Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Andrei Germano

PC Muito Lento ! : |

Recommended Posts

Meu Pc (note) vem ficando muito lento a tempos.

Lentidão tal que as vezes demoro 15 minutos ou mais pra inicializar o Pc e sistema, e as vezes ainda permanece inoperante por muito mais tempo , 20 minutos meia hora. Muitas vezes eu preciso desligar e ligar o Pc mais de um vez ... pra ele funcionar , pra internet funcionar , pros programas responderem, inclusive navegadores . Pra desligar o processo também é complicado ... demora muito .. (mas o tempo varia) as vezes menos de 10 minutos ...

as x demora tanto ... ( mais de 15 , 20 minutos pra desligar ..) e acabo desligando pelo botão .

 

Apareceu a alguns meses uma rundll32.exe a mais nos processos, ou seja, há 2 rundll32.exe rodando simultaneamente. P q isso ? é normal ? o que causa isso ? quais as consequências disso e Como corrigir ?    :confused:

 

(Há detecções de vírus que parecem falsos positivos, pois é detectado por um prog mas não pelos outros. e os arquivos deletados reaparecem) :huh:

ZA-Scan.txt

Editado por Andrei Germano

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Andrei Germano

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!
# Etapa nº 1 #
 
Desinstale o Nano Antivírus.
 
Deixe apenas um AV no Windows. Talvez este site te ajude na escolha:
 
http://www.av-comparatives.org/
 
# Etapa nº 2 #

Faça o download Junkware Removal Tool e salve em seu Desktop.
  • Desative seus programas de proteção (antivírus etc) para evitar qualquer conflito.
  • Clique duas vezes JRT.exe
    • Se seu sistema for Windows Vista ou Windows 7 ou Windows 8, clique com o botão direito do mouse e peça para Executar como Administrador.

    [*]Seja paciente e aguarde o scan terminar.[*]Abra o log JRT.txt que está em seu Desktop.[*]Copie todo conteúdo e cole em sua próximo mensagem.



# Etapa nº 3 #

  • Clique duas vezes no adwcleaner.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique em Pesquisar
  • No final do scan será aberto um log com o resultado.
  • Caso algo seja detectado, clique então no botão Remover.
  • Novamente, no final do scan será aberto um log com o resultado.
  • Copie todo seu conteúdo e cole em sua próxima resposta.



# Etapa nº 4 #

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Baixe o Farbar Recovery Scan Tool e salve na sua área de trabalho.
32 bit (x86)ou 64 bit (x64)

Dê um duplo-clique para executar a ferramenta. Aceite o contrato e depois clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Anexe os logs na sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.2.2 (06.29.2015:1)
    OS: Windows 7 Home Basic x64
    Ran by  on 30/06/2015 at  4:48:18,53
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully deleted: [service] 0167231432159248mcinstcleanup



    ~~~ Tasks



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Program Files (x86)\GUT4467.tmp
    Successfully deleted: [File] C:\Program Files (x86)\GUTB1C2.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho15F.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho2F6B.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho347B.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho3E27.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho4AC9.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho542E.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho5800.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho5D8C.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho6706.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho6C2B.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho7817.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho79A4.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho7B28.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho7D4D.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho8410.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho8529.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho8AB2.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho8DC.tmp
    Successfully deleted: [File] C:\Windows\syswow64\sho950A.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoA25.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoA2D.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoA2F4.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoA89D.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoAAA3.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoAAFA.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoC8D0.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoCCC0.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoCFD4.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoD32F.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoD3D8.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoD8A6.tmp
    Successfully deleted: [File] C:\Windows\syswow64\shoDA06.tmp



    ~~~ Folders

    Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\tencent
    Successfully deleted: [Folder] C:\Program Files (x86)\goforfiles
    Successfully deleted: [Folder] C:\Program Files (x86)\tencent
    Successfully deleted: [Folder] C:\Program Files (x86)\yuna software
    Successfully deleted: [Folder] C:\Program Files\reimage
    Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\reimage repair
    Successfully deleted: [Folder] C:\ProgramData\pcdr
    Successfully deleted: [Folder] C:\rei
    Successfully deleted: [Folder] C:\Users\Andrei\AppData\Roaming\cacaoweb
    Successfully deleted: [Folder] C:\Users\Andrei\AppData\Roaming\goforfiles
    Successfully deleted: [Folder] C:\Users\Andrei\AppData\Roaming\tencent



    ~~~ FireFox




    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\Andrei\appdata\local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol

    [C:\Users\Andrei\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Andrei\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\Andrei\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Andrei\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    [
      lbfehkoinhhcknnbdgnnmjhiladcgbol
    ]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 30/06/2015 at  5:50:26,57
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    --------------/////////////------------------------------------------------------------

     

    Poderia me explicar cada coisa dessa que foi deletada e como recuperar algumas delas ?

    O tencent por ex é um programa autêntico não precisava ser deletado. porque o junk o deletou ?

     

    E ter duas rundll32 como eu citei no inicio do post é normal ??
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Amigo, arquivos temporários e programas indesejados... vai depender o que ela está executando. Com relação ao tecent, ao término você reinstala o programa.

     

    E os outros logs?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • # AdwCleaner v4.207 - Relatório criado 02/07/2015 às 02:00:49
    # Atualizado 21/06/2015 por Xplode
    # Base de dados : 2015-06-29.1 [servidor]
    # Sistema operacional : Windows 7 Home Basic  (x64)
    # Usuário : Andrei - MASTER-PC
    # Executando de : C:\Users\Andrei\Desktop\adwcleaner_4.207.exe
    # Opção : Limpar

    ***** [ Serviços ] *****


    ***** [ Arquivos / Pastas ] *****

    [x] Não Excluído : C:\Users\Public\Documents\tencent
    [!] Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\goforfiles
    [x] Não Excluído : C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
    [x] Não Excluído : C:\Users\Andrei\daemonprocess.txt

    ***** [ Tarefas agendadas ] *****


    ***** [ Atalhos ] *****


    ***** [ Registro ] *****

    Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
    Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}
    Chave Apagado : HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
    Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
    Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{6CB9D494-2482-4277-9E45-22F36C471461}
    Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
    Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
    Valor Apagado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
    Valor Apagado : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
    Chave Apagado : HKCU\Software\cacaoweb
    Chave Apagado : HKCU\Software\Softonic
    [x] Não Apagado : HKCU\Software\yuna software
    Chave Apagado : HKCU\Software\AppDataLow\Software\adawarebp
    Chave Apagado : HKLM\SOFTWARE\Conduit
    [x] Não Apagado : HKLM\SOFTWARE\yuna software
    [x] Não Apagado : [x64] HKCU\Software\yuna software
    Chave Apagado : [x64] HKLM\SOFTWARE\Reimage
    Chave Apagado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
    Dados Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v8.0.7600.16385


    -\\ Mozilla Firefox v38.0.5 (x86 pt-BR)


    -\\ Google Chrome v43.0.2357.130

    [C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://en.softonic.com/s/{searchTerms}
    [C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://www.softonic.com.br/s/{searchTerms}
    [C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://br.ask.com/web?q={searchTerms}
    [C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Apagado [search Provider] : hxxp://www.softonic.com.br/s/{searchTerms}

    *************************

    AdwCleaner[R0].txt - [3314 bytes] - [02/07/2015 01:38:19]
    AdwCleaner[s0].txt - [3059 bytes] - [02/07/2015 02:00:49]

    ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3118  bytes] ##########

     

     

    Obs : Não havia a opção pedida aqui de Remover, só havia limpar e desinstalar , eu achei q o correto seria limpar.

     

    Sobre os 2 processos Rundll32 ??

     

    (em breve postarei os últimos logs)
     

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
    Ran by Andrei (administrator) on MASTE-PC on 02-07-2015 02:54:21
    Running from C:\Users\Andrei\Desktop
    Loaded Profiles: Andrei (Available Profiles: Andrei & Visitante & Bug & Convidado)
    Platform: Windows 7 Home Basic (X64) OS Language: Português (Brasil)
    Internet Explorer Version 8 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe
    (NANO Security) C:\Program Files (x86)\NANO Antivirus\bin\nanosvc.exe
    (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
    (Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
    (Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    () C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    (Safer Networking Limited) C:\Users\Andrei\SpybotPortable\App\Spybot\TeaTimer.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
    (NANO Security) C:\Program Files (x86)\NANO Antivirus\bin\nanoav.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
    (SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-08] (COMODO)
    HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-08] (COMODO)
    HKLM-x32\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [329096 2010-11-17] (BillP Studios)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-25] (Avast Software s.r.o.)
    HKLM-x32\...\Run: [NANO Antivirus] => c:\program files (x86)\nano antivirus\bin\nanoav.exe [9888048 2015-07-01] (NANO Security)
    Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKLM\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
    HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Run: [spybotSD TeaTimer] => C:\Users\Andrei\SpybotPortable\App\Spybot\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Policies\system: [Disable TaskMgr] 0
    HKU\S-1-5-21-686917814-573201692-2418506719-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
    HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-18]
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\Users\Bug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-03-26]
    ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Convidado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-03-23]
    ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-11-04]
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-11-04]
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-11-04]
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Visitante\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-03-23]
    ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-25] (Avast Software s.r.o.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-686917814-573201692-2418506719-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-686917814-573201692-2418506719-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-686917814-573201692-2418506719-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM -> {19F98915-C53C-4506-B1C4-7A4629B67F3C} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {3C45D01F-E882-4425-9D0C-358BD86066E5} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-686917814-573201692-2418506719-1000 -> {19F98915-C53C-4506-B1C4-7A4629B67F3C} URL =
    SearchScopes: HKU\S-1-5-21-686917814-573201692-2418506719-1000 -> {3C45D01F-E882-4425-9D0C-358BD86066E5} URL =
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-25] (Avast Software s.r.o.)
    BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-04] (Sun Microsystems, Inc.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-01] (RealPlayer)
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Users\Andrei\SpybotPortable\App\Spybot\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14] (Microsoft Corp.)
    BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-07-23] (Sun Microsystems, Inc.)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-25] (Avast Software s.r.o.)
    BHO-x32: Auxiliar de Conexão do Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
    BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
    BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2010-09-08] ()
    BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-07-23] (Sun Microsystems, Inc.)
    BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06] (Microsoft Corporation)
    BHO-x32: Kwyshell MidpX -> {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} -> C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03] (Kwyshell G.Corp)
    Toolbar: HKLM-x32 - Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files (x86)\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03] (Kwyshell G.Corp)
    Toolbar: HKU\S-1-5-21-686917814-573201692-2418506719-1000 -> No Name - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} -  No File
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
    Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
    Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-18] (McAfee, Inc.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2010-05-13] (Skype Technologies)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
    Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-04] (Microsoft Corporation)
    Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-04] (Microsoft Corporation)
    Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-04] (Microsoft Corporation)
    Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-04] (Microsoft Corporation)
    Winsock: Catalog9 01 C:\Program Files (x86)\NANO Antivirus\bin\nanolsp.dll [2019408 2015-07-01] (NANO Security)
    Winsock: Catalog9 13 C:\Program Files (x86)\NANO Antivirus\bin\nanolsp.dll [2019408 2015-07-01] (NANO Security)
    Winsock: Catalog9-x64 01 C:\Program Files (x86)\NANO Antivirus\bin\nanolsp64.dll [2989696 2015-07-01] (NANO Security)
    Winsock: Catalog9-x64 13 C:\Program Files (x86)\NANO Antivirus\bin\nanolsp64.dll [2989696 2015-07-01] (NANO Security)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt


    FireFox:
    ========
    FF ProfilePath: C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465
    FF NetworkProxy: "ftp", "91.209.127.231"
    FF NetworkProxy: "ftp_port", 80
    FF NetworkProxy: "gopher", "91.209.127.231"
    FF NetworkProxy: "gopher_port", 80
    FF NetworkProxy: "http", "200.42.69.92"
    FF NetworkProxy: "http_port", 8080
    FF NetworkProxy: "socks", "91.209.127.231"
    FF NetworkProxy: "socks_port", 80
    FF NetworkProxy: "ssl", "200.42.69.92"
    FF NetworkProxy: "ssl_port", 8080
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2013-12-19] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
    FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2014-04-25] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2013-12-19] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-07-23] (Sun Microsystems, Inc.)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-07-23] (Sun Microsystems, Inc.)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [2009-06-23] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2010-03-24] ()
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=12.0.1.609 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2010-12-01] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprjplug;version=12.0.1.609 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2010-12-01] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.609 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2010-12-01] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.609 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-12-01] (RealNetworks, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-26] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-26] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-686917814-573201692-2418506719-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Andrei\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-686917814-573201692-2418506719-1000: @talk.google.com/O1DPlugin -> C:\Users\Andrei\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-686917814-573201692-2418506719-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Andrei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-09] (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Users\Andrei\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Andrei\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-06-05]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-06-05]
    FF Extension: Swap Proxy - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\swapproxy@mahendra.com [2015-05-31]
    FF Extension: WOT - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-06-01]
    FF Extension: Best Proxy Switcher - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2014-05-27]
    FF Extension: FireX Proxy - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\divanproger@gmail.com.xpi [2014-12-09]
    FF Extension: Hide My Ass Proxy Extension - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\extension@hidemyass.com.xpi [2014-05-27]
    FF Extension: Private Browsing Proxy - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\jid0-YKD0pDHAi6iJdBHruo8SEIJuFv8@jetpack.xpi [2014-05-27]
    FF Extension: One Click Proxy - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2014-05-27]
    FF Extension: Mailvelope - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2014-05-09]
    FF Extension: Webutation - C:\Users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\0ek7p1tn.default-1376629332465\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-04-04]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-23]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-03]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-12-01]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-25]

    Chrome:
    =======
    CHR Profile: C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (WOT) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2012-01-16]
    CHR Extension: (Russias Army) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkhoaofaojcmngdpmfgkdbbfanmponef [2013-05-23]
    CHR Extension: (YouTube) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-26]
    CHR Extension: (Google Search) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-26]
    CHR Extension: (Estudio Junior Mackenzie) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkadnoaipnkgbkplidfnkgafblnhafj [2013-05-23]
    CHR Extension: (Team Tanks) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanaoobcoplmfmebhjddichbapochmad [2013-05-23]
    CHR Extension: (SiteAdvisor) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-05-19]
    CHR Extension: (Pockie Ninja) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnllmdekhoodfjggoncakndldjihiiol [2013-05-23]
    CHR Extension: (Bookmark Manager) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-25]
    CHR Extension: (Tank Trouble) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldgdgflkcdjpbelemjigdiinfheaogp [2013-05-24]
    CHR Extension: (Google Play Music) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2013-07-27]
    CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-12-26]
    CHR Extension: (Mailvelope) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajibbejlbohfaggdiogboambcijhkke [2014-05-09]
    CHR Extension: (Google Play) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-07-27]
    CHR Extension: (Music Tools) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpmmdfknelckkpodjiacfhnkadnefcoo [2013-07-27]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-19]
    CHR Extension: (3D Solar System Web) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2013-05-23]
    CHR Extension: (Anatronica - 3D Interactive Anatomy) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nalpooddpdnhjicpjgnhaihnnfnmbpee [2013-05-23]
    CHR Extension: (Google Wallet) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-03]
    CHR Extension: (ScriptSafe) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2012-01-16]
    CHR Extension: (Super Mario Flash 1 Game) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\oomnbhaoelhidhnicmacemkkipipngnm [2013-05-24]
    CHR Extension: (Gmail) - C:\Users\Andrei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-26]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-01]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-25]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-01]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-25]
    CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-12-01]

    Opera:
    =======
    StartMenuInternet: (HKU\S-1-5-21-686917814-573201692-2418506719-1000) Opera - "C:\Program Files (x86)\Opera\Opera.exe"

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [494424 2011-12-14] (IObit)
    R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [108289 2009-05-13] (Avira GmbH) [File not signed]
    R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [185089 2009-07-21] (Avira GmbH) [File not signed]
    R2 Autorun CDROM Monitor; C:\Windows\SysWOW64\SupportAppXL\cdrom_mon.exe [81920 2007-10-17] () [File not signed]
    S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-25] (Avast Software s.r.o.)
    S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-08] (COMODO)
    S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-08] (COMODO)
    S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
    S4 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2009-07-22] (Firebird Project) [File not signed]
    S4 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2736128 2009-07-22] (Firebird Project) [File not signed]
    S2 gupdate1ce7a5a6ddbcfa; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-27] (Google Inc.)
    S4 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1971384 2015-06-22] ()
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-06-26] (McAfee, Inc.)
    S4 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)
    S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
    R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
    R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
    R2 nanosvc; C:\Program Files (x86)\NANO Antivirus\bin\nanosvc.exe [15034432 2015-07-01] (NANO Security)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
    S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
    R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
    R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-17] (Dell Inc.) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-25] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-25] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-25] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-25] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-25] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-25] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-25] ()
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [74880 2009-11-25] (Avira GmbH)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
    R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-08] (COMODO)
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-08] (COMODO)
    R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2014-12-08] (COMODO)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
    S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
    R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2014-12-08] (COMODO)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-07-02] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
    U3 mfeavfk01; No ImagePath
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
    S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
    R1 nanoflt; C:\Program Files (x86)\NANO Antivirus\bin\nanoflt64.sys [134568 2015-07-01] (NANO Security)
    R1 nanokrn; C:\Program Files (x86)\NANO Antivirus\bin\nanokrn64.sys [161288 2015-07-01] (NANO Security)
    S3 ONDAusbmdm6k; C:\Windows\System32\DRIVERS\ONDAusbmdm6k.sys [144640 2008-01-08] (ONDA Corporation)
    S3 ONDAusbmdm6k; C:\Windows\SysWOW64\DRIVERS\ONDAusbmdm6k.sys [144640 2008-01-08] (ONDA Corporation)
    S3 ONDAusbnmea; C:\Windows\System32\DRIVERS\ONDAusbnmea.sys [144640 2008-01-08] (ONDA Corporation)
    S3 ONDAusbnmea; C:\Windows\SysWOW64\DRIVERS\ONDAusbnmea.sys [144640 2008-01-08] (ONDA Corporation)
    S3 ONDAusbser6k; C:\Windows\System32\DRIVERS\ONDAusbser6k.sys [144640 2008-01-08] (ONDA Corporation)
    S3 ONDAusbser6k; C:\Windows\SysWOW64\DRIVERS\ONDAusbser6k.sys [144640 2008-01-08] (ONDA Corporation)
    R2 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2011-01-15] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2010-12-12] () [File not signed]
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
    U3 a8o87pnl; C:\Windows\System32\Drivers\a8o87pnl.sys [0 ] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{E4CD32FB-D201-4C55-B5AF-05BCD866D2F6}
    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{E0694FE2-3276-4C39-865C-2885CCAB1BE7}
    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{AE57D3C8-3B4A-4FF8-8524-F42A9BA0CAB0}
    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{AC173682-767D-4D50-AB47-ECCA283AC83B}
    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{7A3D221A-444F-4032-AD39-7E3F6AEF1691}
    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{6E3A6780-5E03-47FD-B7DC-47FDAE3330DB}
    2072-05-15 21:35 - 2072-05-15 21:35 - 00000000 _____ C:\Users\Andrei\AppData\Local\{30B28638-B5B5-446B-B175-44258B275786}
    2015-07-02 02:54 - 2015-07-02 02:55 - 00035467 _____ C:\Users\Andrei\Desktop\FRST.txt
    2015-07-02 02:52 - 2015-07-02 02:54 - 00000000 ____D C:\FRST
    2015-07-02 02:24 - 2015-07-02 02:24 - 02112512 _____ (Farbar) C:\Users\Andrei\Desktop\FRST64.exe
    2015-07-02 02:13 - 2015-07-02 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-07-02 01:27 - 2015-07-02 02:35 - 00000000 ____D C:\AdwCleaner
    2015-07-01 10:11 - 2015-07-01 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NANO Antivirus
    2015-06-30 06:17 - 2015-06-30 06:17 - 02244096 _____ C:\Users\Andrei\Desktop\adwcleaner_4.207.exe
    2015-06-30 05:50 - 2015-06-30 05:50 - 00004184 _____ C:\Users\Andrei\Desktop\JRT.txt
    2015-06-30 05:02 - 2015-06-30 05:02 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MASTER-PC-Windows-7-Home-Basic-(64-bit).dat
    2015-06-30 04:49 - 2015-06-30 04:49 - 00000000 ____D C:\RegBackup
    2015-06-30 04:33 - 2015-06-30 04:40 - 02950579 _____ (Malwarebytes Corporation) C:\Users\Andrei\Desktop\JRT.exe
    2015-06-26 11:12 - 2015-06-26 11:12 - 00000000 __SHD C:\found.005
    2015-06-24 02:40 - 2015-06-24 02:40 - 00083967 _____ C:\ZA-Scan.txt
    2015-06-24 02:02 - 2015-06-24 02:02 - 00000000 ____D C:\zoek_backup
    2015-06-16 22:32 - 2015-06-16 22:32 - 00000000 ____H C:\Users\Andrei\AppData\Local\BIT486D.tmp
    2015-06-16 22:32 - 2015-06-16 22:32 - 00000000 ____H C:\Users\Andrei\AppData\Local\BIT4724.tmp
    2015-06-16 22:32 - 2015-06-16 22:32 - 00000000 ____H C:\Users\Andrei\AppData\Local\BIT43AA.tmp
    2015-06-16 22:31 - 2015-06-16 22:31 - 00000000 ____H C:\Users\Andrei\AppData\Local\BIT9DF8.tmp
    2015-06-16 22:31 - 2015-06-16 22:31 - 00000000 ____H C:\Users\Andrei\AppData\Local\BIT9DB9.tmp
    2015-06-16 22:31 - 2015-06-16 22:31 - 00000000 ____H C:\Users\Andrei\AppData\Local\BIT9D3B.tmp
    2015-06-16 22:20 - 2015-06-16 22:41 - 00000000 _____ C:\Users\Andrei\AppData\Local\{0E3A70E8-FCBE-4FFC-9D51-B3A6576ED05B}
    2015-06-16 22:20 - 2015-06-16 22:20 - 00000000 _____ C:\Users\Andrei\AppData\Local\{C8530C47-AA1F-48A3-A1C1-8941B5AE8E35}
    2015-06-16 22:20 - 2015-06-16 22:20 - 00000000 _____ C:\Users\Andrei\AppData\Local\{B95F93E5-9E62-4319-A346-1AFE8FEE01C2}
    2015-06-16 22:20 - 2015-06-16 22:20 - 00000000 _____ C:\Users\Andrei\AppData\Local\{A7D26C33-2F28-4729-9BB3-C5E0C5331382}
    2015-06-16 22:20 - 2015-06-16 22:20 - 00000000 _____ C:\Users\Andrei\AppData\Local\{4446ADCF-89CE-4482-B1DE-F83893F6D1E2}
    2015-06-16 22:20 - 2015-06-16 22:20 - 00000000 _____ C:\Users\Andrei\AppData\Local\{3DE236DA-F1E7-41F9-8A21-16949A9AC9ED}
    2015-06-16 22:20 - 2015-06-16 22:20 - 00000000 _____ C:\Users\Andrei\AppData\Local\{22CD8DA6-5237-480C-AF67-C524B30B79AB}
    2015-06-11 19:51 - 2015-06-11 19:52 - 96587262 _____ C:\Users\Andrei\Desktop\AutoScreenRecorder_01 Jun. 11 19.52.avi
    2015-06-03 22:13 - 2015-06-03 22:14 - 99461390 _____ C:\Users\Andrei\Desktop\AutoScreenRecorder_01 Jun. 03 22.14.avi

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-02 02:53 - 2015-05-20 00:03 - 00000000 ____D C:\Users\Todos os Usuários\nanolsp
    2015-07-02 02:53 - 2015-05-20 00:03 - 00000000 ____D C:\ProgramData\nanolsp
    2015-07-02 02:39 - 2011-08-23 12:45 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-02 02:18 - 2009-07-14 01:45 - 00014016 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-07-02 02:18 - 2009-07-14 01:45 - 00014016 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-07-02 02:14 - 2009-07-14 02:10 - 01833520 _____ C:\Windows\WindowsUpdate.log
    2015-07-02 02:10 - 2015-05-25 06:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2015-07-02 02:09 - 2015-05-19 23:06 - 00000000 ____D C:\Users\Todos os Usuários\nanoav
    2015-07-02 02:09 - 2015-05-19 23:06 - 00000000 ____D C:\ProgramData\nanoav
    2015-07-02 02:09 - 2013-05-27 02:04 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce4e727605b7c3.job
    2015-07-02 02:06 - 2014-04-03 21:48 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4d363e1e3fcf.job
    2015-07-02 02:06 - 2014-02-25 12:38 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2daabce968c6.job
    2015-07-02 02:06 - 2013-12-11 21:27 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef2ec231eb6e3.job
    2015-07-02 02:06 - 2013-07-21 17:10 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a5a8032e76.job
    2015-07-02 02:06 - 2011-08-23 12:45 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-02 02:06 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-07-02 02:04 - 2009-07-14 01:51 - 00170726 _____ C:\Windows\setupact.log
    2015-07-02 00:47 - 2015-05-25 06:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-07-02 00:39 - 2013-02-01 03:04 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
    2015-07-02 00:37 - 2015-05-19 23:44 - 00000000 ____D C:\Program Files (x86)\NANO Antivirus
    2015-07-02 00:37 - 2015-03-31 14:00 - 00000000 ____D C:\Users\Andrei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dispositivos Bluetooth
    2015-07-02 00:30 - 2010-11-04 02:07 - 00158620 _____ C:\Windows\PFRO.log
    2015-06-30 08:56 - 2010-12-10 04:18 - 00000000 ____D C:\Users\Andrei\AppData\Roaming\AIMP
    2015-06-29 17:32 - 2013-02-05 17:10 - 00001024 _____ C:\Users\Public\Desktop\Comodo IceDragon.lnk
    2015-06-26 19:11 - 2011-12-12 21:22 - 00000000 ____D C:\Users\Todos os Usuários\Lavasoft
    2015-06-26 19:11 - 2011-12-12 21:22 - 00000000 ____D C:\ProgramData\Lavasoft
    2015-06-26 11:37 - 2015-05-25 06:38 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
    2015-06-25 05:08 - 2010-11-17 20:02 - 00057944 _____ C:\Users\Andrei\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-06-24 09:41 - 2010-11-30 19:57 - 00000000 ____D C:\Users\Andrei\AppData\Roaming\SoftGrid Client
    2015-06-22 15:22 - 2011-12-26 18:15 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-06-15 19:42 - 2010-11-04 02:36 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
    2015-06-15 19:42 - 2010-11-04 02:36 - 00000000 ____D C:\ProgramData\McAfee
    2015-06-15 19:35 - 2010-11-04 02:36 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2015-06-07 08:48 - 2010-11-17 20:02 - 00000000 ____D C:\Users\Andrei
    2015-06-06 18:06 - 2012-05-21 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-06-06 06:49 - 2011-11-16 19:29 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
    2015-06-05 20:51 - 2011-07-29 15:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

    ==================== Files in the root of some directories =======

    2011-10-13 22:43 - 2011-10-13 22:43 - 0000272 _____ () C:\Users\Andrei\AppData\Roaming\.backup.dm
    2015-06-16 22:32 - 2015-06-16 22:32 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BIT43AA.tmp
    2015-06-16 22:32 - 2015-06-16 22:32 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BIT4724.tmp
    2015-06-16 22:32 - 2015-06-16 22:32 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BIT486D.tmp
    2015-06-16 22:31 - 2015-06-16 22:31 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BIT9D3B.tmp
    2015-06-16 22:31 - 2015-06-16 22:31 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BIT9DB9.tmp
    2015-06-16 22:31 - 2015-06-16 22:31 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BIT9DF8.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITAF5B.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITB036.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITB037.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITB0C4.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITB123.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITB2AA.tmp
    2015-05-16 01:40 - 2015-05-16 01:40 - 0000000 ____H () C:\Users\Andrei\AppData\Local\BITB318.tmp
    2010-11-17 20:29 - 2014-01-01 07:36 - 0015872 _____ () C:\Users\Andrei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2010-11-25 15:15 - 2014-10-21 00:29 - 0007663 _____ () C:\Users\Andrei\AppData\Local\resmon.resmoncfg
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{03E28A88-80DE-4070-ADD9-B5E4FDF5D318}
    2014-09-30 21:04 - 2014-09-30 21:04 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{04A996D4-E627-430C-947D-64BDC854951B}
    2014-09-30 21:05 - 2014-09-30 21:05 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{0788F332-1310-483B-9815-C98E19415C9E}
    2014-10-23 15:18 - 2014-10-23 15:18 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{083850E5-6A13-4B15-83D3-5474820F990F}
    2015-06-16 22:20 - 2015-06-16 22:41 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{0E3A70E8-FCBE-4FFC-9D51-B3A6576ED05B}
    2014-09-23 21:44 - 2014-09-23 21:44 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{140E88AD-9E85-43E4-8D97-010C930F9DA4}
    2015-06-16 22:20 - 2015-06-16 22:20 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{22CD8DA6-5237-480C-AF67-C524B30B79AB}
    2015-05-28 22:28 - 2015-05-28 22:48 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{2D34452E-C8C0-40D2-B1BD-93958E648D24}
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{2FCE0219-A06F-453D-B762-D0EA94B4744B}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{30B28638-B5B5-446B-B175-44258B275786}
    2014-09-30 21:04 - 2014-09-30 21:04 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{3677E6C4-EB0E-4A25-8D64-027EBDBCDFB3}
    2015-06-16 22:20 - 2015-06-16 22:20 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{3DE236DA-F1E7-41F9-8A21-16949A9AC9ED}
    2014-09-23 21:44 - 2014-09-23 21:44 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{409D0BC8-FE03-4C34-AE42-AE5A35DD015A}
    2014-09-30 21:04 - 2014-09-30 21:04 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{40CE9751-34F6-41FF-9404-6F3067CB0E16}
    2015-06-16 22:20 - 2015-06-16 22:20 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{4446ADCF-89CE-4482-B1DE-F83893F6D1E2}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{6E3A6780-5E03-47FD-B7DC-47FDAE3330DB}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{7A3D221A-444F-4032-AD39-7E3F6AEF1691}
    2014-09-30 21:04 - 2014-09-30 21:04 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{824618A1-A12E-444E-A45F-12DD6F5C4002}
    2014-10-23 15:18 - 2014-10-23 15:18 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{8C86C5C8-E55F-4809-BEF7-14EE54A044DD}
    2014-10-23 15:18 - 2014-10-23 15:18 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{8CA05525-D617-4C6C-A2CD-EA0988973232}
    2015-05-28 22:27 - 2015-05-28 22:48 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{A55EE2AC-39CB-48CD-95B0-F53AD861FEA2}
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{A671EF38-CD88-4B39-8804-A911C79EC425}
    2015-06-16 22:20 - 2015-06-16 22:20 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{A7D26C33-2F28-4729-9BB3-C5E0C5331382}
    2015-02-03 04:22 - 2015-02-03 04:43 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{A9C58279-FA73-454B-8C56-243D86D21B0E}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{AC173682-767D-4D50-AB47-ECCA283AC83B}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{AE57D3C8-3B4A-4FF8-8524-F42A9BA0CAB0}
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{B34200F8-9E38-421D-9A29-2B23BFF98ABE}
    2014-06-26 20:09 - 2014-06-26 20:09 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{B8F314E9-B8A8-4A7E-BD78-7EFAFFEFCD42}
    2015-06-16 22:20 - 2015-06-16 22:20 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{B95F93E5-9E62-4319-A346-1AFE8FEE01C2}
    2014-10-23 15:18 - 2014-10-23 15:18 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{C0EE14BF-8578-4D71-B430-5FF537125AB5}
    2014-09-30 21:04 - 2014-09-30 21:04 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{C624DAC8-3A50-4259-950A-BF0E681AE04A}
    2015-06-16 22:20 - 2015-06-16 22:20 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{C8530C47-AA1F-48A3-A1C1-8941B5AE8E35}
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{CF0ED956-8750-4A1A-B76F-66A154C11AF3}
    2014-09-23 21:44 - 2014-09-23 21:44 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{CFE2DA40-2694-4D4A-A482-16775E86B172}
    2014-09-30 21:05 - 2014-09-30 21:05 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{D7D76B69-7CA9-44E1-886F-7937761427C3}
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{DC1B6BAE-D976-40E8-B333-52C399A40A50}
    2014-06-26 20:09 - 2014-06-26 20:09 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{DD8D98D2-2004-4531-AE52-0616A2DB2A90}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{E0694FE2-3276-4C39-865C-2885CCAB1BE7}
    2015-05-16 01:10 - 2015-05-16 01:30 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{E24EEEB9-8371-42FE-AA5F-FB6DC106329E}
    2014-09-23 21:44 - 2014-09-23 21:44 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{E4B5218A-9E41-472E-818C-8E16CA70E02F}
    2072-05-15 21:35 - 2072-05-15 21:35 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{E4CD32FB-D201-4C55-B5AF-05BCD866D2F6}
    2014-06-26 20:09 - 2014-06-26 20:09 - 0000000 _____ () C:\Users\Andrei\AppData\Local\{EF348698-9C62-4933-8E1A-52EEBB232BAD}
    2011-11-28 04:10 - 2014-12-08 05:09 - 0000085 ___SH () C:\ProgramData\.zreglib
    2014-08-22 04:52 - 2014-08-22 04:52 - 0000057 _____ () C:\ProgramData\Ament.ini
    2012-07-21 18:06 - 2012-07-21 18:06 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
    2013-06-13 17:51 - 2014-08-08 08:12 - 0001646 _____ () C:\ProgramData\hpzinstall.log

    Files to move or delete:
    ====================
    C:\Users\Andrei\setup_magicdisc106.exe


    Some files in TEMP:
    ====================
    C:\Users\Andrei\AppData\Local\Temp\htmlayout.dll
    C:\Users\Andrei\AppData\Local\Temp\install_gui.dll
    C:\Users\Andrei\AppData\Local\Temp\op_install32.dll
    C:\Users\Andrei\AppData\Local\Temp\w7_gui.dll
    C:\Users\Andrei\AppData\Local\Temp\xp_gui.dll
    C:\Users\Bug\AppData\Local\Temp\t2ut0syn.dll
    C:\Users\Convidado\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit-1.exe
    C:\Users\Convidado\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit-2.exe
    C:\Users\Convidado\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-06-23 08:25

    ==================== End of log ============================

     

     

     

     

     

     

     

     

     

    ***********  +====================== *****************************

     

     

    O que é AlternateDataStreams ?

     

    Meu emulador Snes9X parou de funcionar depois q fiz os procedimentos pedidos aqui no tópico. porque isso aconteceu ? como faço pra ajeitar ??

     

     

    ******************//////////////////////********************************


    Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
    Ran by Andrei at 2015-07-02 02:56:45
    Running from C:\Users\Andrei\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrador (S-1-5-21-686917814-573201692-2418506719-500 - Administrator - Disabled)
    Andrei (S-1-5-21-686917814-573201692-2418506719-1000 - Administrator - Enabled) => C:\Users\Andrei
    Bug (S-1-5-21-686917814-573201692-2418506719-1002 - Limited - Enabled) => C:\Users\Bug
    Convidado (S-1-5-21-686917814-573201692-2418506719-501 - Limited - Enabled) => C:\Users\Convidado
    Visitante (S-1-5-21-686917814-573201692-2418506719-1001 - Limited - Enabled) => C:\Users\Visitante

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: McAfee Anti-Virus e Anti-Spyware (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
    AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AV: COMODO Antivirus (Disabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
    AV: NANO Antivirus (Disabled - Up to date) {6042C874-D09C-FAB4-B62E-5E03234AF460}
    AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: McAfee Anti-Virus e Anti-Spyware (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
    AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
    AS: NANO Antivirus (Disabled - Up to date) {DB232990-F6A6-F53A-8C9E-657158CDBEDD}
    FW: COMODO Firewall (Disabled) {C8870897-C358-086B-2944-184866CC6D0A}
    FW: McAfee Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.0 - )
    64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Reader XI - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
    Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
    Advanced SystemCare 5 (HKLM-x32\...\Advanced SystemCare 5_is1) (Version: 5.0.0 - IObit)
    AIMP2 (HKLM-x32\...\AIMP2) (Version:  - AIMP DevTeam)
    AmazingMIDI (HKLM-x32\...\AmazingMIDI) (Version:  - )
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ares 2.1.7 (HKLM-x32\...\Ares) (Version: 2.1.7-Build#3041 - Ares Development Group)
    Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
    Assistente de Conexão do Windows Live (HKLM-x32\...\{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}) (Version: 5.000.818.5 - Microsoft Corporation)
    aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.3.570 - DsNET Corp)
    Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
    AVI ReComp 1.5.2 (HKLM-x32\...\AVI ReComp) (Version: 1.5.2 - Mateusz Gola (aka Prozac))
    Avira AntiVir Personal - Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version:  - Avira GmbH)
    AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version:  - )
    Battle for Wesnoth 1.10.2 (HKLM-x32\...\Battle for Wesnoth 1.10.2) (Version: 1.10.2 - )
    Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
    Circuit Construction Kit (DC Only) (HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Circuit Construction Kit (DC Only)) (Version:  - University of Colorado, Department of Physics)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
    CodeBlocks (HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
    Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.0.0 - COMODO)
    Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 38.0.5.2 - COMODO)
    COMODO Internet Security (HKLM\...\{BCC0552D-76C0-4130-BFBD-49BE49ACC594}) (Version: 6.0.2566.2708 - COMODO Security Solutions Inc.)
    CPUID CPU-Z 1.59 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
    Creative Nutri 4.0 (HKLM-x32\...\{9DDA334D-909C-4659-963B-94746A56952A}_is1) (Version:  - Skopein Sistemas)
    Daum PotPlayer 1.5.35491 x64 Edition (HKLM\...\PotPlayer64) (Version:  - )
    Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
    Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.48 - Dell)
    Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
    Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
    Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
    Dell Support Center (Software de Suporte) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
    Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
    Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
    DiskMark 1.0.0.7 (HKLM\...\DiskMark_is1) (Version: 1.0.0.7 - NetworkDLS)
    DJ_SF_06_D1600_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
    DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
    DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.18 - Dell Inc.)
    EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
    Fake Voice 7.0 (HKLM-x32\...\FakeVoice7_is1) (Version: 7.0.0 - Web Solution Mart)
    Fake Webcam 7.0 (HKLM-x32\...\fakewebcam7.0.0_is1) (Version: 7.0.0 - Web Solution Mart)
    Ferramenta de Carregamento do Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    FileMind QuickFix (HKLM-x32\...\{92789900-80D0-4B61-B742-7897964A69AB}_is1) (Version: Build 4184 - Metability Software)
    Firebird 2.1.3.18185 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.3.18185 - Firebird Project)
    FM Screen Capture Codec (Remove Only) (HKLM-x32\...\FMCODEC) (Version:  - )
    Free Download Manager 3.5 RC (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google SketchUp 8 (HKLM-x32\...\{6B5F92BB-4272-4A69-B39B-EED000BC6192}) (Version: 3.0.14372 - Google, Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
    Group Explorer 2.1.0.0 (HKLM-x32\...\Group Explorer) (Version: 2.1.0.0 - Nathan Carter)
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HP Deskjet 1510 series Ajuda (HKLM-x32\...\{6DFDA448-D4A1-49DB-9217-1501D24861F5}) (Version: 30.0.0 - Hewlett Packard)
    HP Deskjet 1510 series Software básico do dispositivo (HKLM\...\{06FD25AF-70F0-4CA9-88EA-490799567F11}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    HP Deskjet D1600 Printer Driver 14.0 Rel. 6 (HKLM\...\{96178C0A-BAF9-4E49-A2A5-CDE76722105B}) (Version: 14.0 - HP)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Java 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
    Java 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
    Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    KEmulator 0.9.8 (HKLM-x32\...\KEmulator 0.9.8) (Version:  - )
    Kwyshell MidpX Emulator Package 1.3.1 (HKLM-x32\...\Kwyshell MidpX Emulator Package) (Version: 1.3.1 - G.Corp)
    LeechGet 2009 Version 2.1 (HKLM-x32\...\LeechGet 2009_is1) (Version:  - LeechGet.net)
    Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
    MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
    Malwarebytes Anti-Malware versão 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
    McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.245 - McAfee, Inc.)
    Megacubo 7.9.8 (HKLM-x32\...\Megacubo_is1) (Version:  - www.megacubo.net)
    MEGAMANX8 (HKLM-x32\...\{AF13E972-FFD5-42FF-8122-46E2F08CEDAF}) (Version: 1.00.0000 - CAPCOM)
    Messenger Plus! 6 (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.773 - Yuna Software)
    Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office com Clique para Executar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Starter 2010 - Português (Brasil) (HKLM-x32\...\{90140011-0066-0416-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    MIDI and Style Player 1.06 (HKLM-x32\...\MIDI and Style Player_is1) (Version:  - )
    Minimodem USB (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.0 - ONDA)
    Monitor da tecnologia Intel® Turbo Boost (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
    Mozilla Firefox 38.0.5 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pt-BR)) (Version: 38.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
    MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
    MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.1 - F.J. Wechselberger)
    NANO Antivirus (HKLM-x32\...\NANO Antivirus) (Version: 0.30.24.67856 - Nano Security Ltd)
    Opera 12.01 (HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Opera 12.01.1532) (Version: 12.01.1532 - Opera Software ASA)
    Piano Eletrônico 2.5 (HKLM-x32\...\Piano Eletrônico 2.5_is1) (Version:  - Maurício Antunes Oliveira)
    PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
    Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version:  - RealNetworks)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.0.0 - DMAILER)
    Semicondutores (HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Semicondutores) (Version:  - University of Colorado, Department of Physics)
    Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
    Skype™ 4.2 (HKLM-x32\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.169 - Skype Technologies S.A.)
    Software WIDCOMM Bluetooth (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
    Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
    Sony Mobile Update Service (HKLM-x32\...\Update Service) (Version: 2.12.8.23 - Sony Mobile Communications AB)
    SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
    SpeedLord (HKLM-x32\...\SpeedLord) (Version: 1.6.0.0 - P2PHood LLC)
    SpiceOpus (HKLM-x32\...\{D790EA16-17C0-4906-9EFB-C7E46E74ECDC}) (Version: 2.3 - CACD)
    STREET FIGHTER IV (HKLM-x32\...\{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}) (Version: 1.00.3013 - CAPCOM U.S.A., INC.)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
    Tencent QQ (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.30.880.0 - Tencent Technology (Shenzhen) Company Limited)
    TIM Web Banda Larga (HKLM-x32\...\TIM Web Banda Larga) (Version: 11.002.03.22.133 - Huawei Technologies Co.,Ltd)
    Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.01.00000 - Ubisoft)
    Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
    Tunelamento Quântico (HKU\S-1-5-21-686917814-573201692-2418506719-1000\...\Tunelamento Quântico) (Version:  - University of Colorado, Department of Physics)
    VideoMonitor 2.5 (HKLM-x32\...\VideoMonitor_is1) (Version:  - VideoMonitor.biz)
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
    VIVO INTERNET (HKLM-x32\...\VIVO INTERNET) (Version: 11.302.06.20.149 - Huawei Technologies Co.,Ltd)
    VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)
    WinPatrol (HKLM-x32\...\WinPatrol) (Version: 19.3.2010.5 - BillP Studios)
    Wisdom-soft Set up ASR 3.1 Free (HKLM-x32\...\Wisdom-soft Set up ASR 3.1 Free) (Version:  - Wisdom Software Inc.)
    Xvid 1.2.2 (HKLM-x32\...\Xvid_is1) (Version: 1.2.2 - Koepi's build)
    Yenka (HKLM-x32\...\Yenka) (Version: 3.4.3.0 - Crocodile Clips Ltd)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-686917814-573201692-2418506719-1000_Classes\CLSID\{42ED960B-3C77-4008-A81E-C655146B1FD5}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-686917814-573201692-2418506719-1000_Classes\CLSID\{9CF1512B-6019-4573-9466-57AA61960209}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    02-07-2015 02:08:24 avast! antivirus system restore point

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 23:34 - 2013-01-11 14:08 - 00444298 ____R C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    127.0.0.1    www.007guard.com
    127.0.0.1    007guard.com
    127.0.0.1    008i.com
    127.0.0.1    www.008k.com
    127.0.0.1    008k.com
    127.0.0.1    www.00hq.com
    127.0.0.1    00hq.com
    127.0.0.1    010402.com
    127.0.0.1    www.032439.com
    127.0.0.1    032439.com
    127.0.0.1    www.0scan.com
    127.0.0.1    0scan.com
    127.0.0.1    www.1000gratisproben.com
    127.0.0.1    1000gratisproben.com
    127.0.0.1    1001namen.com
    127.0.0.1    www.1001namen.com
    127.0.0.1    100888290cs.com
    127.0.0.1    www.100888290cs.com
    127.0.0.1    www.100sexlinks.com
    127.0.0.1    100sexlinks.com
    127.0.0.1    www.10sek.com
    127.0.0.1    10sek.com
    127.0.0.1    www.1-2005-search.com
    127.0.0.1    1-2005-search.com
    127.0.0.1    www.123fporn.info
    127.0.0.1    123fporn.info
    127.0.0.1    123haustiereundmehr.com
    127.0.0.1    www.123haustiereundmehr.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0005955F-BC1B-45AE-8D47-E3EB25072A08} - System32\Tasks\{64260438-B69D-4F15-B779-D027A86BBF25} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {0136431A-0429-4776-BB02-B90A840BB03D} - System32\Tasks\{85D3E7C7-33E6-457E-B47A-0B1CA004D257} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {0281B2BB-7E7A-4E17-B705-69D449C1214C} - System32\Tasks\{A81EB875-6560-4124-8A5A-4F33A02187CD} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {02ABB47D-07EC-4346-95EE-586D447E15DD} - System32\Tasks\{5A73C0E1-A5F3-4A8A-BF03-DCE9C7E010E7} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {02FCF29B-DBE1-42A9-884D-06C60DB83863} - System32\Tasks\{A77A00C1-2513-4106-AE77-4D7C75E8394E} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {0441A100-A111-4E54-B729-46EB166EB071} - System32\Tasks\{A5B6DC9D-74A2-4301-A489-EFE87EAECF80} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {0579D99A-9BEC-4AE9-A4ED-07749F8D6085} - System32\Tasks\{17EFC756-C16C-4E4D-88B1-F5548D2A54E8} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {05B0AD38-47F7-4489-BA1C-38DB866D70EF} - System32\Tasks\{AABEB2C1-8466-42C2-8B43-2EC6ABA3DB2A} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\ADOLF.EXE [1997-01-26] ()
    Task: {05FDF9F5-D2F8-4419-AA97-7434E7C60AEC} - System32\Tasks\{932C4999-9BAF-47F1-BE3F-914280B9F7CE} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {06788E5A-8C0B-40FA-9E27-98BA38F84A9E} - System32\Tasks\{CAEBE501-0E29-407F-B5B4-185122FA7CB6} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {08A47D67-9C0F-4270-B912-D38DC242ACBF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-686917814-573201692-2418506719-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
    Task: {0A30BA32-E475-4EA8-A14C-75900A4601E9} - System32\Tasks\{D43C67EE-CF25-4B6E-BF50-AC749F350DE0} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {0B1105A7-FB7F-485D-B1E6-87284A1B7C2C} - System32\Tasks\{F1A87D68-867F-430A-966A-77E3F065EE18} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {0B3B0CF5-8F48-4FE7-882F-105E78E2F11E} - System32\Tasks\{7214018C-51FB-4307-A3AD-ACE00853E9F0} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {0B43471D-2C39-4E14-82F1-4D59A4D33C3B} - System32\Tasks\{B350368D-24FF-49DE-A439-4D017355717B} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {0B608B28-ED98-4615-9AC5-ABA26A1A9D24} - System32\Tasks\{F1C92C93-A623-460C-A432-968A893B432A} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {0BFC23B2-EC0E-4F7D-8EAC-7E38FFC09071} - System32\Tasks\{43EC367D-6E6C-4E1D-8E0A-97A76E467CDC} => C:\Program Files (x86)\Ubisoft\Chessmaster 10th Edition\Chessmaster.exe
    Task: {0D07C017-ADDD-4D25-A637-AC2B36147478} - System32\Tasks\{BD007096-B214-42F0-A9EB-273A2A7AA264} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\ADOLF.EXE [1997-01-26] ()
    Task: {0D2071A9-B0C7-463D-9E2E-E8B7F62C823A} - System32\Tasks\{11515DB8-C1D3-4E22-828E-7308FB890483} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {1038C004-AB14-4948-BF47-F611BB5487CA} - System32\Tasks\{C03538E7-F291-4C74-BD33-D70249E4AE21} => C:\Program Files (x86)\Ares\Ares.exe [2010-10-27] (Ares Development Group)
    Task: {11C4E3C0-9471-4D42-AD59-45810F760481} - System32\Tasks\{9F5659A3-86C3-4C0B-AD04-29DEB5E5353B} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {11CC8D00-F016-4B88-96C8-93805ECBE4ED} - System32\Tasks\{18F7DE84-A1DD-4951-9C6E-296737FC85C9} => C:\Users\Andrei\Downloads\domin_v2 (1).exe [2012-05-23] ()
    Task: {11F889C6-A01D-4E0C-85FC-A3798A53E72E} - System32\Tasks\{5B2C8DD6-9756-4EBE-A258-C3CB1F1B5472} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {128318C7-75D3-456F-AD3E-17253D976CBF} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7a5a8032e76 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {167381B9-4A53-483D-AD6B-841D65C046C6} - System32\Tasks\{84CA0D42-905A-4CE5-8BC7-0BD4B19B11B8} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {16DDE55B-AF7B-4E0A-B4E9-B2DD3E2008AE} - System32\Tasks\{93262C3E-8E2F-44F6-9FD8-5A1284F2A93F} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {187C9EA2-26C7-41B4-8AC0-DDD3AC63285F} - System32\Tasks\{99FAEB87-9C38-4957-8338-8D491B0A821C} => C:\Program Files (x86)\Ares\Ares.exe [2010-10-27] (Ares Development Group)
    Task: {19A40CFF-C668-4E04-8B9A-53C8B3ED26A0} - System32\Tasks\{DDB7A5C2-F724-4069-8641-AA9AABE47A55} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {19C332C4-6D3D-41D5-B725-04122D8AB2E3} - System32\Tasks\{04B5B922-D13C-4003-B587-1D4D8171A560} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {1B90415F-660E-4EAF-8F52-B57AF59832D2} - System32\Tasks\{EBE630DD-3CC3-40CD-8410-3E9D1E275515} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {1BFAE919-F83B-46FE-8126-0C40575FBAAA} - System32\Tasks\{84DAE94F-6BB9-45B6-82A1-57A8C663659F} => pcalua.exe -a "C:\Program Files (x86)\Minimodem USB\UnInstallModem.exe" -d "C:\Program Files (x86)\Minimodem USB"
    Task: {1C07AEB2-FD93-49F1-B3F6-53B09EADBBA6} - System32\Tasks\{AE89D64D-CC4E-423F-AA01-C039BB191C29} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {1C333313-8CD0-4CCA-AFB5-F1CE34C6E43E} - System32\Tasks\{6EF6C4ED-6329-4ACB-A30F-DEC1B02E8C7F} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\ADOLF.EXE [1997-01-26] ()
    Task: {1D26A079-81FE-491C-B662-62557AA7DEBD} - System32\Tasks\{A94275E5-B8BC-43C4-8C30-4051CCE6C1C1} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {1E757A03-8451-4377-B198-169B3873D5BF} - System32\Tasks\{8F7EF86F-CF50-4105-8EE4-D85CBC9C7543} => C:\Users\Andrei\G My GAMES\Jogos de DOS\Galacta\Galacta.exe [2005-05-15] ()
    Task: {1E89DE0F-EEE9-49F5-B21D-DB028A3A07AC} - System32\Tasks\{1B533251-8DF9-4AE1-9C87-A11AADFF01C3} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {1F46CF41-DDDD-44A4-B0A8-B6BBC4E14B49} - System32\Tasks\{0D1155E8-E13C-4CC3-A93D-DFF7D68BCFD2} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {1FA28141-2EC0-46EE-96AA-A219E4960289} - System32\Tasks\{BDADB791-0DA9-4963-9EC5-72E14F90991F} => pcalua.exe -a "C:\Program Files (x86)\NCH Swift Sound\ExpressRip\uninst.exe"
    Task: {20CBFE2E-E800-4B66-A6DF-5F003D6D92E1} - System32\Tasks\{EDBFCB59-2FBA-4D7B-AA53-A03D86484DFE} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {21DA7F86-C59B-49B5-A6EE-6559A7D53FC3} - System32\Tasks\{7E05FD82-A785-4D0E-B4E3-E978DC5A3A44} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {222DB383-5289-41CE-9EB3-6D3593820BE0} - System32\Tasks\{E09A2FB9-1301-479F-AC22-10D5C391E14E} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {22AF92F0-CA27-4412-A5C7-CD8B24D7A189} - System32\Tasks\{8FED07FE-73E5-4046-9F63-25C84A55914D} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {22ED831D-CA79-45DF-A2C6-44DB4E26DE3C} - System32\Tasks\{3C52A21C-7661-4F3A-AF48-638EE32E5909} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {235AD728-5C6D-4E3C-9FB3-A15D60C759CD} - System32\Tasks\{6FB04DD2-2A36-4DCF-8864-E70C19013550} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {248C5C83-29AC-42E4-863A-0B986C1E378C} - System32\Tasks\{BA8D669D-7459-4FF7-AF5C-BFDCFC00C7E7} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {24BF74D7-A478-4C1F-B306-1BD504FD03E7} - System32\Tasks\{1BA2E850-9CBD-463B-8A11-CE7B1F217CC9} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {24CC9B27-3E83-403D-8A7E-C80A6FA98415} - System32\Tasks\{CF7D4039-BD60-408E-9EE5-AE33A906D8B3} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {25FB0257-CC4C-4E9E-B1ED-670048DBB9C3} - System32\Tasks\{643460E9-E669-4345-9D70-D97348279AD3} => C:\Users\Andrei\Downloads\domin_v2 (1).exe [2012-05-23] ()
    Task: {265676F8-A628-4813-9C98-60B37BD609F7} - System32\Tasks\GoogleUpdateTaskMachineCore1ce4e727605b7c3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {271532B6-B5FB-4F10-83C9-491AA3A7FFFA} - System32\Tasks\{77EB5D7F-4079-453B-A05D-FC96EEE854FC} => C:\Program Files (x86)\Ubisoft\Chessmaster 10th Edition\Chessmaster.exe
    Task: {273ACAA6-1491-4EA3-BF2C-2FB545408574} - System32\Tasks\{E6A23BEE-4D66-4A13-AAE7-6F45C2CCABCC} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {27DAD74A-FFE5-49C3-96F8-58B79088E750} - System32\Tasks\{C3FEA4A9-DC8D-469B-976F-3A2FEA3DA817} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {298D9853-932B-4C49-8B91-78A30679FC37} - System32\Tasks\NCH Software\wavepadDowngrade => C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [2011-11-16] (NCH Software)
    Task: {2A2F7D3B-B720-4B56-8047-96BE805A846A} - System32\Tasks\{B1C5296A-FDE4-4286-BBC6-2165489FE1E5} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {2A8EC21E-0972-426D-AD72-E011C27FBC81} - System32\Tasks\{3595A019-B1F5-4FD3-8D99-98988EFDDBDA} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {2A9E7F4C-0369-4BA5-BCA4-17140CEF3D57} - System32\Tasks\{C039EBEB-5069-45B5-AF01-67469C8ACBB3} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {2B129124-9292-462E-AF63-3869B850F120} - System32\Tasks\{5ECD4DB6-49A3-4B38-AE46-A6D6642AE3C6} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {2B196028-2676-456A-A0CD-58ABFBFE858B} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-08] (COMODO)
    Task: {2B3D25ED-0D31-492C-B8EB-1F92C16839B2} - System32\Tasks\{44C315B6-6B0A-4CD9-B489-B13EC112B5C5} => C:\Program Files (x86)\Ubisoft\Chessmaster 10th Edition\Chessmaster.exe
    Task: {2C488395-84D0-4787-96E1-24E5BDDDA2AC} - System32\Tasks\{37FFBC9E-8540-4F25-B587-8BF8236914C0} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {2E5ED465-C634-45FC-838B-2C5F2868B50F} - System32\Tasks\{FFA901A1-42E5-407C-BFF4-64E763D99B56} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\ADOLF.EXE [1997-01-26] ()
    Task: {2EAF120B-AA47-4216-87B0-165FC6490583} - System32\Tasks\{28E8AC80-0914-41A8-ABD0-7368FE122AB3} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {2F12DF0A-7E8E-4CB4-89E8-7072F2E6E2AC} - System32\Tasks\{399F9494-22FE-4BDF-AEEA-793688199CB1} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {2FA542BA-22AA-49DA-9393-9DD545F9EC60} - System32\Tasks\{CAD90A91-D2B2-418F-8DF4-823B857C8872} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {2FE27AA9-57E8-4E22-B394-57BC0F8C7ADE} - System32\Tasks\{41E34E7E-DEB4-4EE6-B928-52C4B9E001F9} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {3075AFED-3A87-4F16-8AD3-FA85AC324E64} - System32\Tasks\{BA4C80E3-4AB3-4B91-B9B5-0057066FC185} => C:\Program Files (x86)\Ares\Ares.exe [2010-10-27] (Ares Development Group)
    Task: {3081D21E-A16C-49CE-8542-11D2F2508894} - System32\Tasks\{86E8C9AF-5899-428A-81F7-9FF9F0FAFEFC} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {31AC6810-415F-464F-BDF9-61E4866313CC} - System32\Tasks\{D89FE56C-89FB-4EFF-ADA5-56B0C87C707C} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {31B454A7-B8B2-414F-A811-DB3EE0209BE9} - System32\Tasks\{4A0CACC4-7910-4597-AD3E-03472FEAA16B} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {32CBF73F-67D0-459C-85DA-5F00C52959C5} - System32\Tasks\{7238D992-8EAE-4DF2-AB71-691630AE2BE7} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {332C0AA3-668B-4596-B8BA-CC53736CD9A4} - System32\Tasks\{75FE634A-1C1F-45CC-B77F-D0000CEFC349} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {34BF8ED4-BB15-4DAA-B85A-0FB6D4384E87} - System32\Tasks\{5BE27563-56D5-47E5-A851-6AB5C05E392E} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {356E3B99-6D16-4540-BDE3-2A84063B9FF3} - System32\Tasks\{1F224D72-52D9-4D56-84B7-448EA1620A58} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {3626C935-AD3A-409F-8B24-DC2FF2A9FD86} - System32\Tasks\{0806F1B6-5896-44C4-9B9E-E4B5CC6283E4} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\ADOLF.EXE [1997-01-26] ()
    Task: {37377F3F-F629-4821-BD92-E4C08E892183} - System32\Tasks\{7449BFAD-1BC6-46F5-B263-03AAED58EF7E} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {374F6272-241D-4CD8-98C3-0C1C42D20B2E} - System32\Tasks\{B626A011-788B-48D1-A8A1-AE4ECED7DB73} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {37CE7239-7A3B-4C41-A53A-3F53288131F5} - System32\Tasks\GoogleUpdateTaskMachineCore1cf2daabce968c6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {3815EF7F-8643-4D9C-8EFA-D10002590DFD} - System32\Tasks\{20360DA4-46AB-4388-893A-CB711A4F9191} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {38623F9E-C38D-40E1-96B8-9E29D5FB469E} - System32\Tasks\{EE125BC1-82F2-4037-AF8D-C2F862B35ACF} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {396D89D3-E823-4B4C-AAA0-DA3B2FA61445} - System32\Tasks\{2866875E-D8D5-433A-8539-D34B47AF0A87} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {3AB42552-A481-4EC5-9874-4F65DB1593FD} - System32\Tasks\{C1A629DE-FA33-4227-B4FC-575BCA2EC84D} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {3ADB60CA-CACD-4EBE-A2EC-38AB7A82FE4E} - System32\Tasks\{0ACE5C76-DED5-43CA-ADF2-8711AD3EF7AB} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {3B2C8A42-34FF-4D64-98B2-D46B0FD4E07D} - System32\Tasks\{7E92FF24-B753-4D54-9DC4-318E4AE777E2} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {3BC7A5D5-22A4-4058-9185-DDB5BAD0A509} - System32\Tasks\{C23519C9-FC95-4DF4-ADCD-582AAEA85614} => C:\Users\Andrei\Desktop\Games Andrei\Chess Master\Todas as partes Juntas\game.exe [2004-07-22] (Ubi Soft Entertainment)
    Task: {3C244805-216C-450C-BC27-5DC71953A2FA} - System32\Tasks\{3FB5F97C-118F-4BFE-AFC4-FCD6AB07F574} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {3C9FE50D-247E-4CF7-B241-923026A49D6E} - System32\Tasks\{0D1955C4-1CC7-48D1-B3F5-62CA42E1979F} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {3D8FDCA9-D81A-43EC-BCCB-00DECC71D567} - System32\Tasks\{E97356C2-3DEE-4D9E-8B0D-75CD9570E4C4} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {3EE7444B-85EE-4AE0-8AAC-D3476C350F7B} - System32\Tasks\{C7B3E418-2219-49A1-8571-7C211D2FB3DF} => C:\Program Files (x86)\Ares\Ares.exe [2010-10-27] (Ares Development Group)
    Task: {3FBA498E-E9C1-4B80-970A-FB2E4EA26E9B} - System32\Tasks\{EEB4CA57-6358-4AC3-83CA-2E8A701D58C0} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {40B2E3EC-057C-41E2-8845-2830342FDD59} - System32\Tasks\{E128B354-595E-4076-8697-200C02FA4DB5} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {4180A504-2365-4546-AD14-68590AAF670D} - System32\Tasks\{68364694-2D8A-4EA9-B6B0-A2F1B287951B} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {4180DFE8-275E-4B7C-86DA-906A29EE4F7A} - System32\Tasks\{28561612-3D3B-46FF-A9AA-44C39CD24EA0} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {423BD749-222D-49FF-9F38-2368ED342699} - System32\Tasks\{B8AA0F4E-C26B-4EBB-944E-8EA0CC506E73} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {42B65B85-6D24-485E-A5AC-92D8785CF43D} - System32\Tasks\{F72D28D6-04F3-4ADA-8603-29C15F6E8E7D} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {42D3FD7D-0F62-4F01-9200-9E1C73890CDB} - System32\Tasks\{591F7395-3114-4D6E-A717-CB34A0070D52} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {42DEDBB2-05FB-459B-B7EF-DEBEE1587B4F} - System32\Tasks\{7DA0E6A6-A031-449F-8E5C-F36E4E510980} => C:\Program Files (x86)\Ares\Ares.exe [2010-10-27] (Ares Development Group)
    Task: {43FA7F8E-262E-4B14-9773-13CD4E137D5A} - System32\Tasks\{36A703E8-9F5B-48B8-AA93-D6261AB2C8C9} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {44C8FB12-2B1B-4F6C-AE8E-B79E8BDB6324} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-686917814-573201692-2418506719-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
    Task: {44DA8215-3276-4372-8E29-05E14A20F256} - System32\Tasks\{C49790B6-57DD-4944-9D4E-6A2681F01B2A} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {469946BD-55EB-40AF-A102-B39F7FDBFEE7} - System32\Tasks\{729F1B32-9E48-4F8B-811B-32AC1B8A840D} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {4776914D-4E57-4FA6-B8AB-D4B08D94CCA6} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    Task: {47C28B4D-3B98-46A6-A575-4F3FBFE93085} - System32\Tasks\{1914D680-1140-4FB0-8B22-9D3753EF77A0} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {48F86E7D-8C41-439E-8D35-63F86D19B973} - System32\Tasks\{7E2192B9-76C7-4A1B-A1B1-993F2CB564CA} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {49037446-2F44-4442-BD2B-FAB94771971B} - System32\Tasks\{ACE862B2-C58B-42B6-A33B-88090A48AC74} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {493B2C53-5FC9-4209-9166-1F1421650DE1} - System32\Tasks\{76FAEA4B-E879-449E-803B-EEC33EAEAC2D} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {49EC1A28-127C-4E93-A7ED-32E93B47881C} - System32\Tasks\{3E5BB735-17DB-4969-A138-A179FD999D97} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {4A2F5559-231D-41F9-A50D-FB23E07DD5FE} - System32\Tasks\{122ED841-A346-4AA0-A0AB-F5BD97773BCC} => C:\Users\Andrei\Downloads\adolf_maninhosk8_NL\ADOLF\INSTALA.EXE [1995-10-11] ()
    Task: {4A5E22D2-555B-405C-9027-CBA330C41AB0} - System32\Tasks\{2D37AACD-F956-4AE0-9065-438898D4DBD4} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {4B96E1E0-8496-4CD2-ADB3-B1CFF366F92E} - System32\Tasks\{ED8BE3E4-8689-4B3A-98EE-F6B33BF4642C} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {4BA14099-5CDE-40A5-AB5C-CB2785CD6B40} - System32\Tasks\{329825B9-9C67-4EFB-B6E5-1E201372E51E} => C:\Users\Andrei\Downloads\GAMES\domin_v2.exe [2011-03-10] ()
    Task: {4C43BCDF-1B1E-43DD-9844-C84A1A23383B} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff78d1e08dc0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
    Task: {4C762F56-C215-4CDC-97BB-8D5017E60EDE} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-08] (COMODO)
    Task: {4D8AFB44-C869-4B0A-8F7D-8177DCE26FB9} - System32\Tasks\{0058484E-759A-4E1D-B9F0-BB1E72F834F3} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {4DE3E6E8-4BD8-4252-93AA-2C7275EAD1EA} - System32\Tasks\{0A77A083-F64D-4EE7-A90D-776D161A5DBD} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26] (Microsoft Corporation)
    Task: {4E60C1EE-0C87-4E49-AF8D-BDF907823535} - System32\Tasks\{07F0A505-4AD4-46CD-95F8-B1D38CB29126} => C:\Program
     

    ****************************************************************************************************

     

               ****   Continua a seguir devido o texto ser muito longo  ****

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×