Ir ao conteúdo
  • Cadastre-se
alexspa

RESOLVIDO Remover ShopGlider Deals

Recommended Posts

Estou com um vírus que fica dando anúncios e algumas vezes abre propagandas.
As propagandas que abrem tem como título ShopGlider Deals, já tentei muitas coisas e mesmo assim não consegui remover.
Uso o Anti-vírus da Microsoft Defender para Windows 8, já passei o Avast, AVG, Avira, MalwareBytes Premium, AdwCleaner, JRT e SpyBot.

Não consegui gerar log do GMER pois rodava +/- 30min e o notebook desligava (tentei 3x), tenho logs também do AdwCleaner e do JRT.

Desde já agradeço a todos.

 

Log dds.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64


Internet Explorer: 11.0.9600.17278
Run by Alex at 21:38:56 on 2014-10-14
Microsoft Windows 8.1 Pro 6.3.9600.0.1252.55.1046.18.2871.1425 [GMT -3:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Windows\System32\skydrive.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe

 

Log attach.txt

 

.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8.1 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 01/02/2014 22:58:21
System Uptime: 13/10/2014 21:26:21 (24 hours ago)
.
Motherboard: Acer | | Aspire 5733
Processor: Intel® Core i3 CPU M 380 @ 2.53GHz | CPU | 933/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 211,519 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP38: 23/09/2014 12:54:44 - Windows Update
RP39: 02/10/2014 15:41:02 - Ponto de Verificação Agendado
RP40: 13/10/2014 20:18:43 - Installed SpyHunter
.
==== Installed Programs ======================
.
Adobe Flash Player 15 Plugin
Age of Empires II HD
Age of Empires II HD © Microsoft Studios version 1
Age of Empires III
Ares 2.2.8
aTube Catcher
BlueStacks App Player
BlueStacks Notification Center
CCleaner
CyberLink InstantBurn
CyberLink Media Suite
CyberLink Power2Go
CyberLink PowerDVD 10
D3DX10
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
Doro 1.86
Dropbox
ETDWare PS/2-X64 11.6.11.002_WHQL
Everything 1.2.1.371
Facebook Video Calling 3.1.0.521
Free AVI Video Converter version 5.0.32.1230
Free Download Manager 3.9.3
GBBD Caixa Economica Federal
Google Chrome
Google Drive
Google Earth Plug-in
Google Update Helper
Intel® Management Engine Components
Java 7 Update 25 (64-bit)
Lexmark 1200 Series
Malwarebytes Anti-Malware versão 2.0.3.1025
Microsoft Access MUI (Portuguese (Brazil)) 2013
Microsoft Application Error Reporting
Microsoft DCF MUI (Portuguese (Brazil)) 2013
Microsoft Excel MUI (Portuguese (Brazil)) 2013
Microsoft Groove MUI (Portuguese (Brazil)) 2013
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013
Microsoft Lync MUI (Portuguese (Brazil)) 2013
Microsoft Office 64-bit Components 2013
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (Portuguese (Brazil)) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2013
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013
Microsoft OneDrive
Microsoft OneNote MUI (Portuguese (Brazil)) 2013
Microsoft Outlook MUI (Portuguese (Brazil)) 2013
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013
Microsoft Publisher MUI (Portuguese (Brazil)) 2013
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Word MUI (Portuguese (Brazil)) 2013
Mozilla Firefox 29.0.1 (x86 pt-BR)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
Oracle VM VirtualBox 4.3.0
Photo Common
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Revisores de Texto do Microsoft Office 2013 – Português do Brasil
RollerCoaster Tycoon 3 Platinum
Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition
Skype™ 6.16
Synaptics Pointing Device Driver
TeamViewer 9
Update for Microsoft Excel 2013 (KB2889861) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881004) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881039) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881081) 32-Bit Edition
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition
Update for Microsoft Office 2013 (KB2889848) 32-Bit Edition
Update for Microsoft Office 2013 (KB2889942) 32-Bit Edition
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2986204) 32-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2837632) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition
Update for Microsoft Word 2013 (KB2889852) 32-Bit Edition
Windows Essentials Media Codec Pack 4.0 [64-Bit]
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (32-bit)
.
==== End Of File ===========================

post-514994-0-64579800-1413336499_thumb.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá alexspa,

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.
 
Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Os logs do DDS estão incompletos.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não havia visto que tinha copiado apenas uma parte, segue log agora completo.

 

Log DDs.txt 

DDS (Ver_2012-11-20.01) - NTFS_AMD64


Internet Explorer: 11.0.9600.17278
Run by Alex at 21:38:56 on 2014-10-14
Microsoft Windows 8.1 Pro 6.3.9600.0.1252.55.1046.18.2871.1425 [GMT -3:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Windows\System32\skydrive.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Everything\Everything.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\System32\SettingSyncHost.exe
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = about:blank
mStart Page = about:blank
mSearch Page = www.google.com
mDefault_Page_URL = about:blank
mDefault_Search_URL = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
uRun: [skyDrive] "C:\Users\Alex\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [Facebook Update] "C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
uRun: [Google Update] "C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [DoroServer] C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
mRun: [instantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
mRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
StartupFolder: C:\Users\Alex\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: Baixar com o Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{032F6ECA-24E8-4D2A-BEE8-E40C5389B47B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8DF708D3-DC2B-4CBC-8ABF-0A8EA24AA79D} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck -
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = www.google.com
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = www.google.com
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [lxczbmgr.exe] "C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe"
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} -
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck -
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\Alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
FF - plugin: C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll
FF - plugin: C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Driver Intel® Power Engine Plug-in;C:\WINDOWS\System32\drivers\intelpep.sys [2014-2-1 39768]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2014-4-26 157016]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 Bfilter;Baidu Antivirus Minifilter Driver;C:\WINDOWS\System32\drivers\Bfilter.sys [2014-2-15 52032]
R1 Bfmon;Baidu FS Monitor Driver;C:\WINDOWS\System32\drivers\Bfmon.sys [2014-2-15 34624]
R1 Bprotect;Baidu Protect;C:\WINDOWS\System32\drivers\Bprotect.sys [2014-2-15 128992]
R1 CLBStor;InstantBurn Storage Helper Driver;C:\WINDOWS\System32\drivers\CLBStor.sys [2013-8-3 24560]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-5-1 123152]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;C:\WINDOWS\System32\drivers\CLBUDF.sys [2013-8-3 377840]
R2 mbamchameleon;mbamchameleon;C:\WINDOWS\System32\drivers\mbamchameleon.sys [2014-9-24 93400]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-4-10 4799760]
R3 HECIx64;Intel® Management Engine Interface;C:\WINDOWS\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\drivers\k57nd60a.sys [2013-8-22 425984]
R3 NcbService;Agente de Conexão de Rede;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Enumerador de Adaptador de Rede Virtual Microsoft;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-10-19 43832]
R3 WdNisDrv;Driver do Sistema de Inspeção de Rede do Windows Defender;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2014-5-14 123224]
R3 WdNisSvc;Serviço de Inspeção de Rede do Windows Defender;C:\Program Files\Windows Defender\NisSrv.exe [2014-5-14 347880]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-24 1871160]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-13 968504]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;Preparação de Aplicativos;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;Serviço de Implantação AppX (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 ETD;ELAN PS/2 Port Input Device;C:\WINDOWS\System32\drivers\ETD.sys [2012-10-18 328592]
S3 iaLPSSi_GPIO;Driver de Controlador Intel® Serial IO GPIO;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Controlador SATA RAID Intel® para Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Serviço Coletor ETW do Internet Explorer;C:\WINDOWS\System32\ieetwcollector.exe [2014-6-10 111616]
S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbldfltr.sys [2013-11-14 22272]
S3 lfsvc;Serviço de Estrutura de Localização do Windows;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2014-9-24 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2014-9-24 64216]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2014-4-26 924504]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2013-7-31 252048]
S3 ScDeviceEnum;Serviço de Enumeração de Dispositivo de Cartão Inteligente;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2014-2-1 146776]
S3 smphost;SMP de Espaços de Armazenamento da Microsoft;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\System32\drivers\ssadbus.sys [2014-9-4 157672]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 stornvme;Driver Microsoft Padrão NVM Express;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-14 57176]
S3 UEFI;Driver UEFI da Microsoft;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-11-14 129536]
S3 vmicguestinterface;Interface de Serviço de Convidado do Hyper-V;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WEPHOSTSVC;Serviço de Host do Provedor de Criptografia do Windows;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Pastas de Trabalho;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-8-13 227840]
S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-5-1 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-5-1 385808]
S4 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-5-1 774928]
S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-7-31 2451456]
S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S4 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-7-31 2320920]
.
=============== Created Last 30 ================
.
2014-10-14 23:50:53 -------- d-----w- C:\WINDOWS\ERUNT
2014-10-14 23:02:13 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BBA1997-EFCE-4771-A88D-EA9C8AF6069A}\mpengine.dll
2014-10-14 01:51:11 -------- d-----w- C:\Program Files\CCleaner
2014-10-13 23:20:20 -------- d-----w- C:\Program Files\Enigma Software Group
2014-10-13 23:18:17 -------- d-----w- C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-13 23:18:12 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-10-13 17:16:48 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-10-12 19:22:46 269992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2014-10-02 19:00:11 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-10-01 15:40:31 1188440 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{59488E92-61BA-4DBD-9CBD-00268D76738E}\gapaengine.dll
2014-09-25 16:36:00 7683792 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-09-25 16:36:00 7447224 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-09-25 16:30:18 5646032 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-09-25 16:30:18 5353664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-09-24 23:59:28 129752 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2014-09-24 23:59:03 93400 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-09-24 23:59:03 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2014-09-24 23:59:03 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2014-09-24 23:59:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-24 23:54:26 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-20 02:51:46 -------- d-----w- C:\WINDOWS\pss
2014-09-17 23:16:25 -------- d-----w- C:\Users\Alex\AppData\Local\Adobe
2014-09-17 17:29:56 61088 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\pt-br\Microsoft.Excel.AdomdClient.resources.dll
2014-09-17 17:29:56 52904 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\pt-br\Microsoft.Excel.Xmla.resources.dll
2014-09-17 17:29:56 20648 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\pt-br\Microsoft.Excel.Streaming.resources.dll
2014-09-17 17:29:56 192168 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\pt-br\Microsoft.Excel.Amo.resources.dll
2014-09-16 16:49:58 9656488 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\msmgdsrv_xl.dll
2014-09-16 16:49:58 7438496 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\msolap110_xl.dll
2014-09-16 16:49:58 57349280 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\msmdlocal_xl.dll
2014-09-16 16:49:58 24508072 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\xmsrv_xl.dll
2014-09-16 16:49:58 203424 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrw_xl.dll
2014-09-16 16:49:58 148136 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrwbin_xl.dll
2014-09-16 06:55:30 650912 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.AdomdClient.dll
2014-09-16 06:55:30 1482408 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.Amo.dll
2014-09-16 03:41:59 1600000 ----a-w- C:\WINDOWS\System32\workfolderssvc.dll
2014-09-16 03:40:58 92160 ----a-w- C:\WINDOWS\System32\dab.dll
2014-09-16 03:35:59 146752 ----a-w- C:\WINDOWS\System32\drivers\msgpioclx.sys
.
==================== Find3M ====================
.
2014-09-29 22:45:58 706016 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-09-29 22:45:58 105440 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-09-22 06:42:39 278152 ------w- C:\WINDOWS\System32\MpSigStub.exe
2014-09-11 14:26:37 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2014-09-11 14:26:34 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2014-09-11 14:26:32 48640 ----a-w- C:\WINDOWS\System32\ieetwproxystub.dll
2014-09-11 14:26:32 4096 ----a-w- C:\WINDOWS\System32\ieetwcollectorres.dll
2014-09-11 14:26:32 111616 ----a-w- C:\WINDOWS\System32\ieetwcollector.exe
2014-09-11 14:26:31 51200 ----a-w- C:\WINDOWS\SysWow64\ieetwproxystub.dll
2014-09-11 14:26:31 139264 ----a-w- C:\WINDOWS\System32\ieUnatt.exe
2014-09-11 14:26:30 112128 ----a-w- C:\WINDOWS\SysWow64\ieUnatt.exe
2014-09-11 14:26:29 61952 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2014-09-11 14:26:28 66048 ----a-w- C:\WINDOWS\System32\iesetup.dll
2014-09-09 17:31:53 17903792 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
2014-09-05 02:36:23 97280 ----a-w- C:\WINDOWS\System32\aepic.dll
2014-09-05 02:31:58 527360 ----a-w- C:\WINDOWS\System32\aeinv.dll
2014-09-05 00:48:14 738816 ----a-w- C:\WINDOWS\System32\aepdu.dll
2014-08-23 07:48:28 2374784 ----a-w- C:\WINDOWS\explorer.exe
2014-08-23 07:13:24 2084520 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2014-08-23 06:10:58 68096 ----a-w- C:\WINDOWS\System32\UXInit.dll
2014-08-23 05:32:39 50176 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2014-08-23 04:44:37 2860032 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2014-08-23 04:34:00 13423104 ----a-w- C:\WINDOWS\System32\twinui.dll
2014-08-23 04:33:24 796672 ----a-w- C:\WINDOWS\System32\uDWM.dll
2014-08-23 04:31:32 1038336 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2014-08-23 04:20:49 11818496 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2014-08-23 00:42:19 4148224 ----a-w- C:\WINDOWS\System32\win32k.sys
2014-08-16 02:00:16 5833728 ----a-w- C:\WINDOWS\System32\jscript9.dll
2014-08-16 01:56:06 547328 ----a-w- C:\WINDOWS\System32\vbscript.dll
2014-08-16 01:54:40 83968 ----a-w- C:\WINDOWS\System32\MshtmlDac.dll
2014-08-16 01:45:12 4232704 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2014-08-16 01:43:34 758272 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2014-08-16 01:25:28 72704 ----a-w- C:\WINDOWS\System32\JavaScriptCollectionAgent.dll
2014-08-16 01:22:35 454656 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2014-08-16 01:20:18 61952 ----a-w- C:\WINDOWS\SysWow64\MshtmlDac.dll
2014-08-16 01:11:26 597504 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2014-08-16 01:03:45 2104832 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2014-08-16 00:58:45 60416 ----a-w- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
2014-08-16 00:56:32 2310656 ----a-w- C:\WINDOWS\System32\wininet.dll
2014-08-16 00:44:59 2014208 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2014-08-16 00:20:06 1812992 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2014-08-13 17:13:55 428888 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS
2014-08-07 02:12:27 1336624 ----a-w- C:\WINDOWS\System32\gdi32.dll
2014-08-02 03:56:08 1064448 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2014-08-02 03:11:49 918528 ----a-w- C:\WINDOWS\System32\MrmCoreR.dll
2014-08-02 00:18:31 1212928 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2014-07-30 01:56:08 299520 ----a-w- C:\WINDOWS\System32\WSDMon.dll
2014-07-29 05:22:47 205824 ----a-w- C:\WINDOWS\System32\tcpmon.dll
2014-07-24 15:28:38 468288 -c--a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2014-07-24 15:28:38 419648 -c--a-w- C:\WINDOWS\System32\drivers\usbhub.sys
2014-07-24 15:28:38 412992 -c--a-w- C:\WINDOWS\System32\drivers\spaceport.sys
2014-07-24 15:28:38 143680 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys
2014-07-24 15:28:35 280384 -c--a-w- C:\WINDOWS\System32\drivers\pci.sys
2014-07-24 15:23:21 1519488 ----a-w- C:\WINDOWS\System32\user32.dll
2014-07-24 15:23:21 125472 ----a-w- C:\WINDOWS\System32\dwmapi.dll
2014-07-24 15:20:37 645592 ----a-w- C:\WINDOWS\System32\SHCore.dll
2014-07-24 15:20:37 263400 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2014-07-24 15:16:25 2574208 ----a-w- C:\WINDOWS\System32\WMVDECOD.DLL
2014-07-24 15:16:24 211216 ----a-w- C:\WINDOWS\System32\SndVol.exe
2014-07-24 15:07:53 7424320 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2014-07-24 15:07:52 2009920 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2014-07-24 15:05:56 1660048 ----a-w- C:\WINDOWS\System32\winload.efi
2014-07-24 15:05:56 1519560 ----a-w- C:\WINDOWS\System32\winload.exe
2014-07-24 15:05:56 1488008 ----a-w- C:\WINDOWS\System32\winresume.efi
2014-07-24 15:05:56 1356840 ----a-w- C:\WINDOWS\System32\winresume.exe
2014-07-24 15:03:56 882136 ----a-w- C:\WINDOWS\System32\mfplat.dll
2014-07-24 15:03:55 818624 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
2014-07-24 15:03:55 233888 ----a-w- C:\WINDOWS\System32\mfps.dll
2014-07-24 15:03:54 2141920 ----a-w- C:\WINDOWS\System32\mfcore.dll
2014-07-24 15:03:53 360480 ----a-w- C:\WINDOWS\System32\mfreadwrite.dll
2014-07-24 15:03:53 205512 ----a-w- C:\WINDOWS\System32\mftranscode.dll
2014-07-24 14:57:08 475968 ----a-w- C:\WINDOWS\System32\drivers\netio.sys
2014-07-24 14:57:08 2515264 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2014-07-24 13:50:07 98048 ----a-w- C:\WINDOWS\SysWow64\dwmapi.dll
2014-07-24 13:48:15 2410976 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2014-07-24 13:48:15 180208 ----a-w- C:\WINDOWS\SysWow64\SndVol.exe
2014-07-24 13:46:50 477200 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2014-07-24 13:36:22 707536 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2014-07-24 13:36:22 674512 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2014-07-24 13:36:20 355800 ----a-w- C:\WINDOWS\SysWow64\mfreadwrite.dll
2014-07-24 13:36:20 2145472 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2014-07-24 13:36:20 180720 ----a-w- C:\WINDOWS\SysWow64\mftranscode.dll
2014-07-24 13:29:45 2406400 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2014-07-24 11:51:24 7168 ----a-w- C:\WINDOWS\System32\KBDYAK.DLL
2014-07-24 11:51:22 7168 ----a-w- C:\WINDOWS\System32\KBDTT102.DLL
2014-07-24 11:51:18 8192 ----a-w- C:\WINDOWS\System32\KBDRUM.DLL
2014-07-24 11:51:05 7168 ----a-w- C:\WINDOWS\System32\KBDBASH.DLL
2014-07-24 11:47:55 132608 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2014-07-24 11:46:02 79872 ----a-w- C:\WINDOWS\System32\drivers\IPMIDrv.sys
2014-07-24 11:45:39 76800 -c--a-w- C:\WINDOWS\System32\drivers\hdaudbus.sys
2014-07-24 11:44:22 674816 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2014-07-24 11:43:29 412160 ----a-w- C:\WINDOWS\System32\drivers\srv.sys
2014-07-24 11:42:22 126464 ----a-w- C:\WINDOWS\System32\drivers\NdisImPlatform.sys
2014-07-24 11:42:14 446976 ----a-w- C:\WINDOWS\System32\drivers\nwifi.sys
2014-07-24 11:41:23 115712 ----a-w- C:\WINDOWS\System32\drivers\bridge.sys
2014-07-24 11:22:12 308736 ----a-w- C:\WINDOWS\System32\compstui.dll
2014-07-24 11:06:38 220160 ----a-w- C:\WINDOWS\System32\iasnap.dll
2014-07-24 11:05:59 226816 ----a-w- C:\WINDOWS\System32\WebClnt.dll
2014-07-24 11:05:37 287232 ----a-w- C:\WINDOWS\System32\usbmon.dll
2014-07-24 11:04:36 141312 ----a-w- C:\WINDOWS\System32\wbem\netswitchteamcim.dll
.
============= FINISH: 21:39:40,19 ===============

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.
 
Baixe 51a612a8b27e2-Zoek.png Zoek.exe (por Smeenk) e salve na sua área de trabalho.
 
Execute o arquivo Zoek.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em execadmin.png.

Selecione estas linhas dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar. emptyclsid;
 


emptyclsid;resetieproxy;ffdefaults;msconfigcheck;autoclean;resethosts;shortcutfix;systemspecs;chrdefaults; 

Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


Clique [Run Script]

Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.

Uma cópia também será salva no seu disco local com o nome zoek-results.txt

Anexe o zoek-results.txt na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Log zoek-results.txt


Zoek.exe v5.0.0.0 Updated 14-10-2014
Tool run by Alex on 15/10/2014 at 16:00:03,99.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alex\Desktop\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

15/10/2014 16:01:45 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default\prefs.js:

Added to C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Alex\AppData\Roaming\Nvu\Profiles\y7urs0me.default\prefs.js:

Added to C:\Users\Alex\AppData\Roaming\Nvu\Profiles\y7urs0me.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\WPM deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\Alex\AppData\Roaming\unins000.exe deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 2871 MB
CPU Info: Intel® Core i3 CPU M 380 @ 2.53GHz
CPU Speed: 2539,9 MHz
Sound Card: Alto-falantes (Realtek High Def |
Display Adapters: Intel® HD Graphics | Intel® HD Graphics
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Adaptador Virtual Direto Wi-Fi da Microsoft | Qualcomm Atheros AR5B125 Wireless Network Adapter | Broadcom NetLink Ethernet | VirtualBox Host-Only Ethernet Adapter
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A8SH
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 297,7GB
Hard Disks - Free: C: 218,3GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 05/19/12 | ACRSYS - 1
Time Zone: Hora oficial do Brasil
Motherboard *: Acer Aspire 5733
Country: Brasil
Language: PTB

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 37.0.2062.124
Internet Explorer Version: 11.0.9600.17278
Mozilla Firefox version: 29.0.1 (x86 pt-BR)
Google Chrome version: 37.0.2062.124
Sun Java version: 1.7.0_25 (64-bit)
Flash Player version: 15.0.0.152

==== Firefox Extensions ======================

ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org

ProfilePath: C:\Users\Alex\AppData\Roaming\Nvu\Profiles\y7urs0me.default
- Undetermined - %ProfilePath%\extensions\installed-extensions.txt
- Nvu default - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
785105A23650755A8F7A72405EB0D923 - C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
29B5096C332ECE24A72024212A2282EF - C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
6405D35B002039122117B4EAD3EDD8BD - C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal


==== Chromium Look ======================

Wargame 1942 - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\egndkcdmahjocjildkpebbbdlkggnfoa
Google Play - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi
Angry Birds - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nllkkflncainlmehooebdaodggehpknh
GBBD Caixa Economica Federal - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Quebrador de Links - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla
Outlook.com - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge
Desert Operations - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppakkfppmalpenodhgcdidekcbnlddcg

==== Chromium Fix ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.msn.com/?ocid=oa-skypebr-2014"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.msn.com/?ocid=oa-skypebr-2014"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Alex\Desktop\Dropbox.lnk - C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Alex\Desktop\File Explorer.lnk -
C:\Users\Alex\Desktop\Google Drive.lnk - C:\Users\Alex\Google Drive
C:\Users\Alex\Desktop\Photoshop CS3.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Users\Alex\Desktop\RCT3plus - Atalho.lnk - C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3 Platinum\RCT3plus.exe
C:\Users\Alex\Desktop\Start BlueStacks.lnk - C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - MFill.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe mfill
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - MSync.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe msync
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - NoMusic.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe nomusic
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - NormalMouse.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe normalmouse
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - NoSC.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe nosc
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - NoSound.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe nosound
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - NoStartup.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe nostartup
C:\Users\Alex\Desktop\AOE\Support\The Conquerors - NoTerrainSound.lnk - C:\games\age2fin\Age2_X1\age2_x1.Exe noterrainsound

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Age of Empires II HD.lnk - C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
C:\Users\Public\Desktop\Age of Empires III.lnk - C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe
C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
C:\Users\Public\Desktop\Free AVI Video Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free AVI Video Converter\FreeAVIVideoConverter.exe
C:\Users\Public\Desktop\Google Chrome.lnk -
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II HD\Desinstalar Age of Empires II HD.lnk - C:\Program Files (x86)\Age of Empires II HD\Remover.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\RCT3plus - Atalho.lnk - C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3 Platinum\RCT3plus.exe
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=125 folders=27 13228192 bytes)

==== Empty Temp Folders ======================

C:\Users\Alex\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Alex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 15/10/2014 at 17:10:45,74 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Farbar Recovery Scan Tool e salve na sua área de trabalho.
32 bit (x86) ou 64 bit (x64)

Dê um duplo-clique para executar a ferramenta. Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Anexe os logs na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Os logs ficaram muitos grandes, vou tentar postar 2x seguidas.

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014


Ran by Alex (administrator) on ALEX on 16-10-2014 19:41:51
Running from C:\Users\Alex\Desktop
Loaded Profile: Alex (Available profiles: Alex)
Platform: Windows 8.1 Pro (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Everything\Everything.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-10-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-09-13] (Synaptics Incorporated)
HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-12] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [196608 2013-09-05] (CompSoft)
HKLM-x32\...\Run: [instantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [701736 2011-06-27] (CyberLink Corporation.)
HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1466549890-2579602772-327873444-1001\...\Run: [skyDrive] => C:\Users\Alex\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-1466549890-2579602772-327873444-1001\...\Run: [Facebook Update] => C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-06] (Facebook Inc.)
HKU\S-1-5-21-1466549890-2579602772-327873444-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1466549890-2579602772-327873444-1001\...\Run: [ares] => C:\Program Files (x86)\Ares\Ares.exe [2758656 2014-03-28] (Seekar Ltd)
HKU\S-1-5-21-1466549890-2579602772-327873444-1001\...\Run: [Google Update] => C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-01] (Google Inc.)
HKU\S-1-5-21-1466549890-2579602772-327873444-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.msn.com/?ocid=oa-skypebr-2014
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8DF708D3-DC2B-4CBC-8ABF-0A8EA24AA79D}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: http://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/cef -> C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml

Chrome:
=======
CHR HomePage: Default -> https://www.google.com.br/
CHR StartupUrls: Default -> "https://www.google.com.br/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-15]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-30]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-30]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-30]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-24]
CHR Extension: (Pesquisa do Google) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-30]
CHR Extension: (Ajudante de Download de vídeo) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm [2014-08-24]
CHR Extension: (Wargame 1942) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\egndkcdmahjocjildkpebbbdlkggnfoa [2014-08-24]
CHR Extension: (Planilhas do Google) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-15]
CHR Extension: (Google Play) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-08-24]
CHR Extension: (Google Maps) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-08-24]
CHR Extension: (Quebrador de Links) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla [2014-08-24]
CHR Extension: (Outlook.com) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-08-24]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-30]
CHR Extension: (Desert Operations) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppakkfppmalpenodhgcdidekcbnlddcg [2014-08-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S4 lxcz_device; C:\WINDOWS\system32\lxczcoms.exe [566192 2007-04-19] ( )
S4 lxcz_device; C:\WINDOWS\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [52032 2014-02-27] (Baidu, Inc.)
R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [34624 2014-02-27] (Baidu, Inc.)
R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2011-06-27] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [377840 2011-06-27] (CyberLink Corporation.)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-13] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 19:41 - 2014-10-16 19:42 - 00017406 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-10-16 19:41 - 2014-10-16 19:41 - 00000000 ____D () C:\FRST
2014-10-16 19:40 - 2014-10-16 19:40 - 02112000 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-10-15 16:31 - 2014-10-15 15:59 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-10-15 16:24 - 2014-10-15 17:10 - 00000000 ____D () C:\zoek
2014-10-15 16:01 - 2014-10-15 17:10 - 00017821 _____ () C:\zoek-results.log
2014-10-15 15:57 - 2014-10-15 16:28 - 00000000 ____D () C:\zoek_backup
2014-10-14 21:59 - 2014-10-14 21:59 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-14 21:59 - 2014-10-14 21:59 - 00000000 _____ () C:\WINDOWS\Minidump\101414-75312-01.dmp
2014-10-14 21:58 - 2014-10-15 16:55 - 00001140 _____ () C:\WINDOWS\PFRO.log
2014-10-14 21:58 - 2014-10-14 21:58 - 434643812 _____ () C:\WINDOWS\MEMORY.DMP
2014-10-14 21:31 - 2014-10-16 19:39 - 00000000 ____D () C:\Users\Alex\Desktop\clubdohardware
2014-10-14 20:50 - 2014-10-14 20:50 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-14 20:15 - 2014-10-14 20:17 - 12500494 _____ () C:\Users\Alex\Desktop\outwear.rar
2014-10-14 19:43 - 2014-09-27 19:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-14 19:43 - 2014-09-08 00:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-14 19:43 - 2014-09-07 22:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-14 19:43 - 2014-09-07 22:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-14 19:43 - 2014-09-07 21:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-14 19:43 - 2014-09-07 21:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-14 19:43 - 2014-09-07 21:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-14 19:43 - 2014-09-07 21:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-14 19:43 - 2014-09-07 21:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-14 19:43 - 2014-09-07 21:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-14 19:43 - 2014-09-07 21:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-14 19:43 - 2014-09-07 20:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-14 19:43 - 2014-09-07 20:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-14 19:43 - 2014-09-07 20:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-14 19:43 - 2014-09-07 20:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-14 19:43 - 2014-09-03 21:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-14 19:43 - 2014-09-03 20:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-14 19:43 - 2014-09-03 20:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-14 19:42 - 2014-09-13 03:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-14 19:42 - 2014-09-13 02:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-14 19:42 - 2014-08-28 22:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-14 19:42 - 2014-08-28 20:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-14 19:42 - 2014-08-28 20:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-14 19:41 - 2014-09-25 19:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-14 19:41 - 2014-09-25 19:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-14 19:41 - 2014-09-25 19:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-14 19:41 - 2014-09-25 19:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-14 19:41 - 2014-09-18 23:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-14 19:41 - 2014-09-18 22:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-14 19:41 - 2014-09-18 22:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-14 19:41 - 2014-09-18 22:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-14 19:41 - 2014-09-18 22:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-14 19:41 - 2014-09-18 21:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-14 19:41 - 2014-09-18 21:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-14 19:41 - 2014-09-18 21:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-14 19:41 - 2014-09-18 21:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-14 19:41 - 2014-09-18 21:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-14 19:41 - 2014-09-18 20:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-14 19:41 - 2014-09-18 20:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-14 19:40 - 2014-09-25 19:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-14 19:40 - 2014-09-25 19:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-14 19:40 - 2014-09-18 22:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-14 19:40 - 2014-09-18 22:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-14 19:40 - 2014-09-18 22:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-14 19:40 - 2014-09-18 22:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-14 19:40 - 2014-09-18 22:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-14 19:40 - 2014-09-18 21:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-14 19:40 - 2014-09-18 21:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-14 19:40 - 2014-09-18 21:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-14 19:40 - 2014-09-18 21:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-14 19:40 - 2014-09-18 21:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-14 19:40 - 2014-09-18 20:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-14 19:40 - 2014-09-18 20:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-14 19:40 - 2014-09-03 21:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-14 19:40 - 2014-09-03 21:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-14 19:39 - 2014-08-16 01:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-14 19:39 - 2014-08-16 01:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-14 19:39 - 2014-08-16 01:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-14 19:39 - 2014-08-16 00:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-14 19:39 - 2014-08-16 00:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-14 19:39 - 2014-08-16 00:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-14 19:39 - 2014-08-16 00:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-14 19:39 - 2014-08-16 00:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-14 19:39 - 2014-08-16 00:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-14 19:39 - 2014-08-15 22:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-14 19:39 - 2014-08-15 22:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-14 19:39 - 2014-08-15 21:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-14 19:39 - 2014-08-15 21:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-14 19:39 - 2014-08-15 21:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-14 19:39 - 2014-08-15 21:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-14 19:39 - 2014-08-15 21:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-14 19:39 - 2014-08-15 21:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-14 19:39 - 2014-08-15 21:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-14 19:39 - 2014-08-15 21:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-14 19:39 - 2014-08-15 21:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-14 19:39 - 2014-08-15 21:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-14 19:39 - 2014-08-15 21:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-14 19:39 - 2014-08-15 21:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-14 19:39 - 2014-08-15 21:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-14 19:39 - 2014-08-15 21:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-14 19:39 - 2014-08-15 21:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-14 19:39 - 2014-08-15 21:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-14 19:39 - 2014-08-15 21:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-14 19:39 - 2014-08-15 21:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-14 19:39 - 2014-08-15 21:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-14 19:39 - 2014-08-15 21:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-14 19:39 - 2014-08-15 21:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-14 19:39 - 2014-08-15 21:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-14 19:39 - 2014-08-15 21:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-14 19:39 - 2014-07-31 20:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-14 19:38 - 2014-10-09 19:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-14 19:38 - 2014-10-08 19:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-14 19:37 - 2014-09-18 22:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-14 19:37 - 2014-09-13 03:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-14 19:37 - 2014-09-13 02:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-14 19:04 - 2014-10-16 19:40 - 01425800 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 22:51 - 2014-10-13 22:51 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-13 22:51 - 2014-10-13 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-13 22:51 - 2014-10-13 22:51 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-13 20:21 - 2014-10-13 20:21 - 00000000 _____ () C:\autoexec.bat
2014-10-13 20:20 - 2014-10-13 20:20 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-13 20:18 - 2014-10-13 22:49 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-29 20:45 - 2014-09-29 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II HD
2014-09-29 20:39 - 2014-09-29 20:42 - 00000000 ____D () C:\Users\Alex\Downloads\tradutor aoe hd
2014-09-24 22:53 - 2014-10-16 16:46 - 00003034 _____ () C:\lxcz.log
2014-09-24 20:59 - 2014-10-16 19:35 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 20:59 - 2014-10-13 21:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-24 20:59 - 2014-10-13 20:22 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-24 20:59 - 2014-10-13 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-24 20:59 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-24 20:59 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-24 20:59 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-19 23:51 - 2014-09-19 23:51 - 00000000 ____D () C:\WINDOWS\pss
2014-09-17 20:16 - 2014-09-17 20:16 - 00000000 ____D () C:\Users\Alex\AppData\Local\Adobe
2014-09-16 00:42 - 2014-08-23 04:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-16 00:42 - 2014-08-23 04:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-16 00:42 - 2014-08-23 03:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-16 00:42 - 2014-08-23 02:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-16 00:42 - 2014-08-23 01:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-16 00:42 - 2014-08-23 01:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-16 00:42 - 2014-08-23 01:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-16 00:42 - 2014-08-23 01:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-16 00:42 - 2014-08-23 01:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-16 00:42 - 2014-07-29 22:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-16 00:42 - 2014-07-29 02:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-16 00:42 - 2014-07-24 12:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-16 00:42 - 2014-07-24 12:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-16 00:42 - 2014-07-24 10:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-16 00:42 - 2014-07-24 06:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-16 00:42 - 2014-07-24 06:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-16 00:42 - 2014-07-24 05:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-16 00:42 - 2014-07-24 05:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-16 00:42 - 2014-07-24 04:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-16 00:42 - 2014-06-14 03:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-16 00:42 - 2014-06-14 02:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-16 00:41 - 2014-07-24 12:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-16 00:41 - 2014-07-24 12:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-16 00:41 - 2014-07-24 12:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-16 00:41 - 2014-07-24 12:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-16 00:41 - 2014-07-24 12:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-16 00:41 - 2014-07-24 12:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-16 00:41 - 2014-07-24 12:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-16 00:41 - 2014-07-24 12:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-16 00:41 - 2014-07-24 12:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-16 00:41 - 2014-07-24 12:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-16 00:41 - 2014-07-24 12:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-16 00:41 - 2014-07-24 12:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-16 00:41 - 2014-07-24 12:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-16 00:41 - 2014-07-24 12:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-16 00:41 - 2014-07-24 12:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-16 00:41 - 2014-07-24 12:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-16 00:41 - 2014-07-24 12:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-16 00:41 - 2014-07-24 12:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-16 00:41 - 2014-07-24 12:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-16 00:41 - 2014-07-24 12:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-16 00:41 - 2014-07-24 12:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-16 00:41 - 2014-07-24 11:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-16 00:41 - 2014-07-24 10:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-16 00:41 - 2014-07-24 10:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-16 00:41 - 2014-07-24 10:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-16 00:41 - 2014-07-24 10:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-16 00:41 - 2014-07-24 10:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-16 00:41 - 2014-07-24 10:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-16 00:41 - 2014-07-24 10:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-16 00:41 - 2014-07-24 10:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-16 00:41 - 2014-07-24 08:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-16 00:41 - 2014-07-24 08:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-16 00:41 - 2014-07-24 08:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-16 00:41 - 2014-07-24 08:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-16 00:41 - 2014-07-24 08:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-16 00:41 - 2014-07-24 08:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-16 00:41 - 2014-07-24 08:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-16 00:41 - 2014-07-24 08:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-16 00:41 - 2014-07-24 08:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-16 00:41 - 2014-07-24 08:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-16 00:41 - 2014-07-24 07:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-16 00:41 - 2014-07-24 07:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-16 00:41 - 2014-07-24 07:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-16 00:41 - 2014-07-24 07:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-16 00:41 - 2014-07-24 07:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-16 00:41 - 2014-07-24 07:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-16 00:41 - 2014-07-24 07:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-16 00:41 - 2014-07-24 07:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-16 00:41 - 2014-07-24 07:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-16 00:41 - 2014-07-24 06:54 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2014-09-16 00:41 - 2014-07-24 06:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-16 00:41 - 2014-07-24 06:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-16 00:41 - 2014-07-24 06:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-16 00:41 - 2014-07-24 06:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-16 00:41 - 2014-07-24 06:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-16 00:41 - 2014-07-24 06:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-16 00:41 - 2014-07-24 06:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-16 00:41 - 2014-07-24 06:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-16 00:41 - 2014-07-24 06:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-16 00:41 - 2014-07-24 06:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-16 00:41 - 2014-07-24 06:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-16 00:41 - 2014-07-24 06:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-16 00:41 - 2014-07-24 06:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-16 00:41 - 2014-07-24 05:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-16 00:41 - 2014-07-24 05:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-16 00:41 - 2014-07-24 05:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-16 00:41 - 2014-07-24 05:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-16 00:41 - 2014-07-24 05:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-16 00:41 - 2014-07-24 05:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-16 00:41 - 2014-07-24 05:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-16 00:41 - 2014-07-24 05:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-16 00:41 - 2014-07-24 05:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-16 00:41 - 2014-07-24 05:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-16 00:41 - 2014-07-24 05:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-16 00:41 - 2014-07-24 05:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-16 00:41 - 2014-07-24 05:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-16 00:41 - 2014-07-24 05:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-16 00:41 - 2014-07-24 05:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-16 00:41 - 2014-07-24 05:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-16 00:41 - 2014-07-24 05:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-16 00:41 - 2014-07-24 05:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-16 00:41 - 2014-07-24 05:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-16 00:41 - 2014-07-24 05:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-16 00:41 - 2014-07-24 05:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-16 00:41 - 2014-07-24 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-16 00:41 - 2014-07-24 05:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-16 00:41 - 2014-07-24 05:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-16 00:41 - 2014-07-24 05:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-16 00:41 - 2014-07-24 04:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-16 00:41 - 2014-07-24 04:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-16 00:41 - 2014-07-24 04:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-16 00:41 - 2014-07-24 04:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-16 00:41 - 2014-07-24 04:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-16 00:41 - 2014-07-24 04:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-16 00:41 - 2014-07-24 04:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-16 00:41 - 2014-07-24 01:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-16 00:41 - 2014-07-24 01:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-16 00:41 - 2014-07-12 02:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-16 00:41 - 2014-07-12 01:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-16 00:41 - 2014-07-12 01:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-16 00:41 - 2014-07-04 09:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-16 00:41 - 2014-07-04 07:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-16 00:41 - 2014-07-04 07:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-16 00:41 - 2014-07-04 07:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-16 00:41 - 2014-07-04 06:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-16 00:41 - 2014-07-04 06:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-16 00:41 - 2014-06-27 03:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-16 00:41 - 2014-06-25 21:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-16 00:41 - 2014-06-19 20:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-16 00:41 - 2014-06-18 23:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-16 00:41 - 2014-06-05 11:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-16 00:41 - 2014-06-05 07:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-16 00:41 - 2014-06-05 06:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-16 00:41 - 2014-05-31 02:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-16 00:41 - 2014-05-31 01:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-16 00:41 - 2014-05-29 03:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-16 00:41 - 2014-05-29 02:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-16 00:41 - 2014-05-26 04:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-16 00:41 - 2014-05-10 07:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-16 00:41 - 2014-05-10 05:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-16 00:41 - 2014-05-06 01:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-16 00:41 - 2014-05-05 21:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-16 00:41 - 2014-03-24 23:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-16 00:41 - 2014-03-24 23:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-16 00:41 - 2014-03-24 22:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-16 00:41 - 2014-03-24 22:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-16 00:40 - 2014-07-24 08:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-16 00:40 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-16 00:40 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-16 00:40 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-16 00:40 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-16 00:40 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-16 00:40 - 2014-07-24 08:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-16 00:40 - 2014-07-24 08:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-16 00:40 - 2014-07-24 08:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-16 00:40 - 2014-07-24 07:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-16 00:40 - 2014-07-24 07:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-16 00:40 - 2014-07-24 07:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-16 00:40 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-16 00:40 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-16 00:40 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-16 00:40 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-16 00:40 - 2014-07-24 07:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-16 00:40 - 2014-07-24 07:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-16 00:40 - 2014-07-24 07:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-16 00:40 - 2014-07-24 07:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-16 00:40 - 2014-07-24 06:58 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2014-09-16 00:40 - 2014-07-24 06:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-16 00:40 - 2014-07-24 06:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-16 00:40 - 2014-07-24 06:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-16 00:40 - 2014-07-24 06:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-16 00:40 - 2014-07-24 06:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-16 00:40 - 2014-07-24 06:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-16 00:40 - 2014-07-24 06:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-16 00:40 - 2014-07-24 06:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-16 00:40 - 2014-07-24 06:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-16 00:40 - 2014-07-24 06:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-16 00:40 - 2014-07-24 06:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-16 00:40 - 2014-07-24 05:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-16 00:40 - 2014-07-24 05:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-16 00:40 - 2014-07-24 05:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-16 00:40 - 2014-07-24 05:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-16 00:40 - 2014-07-24 05:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-16 00:40 - 2014-07-24 05:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-16 00:40 - 2014-07-24 05:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-16 00:40 - 2014-07-24 05:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-16 00:40 - 2014-07-24 05:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-16 00:40 - 2014-07-24 05:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-16 00:40 - 2014-07-24 04:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-16 00:40 - 2014-07-24 04:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-16 00:40 - 2014-07-24 04:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-16 00:40 - 2014-07-24 04:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-16 00:40 - 2014-07-12 02:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-16 00:40 - 2014-07-12 01:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-16 00:40 - 2014-07-04 07:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-16 00:40 - 2014-06-25 21:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-16 00:40 - 2014-06-07 09:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-16 00:40 - 2014-06-07 07:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-16 00:40 - 2014-05-29 02:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-16 00:40 - 2014-05-29 01:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-16 00:35 - 2014-08-14 21:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 19:37 - 2014-02-20 20:53 - 00004994 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ALEX-Alex Alex
2014-10-16 19:36 - 2013-12-07 08:52 - 00000000 ___RD () C:\Users\Alex\Google Drive
2014-10-16 19:36 - 2013-07-31 00:37 - 00000000 ___DO () C:\Users\Alex\SkyDrive
2014-10-16 19:36 - 2013-07-30 23:28 - 00001070 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 19:35 - 2014-06-13 21:53 - 00000000 ___RD () C:\Users\Alex\Dropbox
2014-10-16 19:35 - 2014-06-13 21:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-10-16 16:31 - 2014-06-12 22:24 - 00000902 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-16 16:06 - 2013-07-30 23:28 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:00 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-16 12:43 - 2013-07-31 00:50 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-10-16 12:39 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-15 23:14 - 2014-02-01 21:40 - 00000000 ____D () C:\Users\Alex
2014-10-15 20:12 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-15 18:46 - 2013-07-30 23:30 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1466549890-2579602772-327873444-1001
2014-10-15 18:35 - 2013-08-22 11:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-15 18:32 - 2013-08-22 11:44 - 00354592 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-15 18:27 - 2013-08-22 12:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-15 18:27 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-15 18:27 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-15 18:27 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-15 18:27 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-15 17:47 - 2014-02-18 21:15 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8857AF64-B0B8-4270-A733-B1E636098E17}
2014-10-15 17:23 - 2012-07-26 04:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-15 17:21 - 2014-02-20 20:49 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-10-15 17:21 - 2014-02-20 20:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 17:20 - 2014-02-20 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-15 17:09 - 2014-07-09 19:02 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-15 16:55 - 2013-08-22 10:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-15 15:59 - 2014-02-01 16:08 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Free Download Manager
2014-10-14 19:59 - 2013-08-22 10:25 - 00000269 _____ () C:\WINDOWS\win.ini
2014-10-14 19:57 - 2013-08-15 15:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-14 19:29 - 2013-08-01 11:55 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-13 22:55 - 2014-05-08 21:10 - 00000000 ____D () C:\Users\Todos os Usuários\BlueStacksSetup
2014-10-13 22:55 - 2014-05-08 21:10 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-13 22:55 - 2014-02-15 13:23 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Media Player Classic
2014-10-13 22:55 - 2013-09-29 14:43 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\TeamViewer
2014-10-13 22:54 - 2014-02-01 22:34 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-07 23:28 - 2013-11-14 04:29 - 01797166 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-07 23:28 - 2013-11-14 04:13 - 00774900 _____ () C:\WINDOWS\system32\prfh0416.dat
2014-10-07 23:28 - 2013-11-14 04:13 - 00158494 _____ () C:\WINDOWS\system32\prfc0416.dat
2014-09-29 20:45 - 2014-08-30 20:51 - 00000000 ____D () C:\Program Files (x86)\Age of Empires II HD
2014-09-29 19:45 - 2014-08-16 15:41 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-29 19:45 - 2014-08-16 15:41 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 03:42 - 2013-07-31 23:41 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-09-19 22:43 - 2013-07-30 23:23 - 00000000 ____D () C:\Users\Alex\AppData\Local\VirtualStore
2014-09-18 14:28 - 2014-06-13 21:53 - 00001060 _____ () C:\Users\Alex\Desktop\Dropbox.lnk
2014-09-18 14:28 - 2014-06-13 21:51 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-16 01:38 - 2013-11-14 04:16 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-16 01:38 - 2013-08-22 12:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-16 01:38 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 01:38 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 01:38 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-16 01:38 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-16 01:38 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-09-16 01:37 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-16 01:37 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-16 01:37 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-16 01:06 - 2014-04-10 21:19 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 01:06 - 2014-04-10 21:19 - 00001106 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp38nrdq.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-15 18:46

==================== End Of Log ============================


Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014


Ran by Alex at 2014-10-16 19:43:22
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Age of Empires II HD © Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Age of Empires II HD (HKLM-x32\...\Age of Empires II HD) (Version: - )
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Ares 2.2.8 (HKLM-x32\...\Ares) (Version: 2.2.8-Build#3052 - Seekar Ltd)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.7827 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2625.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2625.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A532D06B-2752-4489-B33C-1B6F1292C3EF}) (Version: - Microsoft)
Doro 1.86 (HKLM-x32\...\Doro_is1) (Version: - CompSoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free AVI Video Converter version 5.0.32.1230 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free Download Manager 3.9.3 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.7.1.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware versão 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Access MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft OneNote MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (Portuguese (Brazil)) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 pt-BR)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Oracle VM VirtualBox 4.3.0 (HKLM\...\{7CBBEE56-EEF2-462D-B1CE-EACDBBF6457E}) (Version: 4.3.0 - Oracle Corporation)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.19 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0416-0000-0000000FF1CE}_Office15.PROPLUS_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0416-0000-0000000FF1CE}_Office15.PROPLUS_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0416-0000-0000000FF1CE}_Office15.PROPLUS_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{F8A7EACA-3172-4BC3-B0F6-90F118B1824C}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5739A229-D2C6-4579-A21F-B7AFD1834DFD}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5739A229-D2C6-4579-A21F-B7AFD1834DFD}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{5739A229-D2C6-4579-A21F-B7AFD1834DFD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FFF87DE6-6602-4F65-BD75-D481E0539DCD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0416-0000-0000000FF1CE}_Office15.PROPLUS_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{31849233-AD8B-42D7-9AE1-74C79C8E8C03}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E30FBD0C-8EDB-4233-9B65-58FEA0C9A5BA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881004) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0416-0000-0000000FF1CE}_Office15.PROPLUS_{E30FBD0C-8EDB-4233-9B65-58FEA0C9A5BA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881012) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97A43AC-162A-4874-B1AD-0C98A411D12C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0416-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0416-0000-0000000FF1CE}_Office15.PROPLUS_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1B208923-2810-414F-82CC-AFFC1B19563F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}_Office15.PROPLUS_{E7690DB0-8A81-4933-89F9-8E27C0C7E4A9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{C20FB0E0-31F6-4958-B94D-AEF3CC31FD87}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7A9AB1AE-98B5-4B45-86B8-33A7B946D7CA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E1285C4F-1DB7-4A7F-9DEF-22068D09EBFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0416-0000-0000000FF1CE}_Office15.PROPLUS_{E1285C4F-1DB7-4A7F-9DEF-22068D09EBFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889940) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8954CA3D-B2C9-41B3-B97C-38146FE13D0C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DA44AFB4-27ED-45F5-8499-1778400883B1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889942) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DA44AFB4-27ED-45F5-8499-1778400883B1}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0416-1000-0000000FF1CE}_Office15.PROPLUS_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0416-0000-0000000FF1CE}_Office15.PROPLUS_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BB860F2F-62A2-496D-8780-5A18B48F206A}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BB860F2F-62A2-496D-8780-5A18B48F206A}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0416-0000-0000000FF1CE}_Office15.PROPLUS_{BB860F2F-62A2-496D-8780-5A18B48F206A}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8C0211A0-1712-42C2-9F2B-D0356D437D02}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2986204) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0416-0000-0000000FF1CE}_Office15.PROPLUS_{8C0211A0-1712-42C2-9F2B-D0356D437D02}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F080A0ED-070F-4E33-833F-CF893968E6A8}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0416-0000-0000000FF1CE}_Office15.PROPLUS_{F080A0ED-070F-4E33-833F-CF893968E6A8}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0416-0000-0000000FF1CE}_Office15.PROPLUS_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6D8F4981-88A1-4386-8B3C-A51021FD8395}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0416-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{20FF2192-E507-4B44-B861-AED6BE5E890C}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0416-0000-0000000FF1CE}_Office15.PROPLUS_{20FF2192-E507-4B44-B861-AED6BE5E890C}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{20FF2192-E507-4B44-B861-AED6BE5E890C}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUS_{20FF2192-E507-4B44-B861-AED6BE5E890C}) (Version: - Microsoft)
Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Alex\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1466549890-2579602772-327873444-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

15-10-2014 19:01:10 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2014-10-15 16:02 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {022BACE6-1551-4D7B-81F6-E8BCFF63207B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1452897E-09A6-4A04-AA7A-8150EF48686C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ALEX-Alex Alex => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {34D4A49E-A992-46D6-BD26-D6BA92BC8ABF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {393CC4AA-F0FB-4B5E-B786-29436D70218E} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C8E6E12-C189-46A7-B47B-72B633095CA0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5C668DEC-51FF-483D-AC4D-69D54CA2B7FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74977244-44E3-4E26-9A0D-9771EBFB0547} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-14] (Microsoft Corporation)
Task: {74B1E9A9-E49C-412D-8ABE-92CA7418D76C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {77F2B37B-6104-47F7-8F51-8B2655345C42} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1466549890-2579602772-327873444-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {94F88218-3C25-454B-B553-148055EEDF7C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AD06D29E-E74F-4A7D-9270-474E0B9EF6D3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {B93C149A-C406-44E0-BF3C-0F70E5508640} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-30] (Google Inc.)
Task: {C17E5C65-D351-4E93-95B2-D05BE7AB8346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-30] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2CAA6CA-377A-4C18-B30F-FCEB4896427B} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {E2F954F1-683C-4AA2-804E-AFC41B7EC1C6} - \AutoKMS No Task File <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E7206EB2-0DB5-40BE-8EBE-7871D777CF67} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {FE2F5777-2EB0-4713-B3AC-A5A4E82DF05C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1466549890-2579602772-327873444-1001Core1cfc9fd153137b8.job => C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1466549890-2579602772-327873444-1001Core1cf6af45ff45fe7.job => C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 21:09 - 2013-02-02 20:55 - 00500224 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll
2014-09-25 15:44 - 2014-09-25 15:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2009-03-12 22:18 - 2009-03-12 22:18 - 00602624 _____ () C:\Program Files (x86)\Everything\Everything.exe
2014-10-16 19:35 - 2014-10-16 19:35 - 00043008 _____ () c:\users\alex\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp38nrdq.dll
2013-08-23 16:01 - 2013-08-23 16:01 - 25100288 _____ () C:\Users\Alex\AppData\Roaming\Dropbox\bin\libcef.dll
2014-10-16 19:35 - 2014-10-16 19:35 - 00098816 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32api.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00110080 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\pywintypes27.dll
2014-10-16 19:35 - 2014-10-16 19:35 - 00364544 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\pythoncom27.dll
2014-10-16 19:35 - 2014-10-16 19:35 - 00045568 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\_socket.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 01160704 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\_ssl.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00320512 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32com.shell.shell.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00713216 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\_hashlib.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 01175040 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._core_.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00805888 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._gdi_.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00811008 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._windows_.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 01062400 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._controls_.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00735232 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._misc_.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00128512 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\_elementtree.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00127488 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\pyexpat.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00557056 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\pysqlite2._sqlite.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00007168 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\hashobjs_ext.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00087552 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\_ctypes.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00119808 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32file.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00108544 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32security.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00018432 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32event.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00038912 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32inet.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00070656 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._html2.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00167936 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32gui.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00011264 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32crypt.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00027136 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\_multiprocessing.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00686080 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\unicodedata.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00122368 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._wizard.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00010240 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\select.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00024064 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32pipe.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00025600 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32pdh.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00525640 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\windows._lib_cacheinvalidation.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00035840 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32process.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00017408 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32profile.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00022528 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\win32ts.pyd
2014-10-16 19:35 - 2014-10-16 19:35 - 00078336 _____ () C:\Users\Alex\AppData\Local\Temp\_MEI50562\wx._animate.pyd
2014-02-01 16:08 - 2013-10-04 13:38 - 03560960 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Alex\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IePluginService => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: lxcz_device => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Wpm => 2
HKLM\...\StartupApproved\Run: => "lxczbmgr.exe"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "DoroServer"
HKLM\...\StartupApproved\Run32: => "InstantBurn"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKCU\...\StartupApproved\Run: => "Facebook Update"
HKCU\...\StartupApproved\Run: => "Free Download Manager"
HKCU\...\StartupApproved\Run: => "ares"
HKCU\...\StartupApproved\Run: => "Google Update"

========================= Accounts: ==========================

Administrador (S-1-5-21-1466549890-2579602772-327873444-500 - Administrator - Disabled)
Alex (S-1-5-21-1466549890-2579602772-327873444 - Administrator - Enabled)
Convidado (S-1-5-21-1466549890-2579602772-327873444-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2014 07:34:00 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: O Gerenciador de Janelas da Área de Trabalho encontrou um erro fatal (0x8898008d)

Error: (10/16/2014 01:16:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Erro no arquivo de manifesto ou de política UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (10/16/2014 01:10:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Erro no arquivo de manifesto ou de política UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.

Error: (10/15/2014 09:05:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20605 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: a44

Hora de Início: 01cfe8d426739695

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: 19774f8a-54c8-11e4-befc-dc0ea1c4b45a

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: Erro 0x8004401e encontrado ao tentar carregar o MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL enquanto recuperava o arquivo .MOF marcado com recuperação automática.

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: Erro 0x8004401e encontrado ao tentar carregar o MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL enquanto recuperava o arquivo .MOF marcado com recuperação automática.

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: Erro 0x8004401e encontrado ao tentar carregar o MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL enquanto recuperava o arquivo .MOF marcado com recuperação automática.

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: Erro 0x8004401e encontrado ao tentar carregar o MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORE.MFL enquanto recuperava o arquivo .MOF marcado com recuperação automática.

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: Erro 0x8004401e encontrado ao tentar carregar o MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\STORAGEWMI_PASSTHRU.MFL enquanto recuperava o arquivo .MOF marcado com recuperação automática.

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: Erro 0x8004401e encontrado ao tentar carregar o MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\STORAGEWMI.MFL enquanto recuperava o arquivo .MOF marcado com recuperação automática.


System errors:
=============
Error: (10/15/2014 10:22:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Serviço de Implantação AppX (AppXSVC) devido ao seguinte erro:
%%1053

Error: (10/15/2014 10:22:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Implantação AppX (AppXSVC).

Error: (10/15/2014 06:29:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Superfetch terminou com o erro:
%%1062

Error: (10/15/2014 06:29:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Server terminou com o erro:
%%1115

Error: (10/15/2014 06:29:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Pesquisador de Computadores devido ao seguinte erro:
%%1115

Error: (10/15/2014 06:29:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Instalação Automática de Dispositivos Conectados à Rede devido ao seguinte erro:
%%1069

Error: (10/15/2014 06:29:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: O serviço NcdAutoSetup não pôde fazer logon como NT AUTHORITY\LocalService com a senha configurada atualmente devido ao seguinte erro:
%%50

Para verificar se o serviço está configurado corretamente, use o snap-in de Serviços do Console de Gerenciamento Microsoft.

Error: (10/15/2014 06:29:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Provedor do Grupo Doméstico depende do serviço Host de Provedor da Descoberta de Função, mas não foi possível iniciá-lo devido ao seguinte erro:
%%1069

Error: (10/15/2014 06:29:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Publicação de Recursos de Descoberta de Função devido ao seguinte erro:
%%1069

Error: (10/15/2014 06:29:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: O serviço FDResPub não pôde fazer logon como NT AUTHORITY\LocalService com a senha configurada atualmente devido ao seguinte erro:
%%50

Para verificar se o serviço está configurado corretamente, use o snap-in de Serviços do Console de Gerenciamento Microsoft.


Microsoft Office Sessions:
=========================
Error: (10/16/2014 07:34:00 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (10/16/2014 01:16:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (10/16/2014 01:10:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (10/15/2014 09:05:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605a4401cfe8d4267396954294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe19774f8a-54c8-11e4-befc-dc0ea1c4b45amicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORE.MFL

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\STORAGEWMI_PASSTHRU.MFL

Error: (10/15/2014 06:34:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: AUTORIDADE NT)
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\STORAGEWMI.MFL


CodeIntegrity Errors:
===================================
Date: 2014-10-13 21:42:42.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-04 21:36:20.439
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-01 13:31:10.822
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-29 13:30:24.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-26 09:35:27.826
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-24 05:11:42.856
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-23 12:37:28.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-22 13:36:37.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-20 12:32:20.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-09-19 14:24:13.726
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 49%
Total physical RAM: 2870.7 MB
Available physical RAM: 1458.43 MB
Total Pagefile: 4790.7 MB
Available Pagefile: 3213.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:216.1 GB) NTFS
Drive e: (programas) (CDROM) (Total:4.07 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F08AB5DF)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não, uma vez ele veio de brinde (se não me engano do winrar) mas removi ele. No adicionar/remover programas não aparece instalado...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014


Ran by Alex at 2014-10-17 22:19:14 Run:1
Running from C:\Users\Alex\Desktop
Loaded Profile: Alex (Available profiles: Alex)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [52032 2014-02-27] (Baidu, Inc.)
C:\WINDOWS\System32\drivers\Bfilter.sys
R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [34624 2014-02-27] (Baidu, Inc.)
C:\WINDOWS\System32\drivers\Bfmon.sys
R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.)
C:\WINDOWS\System32\drivers\Bprotect.sysS3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
Hosts:
CMD: bitsadmin /reset /allusers
Cmd: ipconfig /flushdns
EmptyTemp:

*****************

Bfilter => Unable to stop service
Bfilter => Service deleted successfully.
C:\WINDOWS\System32\drivers\Bfilter.sys => Moved successfully.
Bfmon => Unable to stop service
Bfmon => Service deleted successfully.
C:\WINDOWS\System32\drivers\Bfmon.sys => Moved successfully.
Bprotect => Unable to stop service
Bprotect => Service deleted successfully.
"C:\WINDOWS\System32\drivers\Bprotect.sysS3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]" => File/Directory not found.
BdCameraProtect => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= End of CMD: =========

EmptyTemp: => Removed 511.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

Desative temporiariamente seu AntiVirus

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Marque a caixa 'Enable detection of potentially unwanted applications"
  • Em scan settings, marque "Scan Archives" e "Remove found threats"
  • Clique em Advanced settings e marque também as caixas :
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List of found threats
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Clique em Back.
  • Clique em Finish.
  • Anexe o log Salvo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo no ultimo procedimento realizado (#10) todos sites que tento acessar ficam bloqueado, dá a mensagem de que o site contém malware conforme anexo abaixo.

 

Segue log do Eset

C:\Downloads\Software\AA_v3.exe a variant of Win32/RemoteAdmin.Ammyy.B potentially unsafe application deleted - quarantined


C:\Downloads\Software\CheatEngine63.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Age of Empires II HD\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application deleted - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 Win32/Somoto.N potentially unwanted application deleted - quarantined
C:\Users\Alex\Downloads\aTubeCatcher.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\Alex\Downloads\FreeAVIVideoConverter.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Alex\Downloads\AOE 2\Age of Empires 2 - The Forgotten - Crack.rar a variant of Win32/HackTool.Crack.BQ potentially unsafe application deleted - quarantined
C:\Users\Alex\Downloads\AOE 2\rld-aoe2hd.iso a variant of Win32/HackTool.Crack.BQ potentially unsafe application deleted - quarantined
C:\Users\Alex\Downloads\tradutor aoe hd\AgeofEmpiresIIHDT.exe a variant of Win32/InstallCore.QC potentially unwanted application deleted - quarantined
C:\Users\Alex\Google Drive\Reset Impressora\Epson T33 [OK].rar a variant of Win32/HackTool.Patcher.N potentially unsafe application deleted - quarantined
C:\Users\Alex\Google Drive\Reset Impressora\Epson TX100 e TX105 [OK].rar a variant of Win32/HackTool.Patcher.N potentially unsafe application deleted - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\All Users\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-k.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-r.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-k.mbam-u.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-r.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-k.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-r.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined
C:\Users\Todos os Usuários\Malwarebytes\Malwarebytes Anti-Malware\wajam_validate.exe-u.mbam-u.mbam Win32/Wajam.F potentially unwanted application deleted (after the next restart) - quarantined

post-514994-0-54005700-1413662110_thumb.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.
 
Baixe 51a612a8b27e2-Zoek.png Zoek.exe (por Smeenk) e salve na sua área de trabalho.
 
Execute o arquivo Zoek.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em execadmin.png.

Selecione estas linhas dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar. emptyclsid;
 


standardsearch;hostslook;

 

Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


Clique [Run Script]

Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.

Uma cópia também será salva no seu disco local com o nome zoek-results.txt

Anexe o zoek-results.txt na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

zoek-results.txt


Zoek.exe v5.0.0.0 Updated 18-10-2014
Tool run by Alex on 19/10/2014 at 14:42:02,46.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alex\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-10-15-201045.log 17821 bytes

==== Hosts File Content ======================

# 127.0.0.1 localhost

==== Running Processes ======================

C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Everything\Everything.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
C:\Users\Alex\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 2871 MB
CPU Info: Intel® Core i3 CPU M 380 @ 2.53GHz
CPU Speed: 2547,6 MHz
Sound Card: Alto-falantes (Realtek High Def |
Display Adapters: Intel® HD Graphics | Intel® HD Graphics
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Adaptador Virtual Direto Wi-Fi da Microsoft | Qualcomm Atheros AR5B125 Wireless Network Adapter | Broadcom NetLink Ethernet | VirtualBox Host-Only Ethernet Adapter
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A8SH
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 297,7GB
Hard Disks - Free: C: 215,7GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 05/19/12 | ACRSYS - 1
Time Zone: Hora oficial do Brasil
Motherboard *: Acer Aspire 5733
Country: Brasil
Language: PTB

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 38.0.2125.104
Internet Explorer Version: 11.0.9600.17351
Mozilla Firefox version: 29.0.1 (x86 pt-BR)
Google Chrome version: 38.0.2125.104
Sun Java version: 1.7.0_25 (64-bit)
Flash Player version: 15.0.0.152

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Alex\AppData\Local\Temp ====
2014-10-19 16:34:48 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Alex\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy8w9ae.dll
2014-10-18 02:40:54 F60A5756F6FD898D6EB98478E510123A 92160 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\GenericProvider.dll
2014-10-18 02:40:54 ED2CFB5D81114DD77461DADDE9494F95 525312 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\WimProvider.dll
2014-10-18 02:40:54 E916E9E73AB88FBDB633264433BF6796 47104 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\Wow64Provider.dll
2014-10-18 02:40:54 E6B5EC6CDACC0ACB5B0BBC921C07733D 348160 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\DismCore.dll
2014-10-18 02:40:54 C9306FC9299D07544E2517A0ACBCC56B 272384 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\UnattendProvider.dll
2014-10-18 02:40:54 C6D9050B9D2A02661B6EEB73E4979BAF 152576 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\DismCorePS.dll
2014-10-18 02:40:54 C537249DA468CC2BF4E3703AE0429660 297984 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\IntlProvider.dll
2014-10-18 02:40:54 C1F079A02DB1FBFC9A50A355724EBD9A 49152 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\FolderProvider.dll
2014-10-18 02:40:54 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\DismHost.exe
2014-10-18 02:40:54 AA5AA9C6029FB5ACAF3C13CD986AEC2A 179712 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\MsiProvider.dll
2014-10-18 02:40:54 97A8CABA8EE387C51B3FF63CB5F0E6D2 788992 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\CbsProvider.dll
2014-10-18 02:40:54 82401E487D513178348D72E4E895D992 370176 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\AppxProvider.dll
2014-10-18 02:40:54 81F41A452723369F07E3EA9CA65296BE 566784 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\TransmogProvider.dll
2014-10-18 02:40:54 8074031A2163A5C5AFA33D44E09DF2BE 101376 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\AssocProvider.dll
2014-10-18 02:40:54 746E905CED59EDE465307CF27D6913A2 150528 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\CompatProvider.dll
2014-10-18 02:40:54 6C3E4C9BF684C1E7009FD95DE278514C 264704 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\SmiProvider.dll
2014-10-18 02:40:54 46E38CE7416450E7EBFAA05F611AEB08 346112 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\DmiProvider.dll
2014-10-18 02:40:54 3770ED04AC35E2FE37371750237324D2 179712 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\ImagingProvider.dll
2014-10-18 02:40:54 29AF991596FB7B4E23B71B65C2EE9D82 233472 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\DismProv.dll
2014-10-18 02:40:54 27D5A157F6DA34A5CC3F6EB290BF1BCC 625664 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\VhdProvider.dll
2014-10-18 02:40:54 1B90F8724440B6669E4545E81C461FBA 48128 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\IBSProvider.dll
2014-10-18 02:40:54 09C9EE628BB35FCAE67444BB40AD08D1 113152 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\OSProvider.dll
2014-10-18 02:40:50 ED2CFB5D81114DD77461DADDE9494F95 525312 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\WimProvider.dll
2014-10-18 02:40:50 E916E9E73AB88FBDB633264433BF6796 47104 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\Wow64Provider.dll
2014-10-18 02:40:50 C9306FC9299D07544E2517A0ACBCC56B 272384 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\UnattendProvider.dll
2014-10-18 02:40:50 81F41A452723369F07E3EA9CA65296BE 566784 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\TransmogProvider.dll
2014-10-18 02:40:50 6C3E4C9BF684C1E7009FD95DE278514C 264704 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\SmiProvider.dll
2014-10-18 02:40:50 27D5A157F6DA34A5CC3F6EB290BF1BCC 625664 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\VhdProvider.dll
2014-10-18 02:40:49 F60A5756F6FD898D6EB98478E510123A 92160 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\GenericProvider.dll
2014-10-18 02:40:49 E6B5EC6CDACC0ACB5B0BBC921C07733D 348160 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\DismCore.dll
2014-10-18 02:40:49 C6D9050B9D2A02661B6EEB73E4979BAF 152576 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\DismCorePS.dll
2014-10-18 02:40:49 C537249DA468CC2BF4E3703AE0429660 297984 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\IntlProvider.dll
2014-10-18 02:40:49 C1F079A02DB1FBFC9A50A355724EBD9A 49152 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\FolderProvider.dll
2014-10-18 02:40:49 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\DismHost.exe
2014-10-18 02:40:49 AA5AA9C6029FB5ACAF3C13CD986AEC2A 179712 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\MsiProvider.dll
2014-10-18 02:40:49 746E905CED59EDE465307CF27D6913A2 150528 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\CompatProvider.dll
2014-10-18 02:40:49 46E38CE7416450E7EBFAA05F611AEB08 346112 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\DmiProvider.dll
2014-10-18 02:40:49 3770ED04AC35E2FE37371750237324D2 179712 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\ImagingProvider.dll
2014-10-18 02:40:49 29AF991596FB7B4E23B71B65C2EE9D82 233472 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\DismProv.dll
2014-10-18 02:40:49 1B90F8724440B6669E4545E81C461FBA 48128 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\IBSProvider.dll
2014-10-18 02:40:49 09C9EE628BB35FCAE67444BB40AD08D1 113152 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\OSProvider.dll
2014-10-18 02:40:48 97A8CABA8EE387C51B3FF63CB5F0E6D2 788992 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\CbsProvider.dll
2014-10-18 02:40:48 82401E487D513178348D72E4E895D992 370176 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\AppxProvider.dll
2014-10-18 02:40:48 8074031A2163A5C5AFA33D44E09DF2BE 101376 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\AssocProvider.dll
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-10-14 22:43:27 CDB3123A2ABB34B830224B986568F4D4 626688 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-14 22:43:14 09ABB665890DDCB614974AE563F0D877 672256 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-14 22:43:13 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-14 22:43:13 C2F6C71F5316DA478632B3B463B06E6D 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-14 22:43:13 B6D3D955FBB174081CDFB977B726D069 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-14 22:42:32 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\WINDOWS\SysWOW64\authui.dll
2014-10-14 22:42:28 CE9FDB173E3FDA974B9CC2596558EA47 68608 ----a-w- C:\WINDOWS\SysWOW64\packager.dll
2014-10-14 22:41:24 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-14 22:41:09 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-14 22:41:08 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-14 22:41:06 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-14 22:41:05 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
2014-10-14 22:41:03 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-14 22:41:01 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-14 22:41:00 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-14 22:40:58 980D01CB48811552E09D9CFF397886C9 315904 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-14 22:40:54 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-14 22:40:54 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-14 22:40:54 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-14 22:40:53 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-14 22:40:52 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-14 22:40:05 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll
2014-10-14 22:39:56 F51B727AFF404ED8D730DFA069D88D7B 18722600 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
2014-10-14 22:39:54 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-14 22:39:52 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-14 22:39:47 A4E624F7658D08C1717542FA10E0A973 1467384 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-14 22:39:43 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-14 22:39:42 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-14 22:39:41 24B30DB8D1F8CF0F8C1AAAE319BC508E 838144 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-14 22:39:38 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-14 22:39:37 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll
2014-10-14 22:39:25 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-14 22:37:47 10F428429F7FF957B226E068A08B158A 3117568 ----a-w- C:\WINDOWS\SysWOW64\msi.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-10-14 22:43:49 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\WINDOWS\Sysnative\win32k.sys
2014-10-14 22:43:27 34B5290B8770A2FC578E3FEAD3FD7462 921600 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll
2014-10-14 22:43:25 8CBF1E2761816CFD9D32F8B32531D0FB 118272 ----a-w- C:\WINDOWS\Sysnative\winbici.dll
2014-10-14 22:43:15 9FDD8CD31F3FBA88F050318F32D640E2 3448320 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
2014-10-14 22:43:14 EEC80B8BF5B050D04DDCD88D03C9A771 59904 ----a-w- C:\WINDOWS\Sysnative\wups.dll
2014-10-14 22:43:14 6D3FB811007A5330C6D85E182BCDFC85 839680 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll
2014-10-14 22:43:14 5E89EC6165E545B77122227E1DFFA23A 54752 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe
2014-10-14 22:43:14 23C814333BDA6B07248E6E865D91B728 1702400 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll
2014-10-14 22:43:13 65297383420B2C09A7D2838C76106CEE 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll
2014-10-14 22:43:13 35D45C2646794C66EAAD8FE11944A714 35328 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe
2014-10-14 22:43:13 1D66D0788D7A398B4BF9030C45B5F71C 50688 ----a-w- C:\WINDOWS\Sysnative\wups2.dll
2014-10-14 22:43:13 1A941A83126E35782401E43C84FC90C7 388608 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2014-10-14 22:43:13 094D5D55C02FA2547A0B46A0ABC629D5 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll
2014-10-14 22:42:33 A00B916CD6A67984257DC53052350219 2646016 ----a-w- C:\WINDOWS\Sysnative\authui.dll
2014-10-14 22:42:32 7667B9D81EA8FD6540E6CF72F92161A6 109568 ----a-w- C:\WINDOWS\Sysnative\appinfo.dll
2014-10-14 22:42:28 F782575495709CD79F1A15EFD11D51E3 76288 ----a-w- C:\WINDOWS\Sysnative\packager.dll
2014-10-14 22:41:26 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
2014-10-14 22:41:15 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
2014-10-14 22:41:13 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
2014-10-14 22:41:07 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
2014-10-14 22:41:06 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
2014-10-14 22:41:05 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
2014-10-14 22:41:03 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll
2014-10-14 22:41:02 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl
2014-10-14 22:40:59 2A1C9DB3F9C09795D77E9F24C30BE423 363008 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll
2014-10-14 22:40:58 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
2014-10-14 22:40:56 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll
2014-10-14 22:40:54 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll
2014-10-14 22:40:54 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll
2014-10-14 22:40:53 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll
2014-10-14 22:40:53 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll
2014-10-14 22:40:52 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll
2014-10-14 22:40:06 25EE65F2FA154EDED0E87354311FB1E2 590336 ----a-w- C:\WINDOWS\Sysnative\rastls.dll
2014-10-14 22:39:59 34A16F6F9546595952C65003D9A4B474 21195616 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
2014-10-14 22:39:57 1676B06421492B439A9E60C55692A921 8757760 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll
2014-10-14 22:39:53 8A522BBE4E06586C57E5D9DC50FB88B0 6649344 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
2014-10-14 22:39:51 57CA779C19C2F224BE0C5EFC40F54B60 4758528 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll
2014-10-14 22:39:49 5053FE9043FB84D71B04EFC7D5DA13CF 1710184 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll
2014-10-14 22:39:49 10CE7F7704E293F6CC6E0AF51DBFD95A 1106432 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll
2014-10-14 22:39:48 37C1CBCB3F420C754E86E3EC313D436D 1112512 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll
2014-10-14 22:39:47 2ECA23663D13100032E09062C743C70D 1507648 ----a-w- C:\WINDOWS\Sysnative\propsys.dll
2014-10-14 22:39:44 30293301B14D0D11D086B09831F5FE0D 920064 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll
2014-10-14 22:39:42 ACFEE9487693C2BD573DFCA71D98E17C 914432 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll
2014-10-14 22:39:42 ABB028BAB78E7B4AFE374F8246F6CCB6 359424 ----a-w- C:\WINDOWS\Sysnative\Wldap32.dll
2014-10-14 22:39:37 FD4EA8E9232ADD51DC31C295DDEF2768 287744 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll
2014-10-14 22:39:32 66CBCDDEF429E5BA83C3288EEB0771A6 717824 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll
2014-10-14 22:39:29 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe
2014-10-14 22:39:28 E325BCD68EC0CF2E2EDD0AB7CC17C698 267776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll
2014-10-14 22:39:27 73F269436228D5625E83A1EAF3549F58 118272 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll
2014-10-14 22:39:26 5D4A403DAE434FBA11779496EAFBDDE8 75776 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll
2014-10-14 22:39:26 0DD29E5328436D51517316CD6D3BACCA 286208 ----a-w- C:\WINDOWS\Sysnative\pcsvDevice.dll
2014-10-14 22:39:25 3014CE5846A486C624E3E2CEB8C3290C 286208 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll
2014-10-14 22:39:24 36F977EDAE6CEE96CE6409B2B16765B4 290816 ----a-w- C:\WINDOWS\Sysnative\ProximityService.dll
2014-10-14 22:39:21 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml
2014-10-14 22:38:01 6F338144D6C1115C9901024F5CFFDC87 275968 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll
2014-10-14 22:38:00 668D58194CF9C9550C5433B5C210E996 678400 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll
2014-10-14 22:37:56 D46FD43F65070EAA744F2AEC0B7F2405 527360 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll
2014-10-14 22:37:45 4C3A631A721A49324715717535633002 2779648 ----a-w- C:\WINDOWS\Sysnative\msi.dll
====== C:\WINDOWS\Sysnative\drivers =====
2014-10-14 22:39:50 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-10-14 22:39:27 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2014-09-24 23:59:28 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2014-09-24 23:59:03 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2014-09-24 23:59:03 D1F2D4DF0A5D3B700794E26356A55B44 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys
2014-09-24 23:59:03 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-10-13 23:20:20 -------- d-----w- C:\Program Files\Enigma Software Group
======= C:\PROGRA~2 =====
2014-10-18 17:02:10 -------- d-----w- C:\PROGRA~2\ESET
2014-10-13 23:18:12 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard
======= C: =====
2014-10-13 23:21:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\Alex\AppData\Roaming ======
2014-10-18 02:40:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub
2014-10-18 02:40:58 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub
2014-10-15 19:31:25 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2014-10-15 19:31:25 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2014-10-15 19:31:25 -------- d-----w- C:\Users\USURIO~1\AppData\Local\Temp
2014-10-15 19:31:25 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2014-10-15 19:31:25 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2014-10-15 19:31:24 -------- d-----w- C:\Users\Alex\AppData\Local\Temp
====== C:\Users\Alex ======
2014-10-18 17:01:15 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2014-10-16 15:41:31 -------- d-----r- C:\WINDOWS\SysNative\config\systemprofile\Searches
2014-09-29 23:45:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II HD

====== C: exe-files ==
2014-10-18 17:02:18 E273331224005C5A8A504164373DE1DC 535304 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2014-10-18 17:02:18 9E47522861242EE002D7F385C35D1322 2887824 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2014-10-18 17:02:18 5B3DE7968D23B476AFB256D8014B25B9 333424 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2014-10-18 17:02:18 47B06E473B78A792DF07D226E0537D63 119184 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2014-10-18 17:02:18 3C3F35C91F230493B088B334E39D1F7A 358144 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-10-18 17:01:15 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2014-10-18 02:40:54 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Alex\AppData\Local\Temp\A52B9572-7062-4530-9EED-7D27796F9CC7\DismHost.exe
2014-10-18 02:40:49 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Users\Alex\AppData\Local\Temp\4BD5E4A7-562A-4E35-A3E8-FA7839749671\DismHost.exe
2014-10-16 23:06:44 68270679465EC5A66B65489C6E44AD64 11100752 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_37.0.2062.124_chrome_updater.exe
2014-10-16 22:40:22 1F3E1F48BB33569A4FC97667D1E2B0FC 2112000 ----a-w- C:\Users\Alex\Desktop\clubdohardware\FRST64.exe
2014-10-15 00:40:54 9A8336796A7C71E9F33DE848B8320ED3 380416 ----a-w- C:\Users\Alex\Desktop\clubdohardware\87yzu5i1.exe
2014-10-14 23:20:50 3F5D9D75F6523CB30924999EDFDAD28B 1705698 ----a-w- C:\Downloads\Software\JRT.exe
2014-10-14 22:43:25 743DE31CDA4A16551F4F5F8A006E7295 1408472 ----a-w- C:\Windows\Camera\Camera.exe
2014-10-14 22:41:01 0B219DF6F397F076BC4DF0249156D010 812688 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-10-14 22:40:59 8A120D686685E02B5D8760C723E890B4 810640 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-10-14 22:40:58 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-10-14 22:40:57 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-10-14 01:50:26 9AE4C48DB6D9EB7D060C71AB1AABF5F0 4965896 ----a-w- C:\Downloads\Software\ccsetup418.exe
2014-10-14 01:47:40 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe
2014-10-13 23:18:28 EDB10586A061A621BBA2CB32E5E3220B 190429 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe
=== C: other files ==
2014-10-19 16:34:44 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Alex\AppData\Local\Temp\_MEI48362\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
2014-10-19 16:34:44 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Alex\AppData\Local\Temp\_MEI48362\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
2014-10-14 22:43:49 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\Windows\System32\win32k.sys
2014-10-14 22:39:50 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-10-14 22:39:27 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-10-13 23:21:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1466549890-2579602772-327873444-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="C:\Users\Alex\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"Facebook Update"="C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"ares"="C:\Program Files (x86)\Ares\Ares.exe -h"
"Google Update"="C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Everything"="C:\Program Files (x86)\Everything\Everything.exe -startup"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"DoroServer"="C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe"
"InstantBurn"="C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe"
"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="C:\Users\Alex\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"Facebook Update"="C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"ares"="C:\Program Files (x86)\Ares\Ares.exe -h"
"Google Update"="C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"lxczbmgr.exe"="C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~2.DLL"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdAndroidSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdLogRotatorSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdUpdaterSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IconMan_R]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IePluginService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\lxcz_device]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wpm]


==== Startup Folders ======================

2014-06-14 00:52:26 1094 ----a-w- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/09/2014 15:32]
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1466549890-2579602772-327873444-1001Core1cfc9fd153137b8.job --a-------- C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe [06/09/2014 16:04]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/07/2013 00:28]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1466549890-2579602772-327873444-1001Core1cf6af45ff45fe7.job --a-------- C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe [01/05/2014 19:33]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{8857AF64-B0B8-4270-A733-B1E636098E17}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Windows Codec Update Service" ["C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe"]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default
- Free Download Manager plugin - %ProfilePath%\extensions\fdm_ffext@freedownloadmanager.org

ProfilePath: C:\Users\Alex\AppData\Roaming\Nvu\Profiles\y7urs0me.default
- Undetermined - %ProfilePath%\extensions\installed-extensions.txt
- Nvu default - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\55sa5d3x.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\Alex\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
785105A23650755A8F7A72405EB0D923 - C:\Users\Alex\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
29B5096C332ECE24A72024212A2282EF - C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal
6405D35B002039122117B4EAD3EDD8BD - C:\Users\Alex\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal


==== Chromium Look ======================

Google Slides - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Video download helper - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm
Wargame 1942 - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\egndkcdmahjocjildkpebbbdlkggnfoa
Google Sheets - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Play - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi
Google Maps - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
Google Wallet - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Caixa Economica Federal - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
Quebrador de Links - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla
Outlook.com - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge
Gmail - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Desert Operations - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppakkfppmalpenodhgcdidekcbnlddcg

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com.br/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [DoroServer] C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
O4 - HKLM\..\Run: [instantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [skyDrive] "C:\Users\Alex\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Dropbox.lnk = Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Baixar com o Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Baixar tudo com o Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Baixar vídeo com o Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download selecionado pelo Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DF708D3-DC2B-4CBC-8ABF-0A8EA24AA79D}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=125 folders=27 13228192 bytes)

==== EOF on 19/10/2014 at 14:50:43,77 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

Execute o arquivo Zoek.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo Zoek.exe, depois clique em execadmin.png.

Selecione estas linhas dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar. emptyclsid;
 

netsh int ip reset all >>"%temp%\log.txt";bipconfig /release >>"%temp%\log.txt";bipconfig /renew >>"%temp%\log.txt";bnetsh winsock reset >>"%temp%\log.txt";bipconfig /flushdns >>"%temp%\log.txt";bemptyalltemp;

 
Clique com o direito em qualquer parte branca do Zoek e escolha a opção colar

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.


Clique [Run Script]

Aguarde o scan. Ao final abrirá o bloco de notas com o relatório.

Uma cópia também será salva no seu disco local com o nome zoek-results.txt

Anexe o zoek-results.txt na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Zoek-results.txt


Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by Alex on 19/10/2014 at 18:43:32,69.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alex\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-10-15-201045.log 17821 bytes
C:\zoek-results2014-10-19-165043.log 40888 bytes

==== Batch Command(s) Run By Tool======================

Redefinindo Global, OK!
Redefinindo Interface, OK!
Redefinindo Endere‡o Unicast, OK!
Redefinindo Vizinho, OK!
Redefinindo Caminho, OK!
Falha ao redefinir .
Acesso negado.

Redefinindo , OK!
Reinicie o computador para concluir esta a‡Æo.


Configura‡Æo de IP do Windows

Nenhuma opera‡Æo pode ser executada em ConexÆo Local* 11 enquanto a
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em Ethernet enquanto a
m¡dia estiver desconectada.

Adaptador de Rede sem Fio ConexÆo Local* 11:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Adaptador de Rede sem Fio Wi-Fi:

Sufixo DNS espec¡fico de conexÆo. . . . . . :
Endere‡o IPv6 de link local . . . . . . . . : fe80::14e5:377d:b696:2bf3%4
Gateway PadrÆo. . . . . . . . . . . . . . . :

Adaptador Ethernet Ethernet:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Adaptador Ethernet VirtualBox Host-Only Network:

Sufixo DNS espec¡fico de conexÆo. . . . . . :
Endere‡o IPv6 de link local . . . . . . . . : fe80::3959:8533:b341:35e8%13
Endere‡o IPv4. . . . . . . . . . . . . . . : 192.168.56.1
M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
Gateway PadrÆo. . . . . . . . . . . . . . . :

Adaptador de t£nel isatap.Home:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Adaptador de t£nel isatap.{8DF708D3-DC2B-4CBC-8ABF-0A8EA24AA79D}:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Configura‡Æo de IP do Windows

Nenhuma opera‡Æo pode ser executada em ConexÆo Local* 11 enquanto a
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em Ethernet enquanto a
m¡dia estiver desconectada.

Adaptador de Rede sem Fio ConexÆo Local* 11:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Adaptador de Rede sem Fio Wi-Fi:

Sufixo DNS espec¡fico de conexÆo. . . . . . : Home
Endere‡o IPv6 de link local . . . . . . . . : fe80::14e5:377d:b696:2bf3%4
Endere‡o IPv4. . . . . . . . . . . . . . . : 192.168.1.9
M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.1.1

Adaptador Ethernet Ethernet:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Adaptador Ethernet VirtualBox Host-Only Network:

Sufixo DNS espec¡fico de conexÆo. . . . . . :
Endere‡o IPv6 de link local . . . . . . . . : fe80::3959:8533:b341:35e8%13
Endere‡o IPv4. . . . . . . . . . . . . . . : 192.168.56.1
M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
Gateway PadrÆo. . . . . . . . . . . . . . . :

Adaptador de t£nel isatap.Home:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . : Home

Adaptador de t£nel isatap.{8DF708D3-DC2B-4CBC-8ABF-0A8EA24AA79D}:

Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :

Cat logo Winsock redefinido com ˆxito.
Reinicie o computador para concluir a redefini‡Æo.


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=125 folders=27 13228192 bytes)

==== Empty Temp Folders ======================

C:\Users\Alex\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Alex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted

==== EOF on 19/10/2014 at 18:47:30,96 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

Para finalizar:
 
# Etapa nº 1 #


Baixe o Delfix by Xplode e salve na sua área de trabalho.

Dê dois cliques no delfix.exe para executá-lo. Marque as caixas conforme imagem.

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

2mez6ld.png

Clique no botão Executar.

Ao final será gerado um log, mas não é necessário postar.

 

# Etapa nº 2 #

 

Atualize o Java.
 
Atenção: Desinstale TODAS as versões antigas do Java.

  • Feche todos os programas especialmente o seu Navegador (IE, Firefox etc).
  • Acesse o site Java para Windows
  • Clique em 4531602912_e9606174d3_o.gif
  • Na janela que surgir clique em Executar;
  • Siga os procedimentos de instalação.

 
# Etapa nº 3 #
 
<<@>> Instale o CCleaner
 
O CCleaner é um excelente utilitário de limpeza para o computador, que lhe ajudará no desempenho do computador. Faça o download dele aqui CCleaner

 

IMPORTANTE: Após a instalação vá até o local onde o programa foi instalado, C:\Arquivos de programas\CCleaner, clique duas vezes na pasta, numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta; coloque o nome de backups!

  • Abra o programa e clique em Executar Limpeza;
  • clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...

Obs: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!
<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!
 
Abraços. thumbsup.gif

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite amigo, fiz todos esses procedimentos e ainda assim os anúncios continuam a aparecer...

Não sei se tem mais algo que se possa fazer? 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo, muitíssimo obrigado, agora desinstalei e instalei os 3 navegadores e parou de abrir as propagandas.... Com todas essas limpezas removeu o maldito vírus. :aplausos:  :aplausos:  :aplausos:

 

Obrigado.  :joia:

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×