Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01 Ran by henri_000 (administrator) on MATIELLO on 22-06-2015 17:24:21 Running from C:\Users\henri_000\Desktop Loaded Profiles: henri_000 (Available Profiles: henri_000) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files (x86)\puush\puush.exe (GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Autodesk Inc.) C:\Users\henri_000\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-10] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-16] (Dell Inc.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-01-12] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [855768 2015-03-11] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3207680 2015-05-20] (GoPro) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Run: [uTorrent] => C:\Users\henri_000\AppData\Roaming\uTorrent\uTorrent.exe [1441104 2015-04-28] (BitTorrent Inc.) HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568392 2015-03-30] () HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31283328 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Run: [Spotify Web Helper] => C:\Users\henri_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-05] (Spotify Ltd) HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Run: [Spotify] => C:\Users\henri_000\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-05] (Spotify Ltd) HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Policies\Explorer: [] HKU\S-1-5-21-2481831376-2314398108-120359188-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2015-01-28] (Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-04-11] ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2481831376-2314398108-120359188-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2481831376-2314398108-120359188-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-11-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-02] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2013-11-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-16] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-11-02] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 125.63.255.11 125.63.255.74 220.101.191.16 FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-19] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-19] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2481831376-2314398108-120359188-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\henri_000\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-02] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-04-30] Chrome: ======= CHR Profile: C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-20] CHR Extension: (Google Drive) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-20] CHR Extension: (YouTube) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-20] CHR Extension: (Google Search) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-20] CHR Extension: (SiteAdvisor) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-02] CHR Extension: (AdBlock) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-22] CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf [2014-08-20] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15] CHR Extension: (Google Wallet) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20] CHR Extension: (Gmail) - C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-20] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-09] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-09] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2015-03-11] (BlueStack Systems, Inc.) S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-11] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-11] (BlueStack Systems, Inc.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [145288 2015-04-09] (Dell Inc.) S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-27] (Dell Inc.) S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-27] (Dell Inc.) S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-20] (Aviata, Inc.) S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232152 2015-05-20] (Dell Inc.) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-19] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-06-04] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.) S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-11] (Dell Inc.) [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] () S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor) S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-10-23] (SoftThinks SAS) S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-03-11] (BlueStack Systems) S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation) S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-04-30] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-19] (Motorola Solutions, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.) R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-27] (Dell Computer Corporation) R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-27] (Dell Computer Corporation) R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows (R) Win 7 DDK provider) S3 GunBod; C:\Windows\system32\gunbod64.sys [86352 2015-03-10] () S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-20] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-19] (Intel Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3494680 2014-12-08] (Intel Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2013-12-30] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-22 17:24 - 2015-06-22 17:25 - 00025862 _____ C:\Users\henri_000\Desktop\FRST.txt 2015-06-22 17:23 - 2015-06-22 17:24 - 00000000 ____D C:\FRST 2015-06-22 17:22 - 2015-06-22 17:23 - 02109952 _____ (Farbar) C:\Users\henri_000\Desktop\FRST64.exe 2015-06-22 17:02 - 2015-06-22 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-06-21 13:45 - 2015-06-21 13:45 - 00001422 _____ C:\Users\henri_000\Desktop\JRT.txt 2015-06-21 13:35 - 2015-06-21 13:35 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MATIELLO-Windows-8.1-(64-bit).dat 2015-06-21 13:34 - 2015-06-21 13:34 - 00000000 ____D C:\RegBackup 2015-06-21 13:32 - 2015-06-21 13:33 - 02950750 _____ (Thisisu) C:\Users\henri_000\Desktop\JRT.exe 2015-06-21 00:05 - 2015-06-21 00:05 - 00002539 _____ C:\Users\henri_000\Desktop\ZHPFixReport.txt 2015-06-20 21:59 - 2015-06-20 21:59 - 00122900 _____ C:\Users\henri_000\Desktop\ZHPDiag.txt 2015-06-20 21:57 - 2015-06-20 21:57 - 00000512 _____ C:\PhysicalDisk0_MBR.bin 2015-06-20 21:52 - 2015-06-21 00:05 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\ZHP 2015-06-20 21:52 - 2015-06-20 21:52 - 00002005 _____ C:\Users\henri_000\Desktop\ZHPFix.lnk 2015-06-20 21:52 - 2015-06-20 21:52 - 00001874 _____ C:\Users\henri_000\Desktop\ZHPDiag.lnk 2015-06-20 21:52 - 2015-06-20 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2015-06-20 21:52 - 2015-06-20 21:52 - 00000000 ____D C:\Program Files (x86)\ZHPDiag 2015-06-20 21:50 - 2015-06-20 21:51 - 06880102 _____ (Nicolas Coolman ) C:\Users\henri_000\Downloads\ZHPDiag2.exe 2015-06-20 17:30 - 2015-06-20 17:30 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis 2015-06-20 17:30 - 2015-06-20 17:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro 2015-06-20 17:27 - 2015-06-20 17:38 - 00000000 ____D C:\HijackThis 2015-06-20 11:43 - 2015-06-20 21:45 - 00010049 _____ C:\Users\henri_000\Desktop\comida.xlsx 2015-06-17 23:14 - 2015-06-17 23:47 - 00000000 ____D C:\Users\henri_000\Desktop\asia 2015-06-17 12:06 - 2015-06-21 17:11 - 00000000 ____D C:\Users\henri_000\Documents\UFF down materias nao feitas 2015-06-11 11:25 - 2015-05-25 23:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-11 11:25 - 2015-05-25 23:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-11 11:25 - 2015-04-14 08:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll 2015-06-11 11:25 - 2015-04-14 08:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll 2015-06-11 11:25 - 2015-04-10 10:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2015-06-11 11:25 - 2015-04-10 10:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2015-06-11 11:25 - 2015-04-09 08:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll 2015-06-11 11:25 - 2015-04-09 08:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml 2015-06-11 11:25 - 2015-04-02 08:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2015-06-11 11:25 - 2015-04-02 08:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2015-06-11 11:25 - 2015-03-20 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2015-06-11 11:25 - 2015-03-20 13:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-06-11 11:25 - 2015-03-20 12:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-06-11 11:25 - 2015-03-20 12:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-06-11 11:25 - 2015-03-02 11:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2015-06-11 11:25 - 2015-03-02 11:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll 2015-06-11 11:24 - 2015-04-16 16:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2015-06-11 11:24 - 2015-04-01 14:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2015-06-11 11:24 - 2015-04-01 14:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2015-06-11 11:24 - 2015-04-01 14:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2015-06-11 11:24 - 2015-04-01 14:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2015-06-11 11:24 - 2015-04-01 13:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2015-06-11 11:24 - 2015-04-01 13:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2015-06-11 11:24 - 2015-04-01 13:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2015-06-11 11:24 - 2015-04-01 12:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2015-06-11 11:24 - 2015-04-01 12:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2015-06-11 11:24 - 2015-04-01 12:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2015-06-11 11:24 - 2015-04-01 12:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2015-06-11 11:24 - 2015-04-01 12:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2015-06-11 11:24 - 2015-04-01 12:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2015-06-10 11:16 - 2015-05-28 00:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 11:16 - 2015-05-28 00:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 11:16 - 2015-05-23 13:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 11:16 - 2015-05-23 13:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 11:16 - 2015-05-23 13:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 11:16 - 2015-05-23 13:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 11:16 - 2015-05-23 13:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 11:16 - 2015-05-23 12:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 11:16 - 2015-05-23 12:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 11:16 - 2015-05-23 12:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 11:16 - 2015-05-23 12:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-06-10 11:16 - 2015-05-23 12:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-06-10 11:16 - 2015-05-23 12:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 11:16 - 2015-05-23 12:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 11:16 - 2015-05-23 12:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 11:16 - 2015-05-23 12:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 11:16 - 2015-05-23 12:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-06-10 11:16 - 2015-05-23 12:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 11:16 - 2015-05-23 12:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 11:16 - 2015-05-23 12:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 11:16 - 2015-05-23 05:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 11:16 - 2015-05-23 05:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 11:16 - 2015-05-23 05:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 11:16 - 2015-05-23 04:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 11:16 - 2015-05-23 04:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 11:16 - 2015-05-23 04:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 11:16 - 2015-05-23 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 11:16 - 2015-05-23 04:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 11:16 - 2015-05-23 04:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-06-10 11:16 - 2015-05-23 04:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 11:16 - 2015-05-23 04:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-06-10 11:16 - 2015-05-23 04:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-06-10 11:16 - 2015-05-23 04:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 11:16 - 2015-05-23 04:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 11:16 - 2015-05-23 04:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 11:16 - 2015-05-23 03:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 11:16 - 2015-05-23 03:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 11:16 - 2015-05-23 03:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-06-10 11:16 - 2015-05-23 03:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 11:16 - 2015-05-23 03:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 11:16 - 2015-04-25 12:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 11:16 - 2015-04-25 12:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-10 11:11 - 2015-05-22 02:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-07 20:57 - 2015-06-21 18:59 - 00009845 _____ C:\Users\henri_000\Desktop\2semestre.xlsx 2015-06-06 23:48 - 2015-05-22 23:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-06 23:48 - 2015-05-21 23:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-06 23:48 - 2015-05-21 23:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-06 23:48 - 2015-05-21 23:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-06 23:48 - 2015-05-21 23:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-06 23:48 - 2015-05-21 23:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-06 23:48 - 2015-05-21 23:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-06 23:48 - 2015-04-17 08:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-06 19:30 - 2015-06-06 19:30 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect 2015-06-05 09:57 - 2015-06-05 09:57 - 00000826 _____ C:\Users\Public\Desktop\GoPro Studio.lnk 2015-06-05 09:57 - 2015-06-05 09:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro 2015-06-05 09:57 - 2015-06-05 09:57 - 00000000 ____D C:\Program Files (x86)\GoPro 2015-06-05 09:35 - 2015-06-05 09:52 - 121651128 _____ (GoPro, Inc.) C:\Users\henri_000\Downloads\GoProStudioPC-2.5.5.443.exe 2015-06-03 19:23 - 2015-06-03 19:23 - 00000000 ____D C:\Program Files (x86)\Dell Update 2015-06-03 09:36 - 2015-06-03 09:36 - 00000000 ____D C:\Users\henri_000\AppData\Local\GWX 2015-06-02 07:54 - 2015-06-02 07:54 - 00021092 _____ C:\Users\henri_000\Downloads\Game.of.Thrones.S05E08.HDTV.killers.en.zip 2015-06-01 21:54 - 2015-06-20 11:28 - 00014318 _____ C:\Users\henri_000\Desktop\ASIA.xlsx 2015-06-01 21:09 - 2015-06-01 21:09 - 00178597 _____ (Igor Pavlov) C:\Users\henri_000\Downloads\bankerfix.exe 2015-05-28 19:33 - 2015-06-20 13:12 - 00004972 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MATIELLO-henri_000 Matiello 2015-05-26 01:17 - 2015-05-26 01:17 - 00000000 ____D C:\Users\henri_000\Downloads\Subs 2015-05-23 17:53 - 2015-05-23 17:53 - 00089923 _____ C:\Windows\unins000.dat 2015-05-23 17:53 - 2015-05-23 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ezvid 2015-05-23 17:53 - 2015-05-23 17:53 - 00000000 ____D C:\Program Files (x86)\ezvid 2015-05-23 17:53 - 2015-05-23 17:44 - 00753847 _____ C:\Windows\unins000.exe 2015-05-23 17:53 - 2015-03-10 20:29 - 00462584 _____ (Bytescout) C:\Windows\SysWOW64\BytescoutScreenCapturing.dll 2015-05-23 17:53 - 2015-03-10 20:29 - 00360184 _____ (Bytescout) C:\Windows\SysWOW64\BytescoutScreenCapturingFilter.dll 2015-05-23 17:53 - 2015-03-10 20:29 - 00196344 _____ (Bytescout) C:\Windows\SysWOW64\BytescoutVideoMixerFilter.dll 2015-05-23 17:53 - 2013-04-07 18:09 - 00216064 _____ ( ) C:\Windows\SysWOW64\Lagarith.dll 2015-05-23 17:53 - 2013-04-07 18:09 - 00148992 _____ ( ) C:\Windows\system32\Lagarith.dll 2015-05-23 17:24 - 2015-05-23 17:24 - 01002096 _____ (Ezvid, inc. ) C:\Users\henri_000\Downloads\ezvid1.002b03.exe 2015-05-23 17:15 - 2015-05-23 17:15 - 00000989 _____ C:\Users\Public\Desktop\CamStudio-Recorder.lnk 2015-05-23 17:15 - 2015-05-23 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2015-05-23 17:15 - 2015-05-23 17:15 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.6b 2015-05-23 17:15 - 2010-10-24 00:56 - 00049664 _____ (CamStudio Group) C:\Windows\system32\CamCodec.dll 2015-05-23 16:48 - 2015-05-23 16:49 - 04472121 _____ (CamStudio Open Source Dev Team ) C:\Users\henri_000\Downloads\CamStudio_Setup_v2-6b_r294.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-22 17:20 - 2015-04-01 21:53 - 01181820 _____ C:\Windows\WindowsUpdate.log 2015-06-22 17:10 - 2014-08-20 16:38 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2481831376-2314398108-120359188-1001 2015-06-22 17:00 - 2015-02-10 09:37 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d044c16fd990d0.job 2015-06-22 17:00 - 2014-10-18 14:27 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfea8bca81b3ae.job 2015-06-22 17:00 - 2014-09-05 19:22 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-22 17:00 - 2014-08-20 16:38 - 00000000 __RDO C:\Users\henri_000\OneDrive 2015-06-22 14:02 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\system32\sru 2015-06-22 13:42 - 2014-11-14 20:32 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cffff64c4badd5.job 2015-06-22 13:37 - 2014-09-05 19:22 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-22 11:21 - 2013-08-22 23:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2015-06-21 16:51 - 2015-03-04 12:26 - 00000000 ____D C:\Users\henri_000\Desktop\Enginner Practice 1 2015-06-21 13:38 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\AppReadiness 2015-06-21 13:34 - 2014-04-30 06:50 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2015-06-21 13:28 - 2015-02-22 14:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-21 10:30 - 2015-04-30 18:07 - 00058584 _____ C:\Windows\setupact.log 2015-06-21 10:30 - 2013-08-23 00:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-21 10:30 - 2013-08-22 23:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-06-20 19:43 - 2015-04-04 17:38 - 00013337 _____ C:\Users\henri_000\Desktop\gastos.xlsx 2015-06-20 17:31 - 2014-08-20 16:33 - 00000000 ____D C:\Users\henri_000\AppData\Local\VirtualStore 2015-06-19 22:27 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\system32\NDF 2015-06-19 18:22 - 2015-04-08 17:13 - 00000000 ____D C:\ProgramData\SupportAssistAgent 2015-06-18 20:14 - 2015-05-04 09:01 - 00020304 _____ C:\Windows\PFRO.log 2015-06-18 20:14 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\TAPI 2015-06-17 22:46 - 2014-08-20 16:33 - 00000000 ____D C:\Users\henri_000\AppData\Local\Packages 2015-06-17 17:06 - 2015-03-04 12:27 - 00000000 ____D C:\Users\henri_000\Desktop\Building Science 2015-06-17 16:42 - 2015-03-04 12:28 - 00000000 ____D C:\Users\henri_000\Desktop\Eng, Soc and Sustan 2015-06-17 10:00 - 2014-08-23 13:45 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-17 10:00 - 2014-08-23 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-17 10:00 - 2014-08-23 13:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-06-15 20:47 - 2014-09-04 22:29 - 00702464 ___SH C:\Users\henri_000\Desktop\Thumbs.db 2015-06-15 18:28 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\rescache 2015-06-15 11:25 - 2014-04-30 06:14 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-12 19:50 - 2015-03-04 12:27 - 00000000 ____D C:\Users\henri_000\Desktop\Steel Structures 1 2015-06-12 19:28 - 2014-04-30 06:48 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-06-12 19:26 - 2013-08-23 01:36 - 00000000 ___RD C:\Windows\ToastData 2015-06-12 02:48 - 2014-08-24 01:34 - 00000000 ____D C:\Windows\system32\MRT 2015-06-12 02:48 - 2013-08-23 01:20 - 00000000 ____D C:\Windows\CbsTemp 2015-06-12 02:37 - 2014-08-24 01:34 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-06-11 11:07 - 2013-08-23 00:44 - 00555504 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-11 03:14 - 2013-08-23 01:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-10 11:38 - 2014-09-05 19:25 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-10 02:11 - 2015-04-28 11:12 - 00000000 ____D C:\Users\henri_000\AppData\Local\Spotify 2015-06-10 02:11 - 2015-04-28 11:10 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\Spotify 2015-06-07 20:58 - 2015-04-27 17:33 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-07 20:58 - 2015-04-18 15:18 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-06 22:39 - 2014-08-21 13:34 - 00000000 ____D C:\Users\henri_000\Downloads\torrent 2015-06-06 19:30 - 2014-04-30 06:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-06-06 19:30 - 2014-04-30 06:39 - 00000000 ____D C:\ProgramData\Dell 2015-06-05 16:50 - 2014-08-28 23:50 - 00000000 ____D C:\Users\henri_000\Documents\SAMSUNG 2015-06-05 09:57 - 2014-04-30 06:40 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-04 02:18 - 2014-11-12 10:49 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-04 02:18 - 2014-11-12 10:49 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-31 20:58 - 2014-08-20 16:31 - 00000000 ____D C:\Users\henri_000 2015-05-25 19:26 - 2014-08-20 14:58 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\Skype 2015-05-24 17:10 - 2015-04-04 17:19 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-05-24 17:10 - 2015-04-04 17:19 - 00000000 ___SD C:\Windows\system32\GWX ==================== Files in the root of some directories ======= 2014-04-30 06:07 - 2014-04-30 06:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-04-02 17:33 - 2015-04-02 17:33 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-16 11:49 ==================== End of log ============================