\Todos os Usuários\Apple
2014-11-17 16:56 - 2014-07-08 17:58 - 00000000 ____D () C:\ProgramData\Apple
2014-11-17 16:53 - 2014-10-10 13:57 - 00003492 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Update
2014-11-17 16:53 - 2014-10-10 13:57 - 00003474 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Engine
2014-11-17 16:53 - 2014-10-10 13:57 - 00003300 _____ () C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2014-11-17 16:53 - 2014-10-03 15:22 - 00003182 _____ () C:\Windows\System32\Tasks\{A2AF8A23-1A98-47FD-B65B-41922D215EB8}
2014-11-17 01:31 - 2014-11-03 12:53 - 00000004 _____ () C:\Users\Gustavo\AppData\Roaming\appdataFr2.bin
2014-11-17 01:23 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Roaming\Apple Computer
2014-11-17 01:23 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Apple Computer
2014-11-14 20:45 - 2013-08-22 12:44 - 05183504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-14 20:43 - 2013-08-22 13:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 20:42 - 2013-08-22 13:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-14 20:40 - 2014-06-26 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-14 20:40 - 2014-06-26 14:17 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-11-14 20:40 - 2014-06-26 14:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 20:38 - 2014-06-29 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 20:29 - 2014-06-29 01:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 14:01 - 2014-07-16 17:35 - 00000000 ____D () C:\Users\Todos os Usuários\Razer
2014-11-13 14:01 - 2014-07-16 17:35 - 00000000 ____D () C:\ProgramData\Razer
2014-11-13 12:12 - 2013-08-22 11:25 - 00000199 _____ () C:\Windows\win.ini
2014-11-10 13:38 - 2014-10-28 21:53 - 00000000 ____D () C:\Program Files\EZBlocker
2014-11-10 13:38 - 2014-06-27 21:12 - 00000000 ____D () C:\Users\Gustavo\AppData\Local\Eric_Zhang
2014-11-07 15:42 - 2014-07-11 18:19 - 00000000 ____D () C:\Users\Todos os Usuários\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-07 15:42 - 2014-07-11 18:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-28 12:17
 
==================== End Of Log ============================


#10 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 08 December 2014 - 08:13 AM

Hello steingt,

do you still get popups?
 

---


Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs: (Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 steingt

steingt
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:41 PM

Posted 08 December 2014 - 08:33 AM

It has been awhile since I last got a popup. I'll test it out for a couple of days and let you know if I get them back. Thank you very much for all your help =)



#12 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 10 December 2014 - 08:15 AM

how are things going?


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:41 AM

Posted 16 December 2014 - 07:25 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users