cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015
Ran by Alcidio (administrator) on ALCIDIO-PC on 24-05-2015 10:29:58
Running from C:\Windows\SysWOW64\config\systemprofile\Downloads
Loaded Profiles: Alcidio (Available Profiles: Alcidio & Alcidio Aguiar)
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe
(ClaraLabs) C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Avast Software s.r.o.) C:\Windows\System32\config\systemprofile\Desktop\909-avast_free_antivirus_setup_online.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [jusched] => C:\Users\Alcidio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QP2MCBY\VDownloaderSetup[1].exe
HKLM-x32\...\Run: [\algexpand.exe] => C:\ProgramData\algexpand.exe
HKLM-x32\...\Run: [\labelmap.exe] => C:\Users\Alcidio\AppData\Roaming\labelmap.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mbot_br_103] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-09] (Dell)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginAbn: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2013-09-23] (Banco Real)
HKU\S-1-5-21-285676303-1957818369-2877117855-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-285676303-1957818369-2877117855-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [{90140000-0011-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-0016-0416-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-0018-0416-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001B-0416-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001A-0416-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\Users\Alcidio Aguiar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-06-11]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-02-09]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-02-09]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2015-01-09]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-02-09]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll No File
GroupPolicyUsers\S-1-5-21-285676303-1957818369-2877117855-1001\User: Group Policy Restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1407791934&from=bxk1&uid=WDCXWD3200BPVT-75ZEST0_WD-WXQ1AC0X5604X5604&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1407791934&from=bxk1&uid=WDCXWD3200BPVT-75ZEST0_WD-WXQ1AC0X5604X5604&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1407791934&from=bxk1&uid=WDCXWD3200BPVT-75ZEST0_WD-WXQ1AC0X5604X5604&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1407791934&from=bxk1&uid=WDCXWD3200BPVT-75ZEST0_WD-WXQ1AC0X5604X5604&q={searchTerms}
HKU\S-1-5-21-285676303-1957818369-2877117855-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
HKU\S-1-5-21-285676303-1957818369-2877117855-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emresumo.com.br/?utm_source=installSD&utm_medium=sol
HKU\S-1-5-21-285676303-1957818369-2877117855-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.emresumo.com.br/?utm_source=installSD&utm_medium=sol
URLSearchHook: HKU\S-1-5-21-285676303-1957818369-2877117855-1000 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM -> DefaultScope {5224F232-A2ED-4D29-99FC-092F1949FCF5} URL = http://br.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CtD0C0BtAzzzyyDtD0F0A0DtCzztAyEtN0D0Tzu0StCtCzyyBtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtB0D0B0ByC0AyBtGzytAyCzytG0C0CtAtDtG0ByDyCtDtGtCyCyCyC0BtAtA0D0DyE0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FtAyByCtB0C0DtGzztB0A0FtGyEtC0EyBtGzzyDzz0AtGzzyC0D0AyDtB0CzzyB0A0EyE2QtN0A0LzutB%26cr%3D964512442%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Basic&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1407791934&from=bxk1&uid=WDCXWD3200BPVT-75ZEST0_WD-WXQ1AC0X5604X5604&q={searchTerms}
SearchScopes: HKLM -> {5224F232-A2ED-4D29-99FC-092F1949FCF5} URL = http://br.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CtD0C0BtAzzzyyDtD0F0A0DtCzztAyEtN0D0Tzu0StCtCzyyBtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtB0D0B0ByC0AyBtGzytAyCzytG0C0CtAtDtG0ByDyCtDtGtCyCyCyC0BtAtA0D0DyE0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FtAyByCtB0C0DtGzztB0A0FtGyEtC0EyBtGzzyDzz0AtGzzyC0D0AyDtB0CzzyB0A0EyE2QtN0A0LzutB%26cr%3D964512442%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Basic&p={searchTerms}
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1eeK7l24Ey_peMn2wnP0QyCO5K5XmXCpPyor6rlPDxrIa1JvrIdMUKm5JX1iyaxORiAHg4ipMDRhMlhT1jasdm5qnP0T4M1CXW4wMcijXbx3eMjcRvtyg2ghEmQ1eAJUCJmo9lZkD6s9bdfwh1qyIA-a9ptRa-WnV_0ZLHrbVPRZ6B3Mi&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent.com/?appId=f64ed2e7-b0df-426d-9da7-ab83010828d6&ref=toolbox&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {5224F232-A2ED-4D29-99FC-092F1949FCF5} URL =
SearchScopes: HKU\.DEFAULT -> {5224F232-A2ED-4D29-99FC-092F1949FCF5} URL =
SearchScopes: HKU\S-1-5-21-285676303-1957818369-2877117855-1000 -> DefaultScope Web URL = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
SearchScopes: HKU\S-1-5-21-285676303-1957818369-2877117855-1000 -> Web URL = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
SearchScopes: HKU\S-1-5-21-285676303-1957818369-2877117855-1000 -> {5224F232-A2ED-4D29-99FC-092F1949FCF5} URL = http://br.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_16¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CtD0C0BtAzzzyyDtD0F0A0DtCzztAyEtN0D0Tzu0StCtCzyyBtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtB0D0B0ByC0AyBtGzytAyCzytG0C0CtAtDtG0ByDyCtDtGtCyCyCyC0BtAtA0D0DyE0BtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FtAyByCtB0C0DtGzztB0A0FtGyEtC0EyBtGzzyDzz0AtGzzyC0D0AyDtB0CzzyB0A0EyE2QtN0A0LzutB%26cr%3D964512442%26a%3Dwny_ir_15_16%26os%3DWindows 7 Home Basic&p={searchTerms}
SearchScopes: HKU\S-1-5-21-285676303-1957818369-2877117855-1000 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\S-1-5-21-285676303-1957818369-2877117855-1000 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent.com/?appId=f64ed2e7-b0df-426d-9da7-ab83010828d6&ref=toolbox&q={searchTerms}
BHO: No Name -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> No File
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG9\avgssiea.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll [2014-04-02] (SIEN)
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: No Name -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-24] (Oracle Corporation)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: No Name -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> No File
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG9\avgssie.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll [2014-04-02] (SIEN)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2013-09-23] (Banco Real)
BHO-x32: No Name -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E37CB5F0-51F5-4395-A808-5FA49E399007} https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [1598520 2013-09-23] (Banco Real)
Hosts: 69.162.112.196 wwwstatic.megavideo.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-24] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2014-11-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\SearchTheWeb.xml [2014-08-11]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-08-11]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: No Name - C:\Program Files\V-bates\Firefox [2014-10-05]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-01]
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\Alcidio\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF HKLM-x32\...\Firefox\Extensions: [seesimilar02@SeeSimilar.com] - C:\Users\Alcidio\AppData\Roaming\Mozilla\Extensions\seesimilar02@SeeSimilar.com
FF Extension: SeeSimilar02 - C:\Users\Alcidio\AppData\Roaming\Mozilla\Extensions\seesimilar02@SeeSimilar.com [2013-09-29]
FF HKLM-x32\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\Alcidio\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF HKLM-x32\...\Firefox\Extensions: [searchpredict@speedbit.com] - C:\Program Files (x86)\SearchPredict\PRFireFox
FF HKLM-x32\...\Firefox\Extensions: [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] - C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [search-snacks@search-snacks.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\search-snacks@search-snacks.com

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [adpeheiliennogfclcgmchdfdmafjegc] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [defdhglnppeioeflggkmglipcecffkhk] - C:\Program Files (x86)\ComplitlyEngine\chrome\ComplitlyEngineChrome.crx [2011-06-12]
CHR HKLM-x32\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [epojlgbehpaeekopencdagbdamnkppci] - C:\Program Files (x86)\LyriXeeker\128.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Alcidio\AppData\Roaming\zulagames\zulagames.crx [2013-07-01]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 ClaraUpdater; C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [325232 2014-10-24] (ClaraLabs)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) []
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [451640 2013-09-23] (GAS Tecnologia)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) []
S2 MySql; C:\MySQL\bin\mysqld-max.exe [2023424 2002-01-09] () []
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-17] (Dell Inc.) []
S2 Mext Guard; "C:\Program Files\V-bates\guardsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [48296 2013-02-06] (GAS Tecnologia)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2012-09-11] (Highresolution Enterprises [www.highrez.co.uk])
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S1 lwnfd_1_10_0_13; system32\drivers\lwnfd_1_10_0_13.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Spring64.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
S1 {31a2f244-4a67-4367-b593-df9513aea360}w64; system32\drivers\{31a2f244-4a67-4367-b593-df9513aea360}w64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 10:27 - 2015-05-24 10:29 - 00000000 ____D () C:\FRST
2015-05-24 10:22 - 2015-05-24 10:22 - 00000000 ____D () C:\Program Files (x86)\Iminent
2015-05-24 10:13 - 2015-05-24 10:13 - 00000056 _____ () C:\Windows\setupact.log
2015-05-24 10:13 - 2015-05-24 10:13 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-24 10:12 - 2015-05-24 10:12 - 00002856 _____ () C:\Windows\PFRO.log
2015-05-24 10:11 - 2015-05-24 10:11 - 00000181 _____ () C:\cleanup.bat
2015-05-24 10:11 - 2015-05-24 10:11 - 00000000 ____D () C:\AVG_BFEfix
2015-05-24 10:03 - 2015-05-24 10:03 - 00000000 ____D () C:\Users\TEMP\AppData\Local\MFAData
2015-05-24 10:03 - 2015-05-24 10:03 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Avg2015
2015-05-23 23:44 - 2015-04-08 00:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-23 23:44 - 2015-04-08 00:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-23 01:38 - 2015-04-21 23:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-23 01:38 - 2015-04-21 22:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-23 01:38 - 2015-04-21 14:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-23 01:38 - 2015-04-21 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-23 01:38 - 2015-04-21 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-23 01:38 - 2015-04-21 13:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-23 01:38 - 2015-04-21 13:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-23 01:38 - 2015-04-21 13:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-23 01:38 - 2015-04-21 13:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-23 01:38 - 2015-04-21 13:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-23 01:38 - 2015-04-21 13:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-23 01:38 - 2015-04-21 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-23 01:38 - 2015-04-21 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-23 01:38 - 2015-04-21 13:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-23 01:38 - 2015-04-21 13:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-23 01:38 - 2015-04-21 13:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-23 01:38 - 2015-04-21 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-23 01:38 - 2015-04-21 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-23 01:38 - 2015-04-21 13:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-23 01:38 - 2015-04-21 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-23 01:38 - 2015-04-21 13:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-23 01:38 - 2015-04-21 13:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-23 01:38 - 2015-04-21 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-23 01:38 - 2015-04-21 13:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-23 01:38 - 2015-04-21 13:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-23 01:38 - 2015-04-21 13:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-23 01:38 - 2015-04-21 13:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-23 01:38 - 2015-04-21 13:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-23 01:38 - 2015-04-21 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-23 01:38 - 2015-04-21 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-23 01:38 - 2015-04-21 13:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-23 01:38 - 2015-04-21 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-23 01:38 - 2015-04-21 13:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-23 01:38 - 2015-04-21 13:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-23 01:38 - 2015-04-21 13:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-23 01:38 - 2015-04-21 13:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-23 01:38 - 2015-04-21 12:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-23 01:38 - 2015-04-21 12:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-23 01:38 - 2015-04-21 12:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-23 01:38 - 2015-04-21 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-23 01:38 - 2015-04-21 12:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-23 01:38 - 2015-04-21 12:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-23 01:38 - 2015-04-21 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-23 01:38 - 2015-04-21 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-23 01:38 - 2015-04-21 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-23 01:38 - 2015-04-21 12:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-23 01:38 - 2015-04-21 12:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-23 01:38 - 2015-04-21 12:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-23 01:38 - 2015-04-21 12:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-23 01:38 - 2015-04-21 12:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-23 01:38 - 2015-04-21 12:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-23 01:38 - 2015-04-21 12:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-23 01:38 - 2015-04-21 12:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-23 01:38 - 2015-04-21 12:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-23 01:38 - 2015-04-21 12:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-23 01:38 - 2015-04-21 12:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-23 01:38 - 2015-04-21 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-23 01:38 - 2015-04-21 12:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-23 01:38 - 2015-04-21 11:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-23 01:38 - 2015-04-21 11:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-23 01:36 - 2015-05-04 22:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-23 01:36 - 2015-05-04 22:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-23 01:36 - 2015-04-18 00:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-23 01:36 - 2015-04-17 23:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-23 01:36 - 2015-04-04 00:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-23 01:36 - 2015-04-04 00:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-23 01:36 - 2015-04-04 00:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-23 01:36 - 2015-04-04 00:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-23 01:36 - 2015-04-04 00:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-23 01:36 - 2015-04-04 00:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-23 01:36 - 2015-04-04 00:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-23 01:36 - 2015-04-04 00:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-23 01:36 - 2015-04-04 00:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-23 01:36 - 2015-04-04 00:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-23 01:36 - 2015-04-04 00:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-23 01:36 - 2015-04-04 00:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-23 01:36 - 2015-04-04 00:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-23 01:36 - 2015-04-04 00:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-23 01:36 - 2015-04-03 23:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-23 01:31 - 2015-04-20 00:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-23 01:31 - 2015-04-20 00:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-23 01:31 - 2015-04-19 23:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-23 01:31 - 2015-04-19 23:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-23 01:31 - 2015-04-13 00:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-23 01:27 - 2015-03-04 01:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-23 01:27 - 2015-03-04 01:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-23 01:27 - 2015-03-04 01:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-23 01:27 - 2015-03-04 01:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-23 01:27 - 2015-03-04 01:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-23 01:27 - 2015-03-04 01:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-23 01:27 - 2015-03-04 01:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-23 01:27 - 2015-02-18 04:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-23 01:27 - 2015-02-18 04:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-23 01:15 - 2015-01-29 00:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-23 01:15 - 2015-01-29 00:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-22 21:38 - 2015-05-01 10:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 21:38 - 2015-05-01 10:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 10:22 - 2009-07-14 02:10 - 01140454 _____ () C:\Windows\WindowsUpdate.log
2015-05-24 10:22 - 2009-07-14 01:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-24 10:22 - 2009-07-14 01:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-24 10:19 - 2015-03-09 15:18 - 00000000 ____D () C:\Program Files\Java
2015-05-24 10:19 - 2014-01-31 18:47 - 00000000 ____D () C:\Users\Todos os Usuários\Oracle
2015-05-24 10:19 - 2014-01-31 18:47 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-24 10:18 - 2015-03-09 15:20 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-05-24 10:16 - 2014-10-05 09:46 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {66307F8D-6DC2-456F-934B-BFE250F72179}.job
2015-05-24 10:15 - 2011-02-09 12:00 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Local\SoftThinks
2015-05-24 10:15 - 2011-02-09 12:00 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-05-24 10:15 - 2011-02-09 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-05-24 10:15 - 2011-02-09 11:29 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-05-24 10:14 - 2014-09-29 20:02 - 00000286 _____ () C:\Windows\Tasks\FF Watcher {19953B5A-F681-4ED3-9AFF-FC73ECB6654A}.job
2015-05-24 10:14 - 2013-08-08 20:04 - 00000294 _____ () C:\Windows\Tasks\DSite.job
2015-05-24 10:14 - 2013-07-06 16:05 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2015-05-24 10:14 - 2013-07-06 16:05 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2015-05-24 10:14 - 2013-07-06 16:05 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2015-05-24 10:14 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-24 10:08 - 2011-05-27 21:40 - 00000000 ____D () C:\Users\Todos os Usuários\MFAData
2015-05-24 10:08 - 2011-05-27 21:40 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-24 09:53 - 2014-10-25 12:38 - 00000020 _____ () C:\Users\Todos os Usuários\bc.ini
2015-05-24 09:53 - 2014-10-25 12:38 - 00000020 _____ () C:\ProgramData\bc.ini
2015-05-24 09:53 - 2013-09-22 20:33 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu Security
2015-05-24 09:53 - 2013-09-22 20:33 - 00000000 ____D () C:\ProgramData\Baidu Security
2015-05-24 09:52 - 2015-04-16 21:59 - 00000594 _____ () C:\Windows\wininit.ini
2015-05-24 09:38 - 2014-12-28 08:28 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-285676303-1957818369-2877117855-1000UA.job
2015-05-24 09:38 - 2014-12-28 08:28 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-285676303-1957818369-2877117855-1000Core.job
2015-05-24 09:38 - 2011-12-03 18:04 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 03:30 - 2009-07-14 01:45 - 00409744 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-23 03:26 - 2015-04-05 00:02 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-23 03:26 - 2015-04-05 00:02 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-23 03:26 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-23 03:08 - 2011-02-17 20:30 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2015-05-23 03:08 - 2011-02-17 20:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-23 00:13 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-22 21:45 - 2014-10-05 09:46 - 00000000 ____D () C:\Program Files (x86)\WiFi Protector
2015-05-19 22:41 - 2015-01-16 22:15 - 00000000 ____D () C:\Windows\SysWOW64\cache
2015-05-15 21:04 - 2013-07-14 16:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-26 23:08 - 2015-01-10 07:46 - 00002018 ____H () C:\Users\TEMP\Documents\Default.rdp

==================== Files in the root of some directories =======

2011-12-10 16:39 - 2011-06-09 11:03 - 3486088 _____ (Ask) C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
2014-10-25 12:38 - 2015-05-24 09:53 - 0000020 _____ () C:\ProgramData\bc.ini
2014-10-02 19:52 - 2014-10-02 19:52 - 0014304 _____ () C:\ProgramData\Duplicaterecord.js
2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
2011-03-01 22:23 - 2013-09-14 19:51 - 0002933 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\FileSplitUpLoad.dll


Some files in TEMP:
====================
C:\Users\Alcidio\AppData\Local\Temp\310714_b4.exe
C:\Users\Alcidio\AppData\Local\Temp\310714_bb.exe
C:\Users\Alcidio\AppData\Local\Temp\35938uninstall.exe
C:\Users\Alcidio\AppData\Local\Temp\avguidx.dll
C:\Users\Alcidio\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe
C:\Users\Alcidio\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.5.70512.exe
C:\Users\Alcidio\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.9.76886.exe
C:\Users\Alcidio\AppData\Local\Temp\cabex.dll
C:\Users\Alcidio\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyyhqj4.dll
C:\Users\Alcidio\AppData\Local\Temp\hao123inst-brazil.exe
C:\Users\Alcidio\AppData\Local\Temp\is-RUQFQ.tmpVOPackage.exe
C:\Users\Alcidio\AppData\Local\Temp\j4woytqu.dll
C:\Users\Alcidio\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Alcidio\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Alcidio\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Alcidio\AppData\Local\Temp\oi_{8DDF92D1-39CC-4CF8-A3E9-3564FADD594A}.exe
C:\Users\Alcidio\AppData\Local\Temp\oi_{AED8E243-AC2B-4125-A336-8C6F3C109B38}.exe
C:\Users\Alcidio\AppData\Local\Temp\res.dll
C:\Users\Alcidio\AppData\Local\Temp\spark_install.exe
C:\Users\Alcidio\AppData\Local\Temp\SpOrder.dll
C:\Users\Alcidio\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Alcidio\AppData\Local\Temp\System.Data.SQLite28328.dll
C:\Users\Alcidio\AppData\Local\Temp\System.Data.SQLite38964.dll
C:\Users\Alcidio\AppData\Local\Temp\System.Data.SQLite91097.dll
C:\Users\Alcidio\AppData\Local\Temp\unelevate.exe
C:\Users\Alcidio\AppData\Local\Temp\uninst1.exe
C:\Users\Alcidio\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Alcidio\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Alcidio\AppData\Local\Temp\wget.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 00:25

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité