Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

I need help with multiple chrome.exe [Solved]

Started by jr.cardosinho , Oct 23 2014 08:33 AM

This topic is locked

#1
jr.cardosinho

Posted 23 October 2014 - 08:33 AM

New Member

Member
4 posts

Hi everyone,

I have noticed multiple chrome.exe processes running and using up a lot of CPU. I have seen a lot of threads concerning this issue.

I have tried using malwarebytes but no success. please help!

The result of the FRST64 is attached.

Thx.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by Luiz Alberto (administrator) on BETO-VAIO on 23-10-2014 12:05:01
Running from D:\Usuarios\Luiz Alberto\Desktop
Loaded Profile: Luiz Alberto (Available profiles: Luiz Alberto)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sysinternals - www.sysinternals.com) D:\Usuarios\Luiz Alberto\Desktop\procexp64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
() C:\Program Files\Sony\VAIO Care\esrv\esrv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13320808 2011-11-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-11-11] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2772264 2011-06-15] (Synaptics Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [191488 2011-04-20] (A.E.T. Europe B.V.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2012-01-19] (cyberlink)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [650080 2011-03-15] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1000784148-366241500-1769760988-1001\...\Run: [Google Update] => C:\Users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-06] (Google Inc.)
HKU\S-1-5-21-1000784148-366241500-1769760988-1001\...\Run: [34AC9F0CEE04D8917CD17F2B888277A4955D85D8._service_run] => C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-1000784148-366241500-1769760988-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1000784148-366241500-1769760988-1001\...\Run: [GoogleChromeAutoLaunch_845BD1A31ADDB48A4ED382EDA48020C1] => C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-1000784148-366241500-1769760988-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1000784148-366241500-1769760988-1001\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Luiz Alberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sony.com.br/vaio
SearchScopes: HKCU - {1A0D757A-B5C4-4273-BE63-27173C134DD9} URL = http://www.google.co...iw=1920&bih=983
SearchScopes: HKCU - {8249B62D-37C5-42AE-A99A-C3370AE4F841} URL = http://start.mysearc...r=664647183&ir=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Auxiliar de Conexão do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Luiz Alberto\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Luiz Alberto\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: gastecnologia.com.br/sf/bb -> C:\Users\Luiz Alberto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-07]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://start.mysearchdial.com/?f=1&a=srf_14_14_ie&cd=2XzuyEtN2Y1L1Qzu0C0C0A0FyBzz0BtByDtD0DzzzzzzzzyCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0DyEzz0BtCzytBtGtB0DtB0EtG0AtBtC0BtG0B0F0C0AtGtCzyyEtAtD0DyCzyzytCtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0EyEzzzz0DyDtDtG0D0DzyyBtGyBtA0EtCtGtCyDyDzytGtAtBtAtCtCyD0DyCyDzy0DyB2Q&cr=664647183&ir=
CHR Profile: C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-12]
CHR Extension: (YouTube) - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-06]
CHR Extension: (Pesquisa do Google) - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-06]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2014-03-26]
CHR Extension: (Google Wallet) - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-06]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\LUIZAL~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-11]
CHR HKCU\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Luiz Alberto\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2013-09-11]
CHR StartMenuInternet: Google Chrome - C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2012-01-19] (CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-06-16] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-10-01] (IBM Corp.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-07-05] (Realtek Semiconductor)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [258048 2013-03-04] (Sony Corporation) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S2 bavsvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe" [X]
S2 bhipssvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [52032 2014-01-21] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [34624 2014-01-21] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R1 RapportCerberus_80055; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys [761720 2014-10-08] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445880 2014-10-01] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [534104 2014-10-01] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557656 2014-10-01] (IBM Corp.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2012-11-06] ()
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 12:04 - 2014-10-23 12:05 - 00000000 ____D () C:\FRST
2014-10-23 11:51 - 2014-10-23 11:51 - 00000000 ___RD () C:\Users\Luiz Alberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-23 11:40 - 2014-10-23 11:49 - 00000000 ____D () C:\AdwCleaner
2014-10-23 11:36 - 2014-10-23 11:36 - 00000000 ____D () C:\Users\Luiz Alberto\AppData\Local\Apps\2.0
2014-10-22 12:10 - 2014-10-23 11:15 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee01f860c50e.job
2014-10-22 12:10 - 2014-10-22 12:10 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfee01f860c50e
2014-10-20 08:03 - 2014-10-20 08:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-20 08:03 - 2014-10-20 08:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-20 08:03 - 2014-10-20 08:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-20 08:03 - 2014-10-20 08:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-20 08:03 - 2014-10-20 08:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-20 08:03 - 2014-10-20 08:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-14 20:23 - 2014-09-28 22:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 20:23 - 2014-08-19 01:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 20:23 - 2014-08-19 01:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 20:23 - 2014-08-19 01:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 20:23 - 2014-07-09 00:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-14 20:23 - 2014-07-09 00:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-14 20:23 - 2014-07-09 00:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-14 20:23 - 2014-07-09 00:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-14 20:23 - 2014-07-09 00:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-14 20:23 - 2014-07-08 23:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-14 20:23 - 2014-07-08 23:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-14 20:23 - 2014-07-08 23:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-14 20:23 - 2014-07-08 23:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-14 20:23 - 2014-07-08 23:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-14 20:23 - 2014-07-08 20:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-14 20:23 - 2014-07-08 20:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-14 20:23 - 2014-07-07 00:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 20:23 - 2014-07-07 00:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 20:23 - 2014-07-07 00:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 20:23 - 2014-07-07 00:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 20:23 - 2014-07-07 00:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 20:23 - 2014-07-06 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 20:23 - 2014-07-06 23:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 20:23 - 2014-07-06 23:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 20:23 - 2014-07-06 23:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 20:23 - 2014-07-06 23:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 20:23 - 2014-06-27 22:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 20:23 - 2014-06-27 22:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 20:23 - 2014-06-27 22:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 20:23 - 2014-06-18 20:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 20:23 - 2014-06-18 20:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 20:23 - 2014-06-18 20:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 20:23 - 2014-06-18 20:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 20:23 - 2014-06-18 20:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 20:23 - 2014-06-18 20:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 20:22 - 2014-10-07 00:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 20:22 - 2014-10-07 00:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 20:22 - 2014-09-25 20:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 20:22 - 2014-09-25 20:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 20:22 - 2014-09-25 20:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 20:22 - 2014-09-25 20:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 20:22 - 2014-09-25 20:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 20:22 - 2014-09-25 20:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 20:22 - 2014-09-25 20:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 20:22 - 2014-09-19 00:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 20:22 - 2014-09-18 23:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 20:22 - 2014-09-18 23:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 20:22 - 2014-09-18 23:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 20:22 - 2014-09-18 23:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 20:22 - 2014-09-18 23:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 20:22 - 2014-09-18 23:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 20:22 - 2014-09-18 23:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 20:22 - 2014-09-18 23:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 20:22 - 2014-09-18 23:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 20:22 - 2014-09-18 23:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 20:22 - 2014-09-18 23:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 20:22 - 2014-09-18 23:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 20:22 - 2014-09-18 23:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 20:22 - 2014-09-18 23:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 20:22 - 2014-09-18 23:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 20:22 - 2014-09-18 23:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 20:22 - 2014-09-18 23:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 20:22 - 2014-09-18 23:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 20:22 - 2014-09-18 23:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 20:22 - 2014-09-18 23:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 20:22 - 2014-09-18 23:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 20:22 - 2014-09-18 23:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 20:22 - 2014-09-18 23:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 20:22 - 2014-09-18 23:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 20:22 - 2014-09-18 23:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 20:22 - 2014-09-18 22:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 20:22 - 2014-09-18 22:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 20:22 - 2014-09-18 22:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 20:22 - 2014-09-18 22:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 20:22 - 2014-09-18 22:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 20:22 - 2014-09-18 22:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 20:22 - 2014-09-18 22:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 20:22 - 2014-09-18 22:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 20:22 - 2014-09-18 22:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 20:22 - 2014-09-18 22:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 20:22 - 2014-09-18 22:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 20:22 - 2014-09-18 22:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 20:22 - 2014-09-18 22:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 20:22 - 2014-09-18 22:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 20:22 - 2014-09-18 22:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 20:22 - 2014-09-18 22:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 20:22 - 2014-09-18 22:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 20:22 - 2014-09-18 21:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 20:22 - 2014-09-18 21:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 20:22 - 2014-09-18 21:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 20:22 - 2014-09-18 21:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 20:22 - 2014-08-19 01:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 20:22 - 2014-08-19 01:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 20:22 - 2014-08-19 01:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 20:22 - 2014-08-19 01:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 20:22 - 2014-08-19 01:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 20:22 - 2014-08-19 01:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 20:22 - 2014-08-19 01:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 20:22 - 2014-08-19 00:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 20:22 - 2014-08-19 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 20:22 - 2014-08-19 00:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 20:22 - 2014-07-07 00:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 20:22 - 2014-07-07 00:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 20:22 - 2014-07-07 00:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 20:22 - 2014-07-07 00:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 20:22 - 2014-07-07 00:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 20:22 - 2014-07-07 00:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 20:22 - 2014-07-07 00:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 20:22 - 2014-07-07 00:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 20:22 - 2014-07-07 00:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 20:22 - 2014-07-07 00:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 20:22 - 2014-07-07 00:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 20:22 - 2014-07-06 23:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 20:22 - 2014-07-06 23:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 20:22 - 2014-07-06 23:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 20:22 - 2014-07-06 23:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 20:22 - 2014-07-06 23:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 20:22 - 2014-07-06 23:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 20:22 - 2014-07-06 23:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 20:22 - 2014-07-06 23:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 20:22 - 2014-07-06 23:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 20:22 - 2014-07-06 23:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 20:21 - 2014-09-18 00:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 20:21 - 2014-09-17 23:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 20:21 - 2014-09-04 03:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 20:21 - 2014-09-04 03:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 20:20 - 2014-09-12 23:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 20:20 - 2014-09-12 23:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 20:20 - 2014-07-17 00:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 20:20 - 2014-07-17 00:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-14 20:20 - 2014-07-17 00:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 20:20 - 2014-07-17 00:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 20:20 - 2014-07-17 00:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 20:20 - 2014-07-17 00:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 20:20 - 2014-07-17 00:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 20:20 - 2014-07-17 00:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 20:20 - 2014-07-16 23:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 20:20 - 2014-07-16 23:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 20:20 - 2014-07-16 23:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-14 20:20 - 2014-07-16 23:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-14 20:20 - 2014-07-16 23:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 20:20 - 2014-07-16 23:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 20:20 - 2014-07-16 23:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 20:20 - 2014-07-16 23:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-08 23:49 - 2014-10-08 23:49 - 00007639 _____ () C:\Users\Luiz Alberto\AppData\Local\Resmon.ResmonCfg
2014-10-01 23:43 - 2014-10-01 23:43 - 00000847 _____ () C:\Users\Luiz Alberto\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-01 23:42 - 2014-10-02 23:10 - 00000000 ____D () C:\Users\Luiz Alberto\AppData\Roaming\uTorrent
2014-10-01 17:59 - 2014-10-01 17:59 - 00000000 ____D () C:\Users\Luiz Alberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda
2014-09-30 19:55 - 2014-09-25 00:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:55 - 2014-09-24 23:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-23 19:17 - 2014-09-09 20:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 19:17 - 2014-09-09 19:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 12:00 - 2009-07-14 03:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-23 12:00 - 2009-07-14 02:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 12:00 - 2009-07-14 02:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 11:57 - 2011-10-06 18:12 - 00706008 _____ () C:\Windows\system32\prfh0416.dat
2014-10-23 11:57 - 2011-10-06 18:12 - 00147848 _____ () C:\Windows\system32\prfc0416.dat
2014-10-23 11:57 - 2009-07-14 03:13 - 01635826 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-23 11:54 - 2012-01-17 11:43 - 01276625 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 11:53 - 2014-08-11 20:13 - 00000000 ____D () C:\Users\Luiz Alberto\AppData\Roaming\Dropbox
2014-10-23 11:51 - 2014-06-25 00:04 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9019bfa0cfa0.job
2014-10-23 11:50 - 2010-11-21 01:47 - 01031188 _____ () C:\Windows\PFRO.log
2014-10-23 11:50 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 11:50 - 2009-07-14 02:51 - 00100269 _____ () C:\Windows\setupact.log
2014-10-23 11:15 - 2014-06-25 00:04 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9019c0853f89.job
2014-10-23 11:09 - 2014-06-23 13:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001UA1cf8ef469a59b54.job
2014-10-23 10:56 - 2012-06-07 20:46 - 00000000 ____D () C:\Users\Luiz Alberto\AppData\Roaming\HpUpdate
2014-10-22 12:10 - 2014-06-25 00:04 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf9019c0853f89
2014-10-22 12:10 - 2014-06-25 00:04 - 00003814 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf9019bfa0cfa0
2014-10-22 12:09 - 2014-06-23 13:04 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001Core1cf8ef468f4712c.job
2014-10-21 21:38 - 2013-09-11 19:58 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-10-21 21:38 - 2013-09-11 19:58 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-10-20 21:12 - 2012-07-07 21:01 - 00000000 ____D () C:\Users\Luiz Alberto\AppData\Local\CrashDumps
2014-10-20 08:04 - 2013-10-24 13:42 - 00000000 ____D () C:\Users\Todos os Usuários\Oracle
2014-10-20 08:04 - 2013-10-24 13:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-19 00:39 - 2013-09-11 19:59 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-10-19 00:39 - 2013-09-11 19:59 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-10-16 21:15 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 00:08 - 2009-07-14 03:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 00:01 - 2009-07-14 02:45 - 00447184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 23:57 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 23:56 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 20:52 - 2012-06-07 22:28 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-10-14 20:52 - 2012-06-07 22:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 20:48 - 2013-08-20 04:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 20:43 - 2012-06-07 23:38 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-10 09:49 - 2013-09-11 19:59 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-10-08 17:56 - 2014-09-03 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer
2014-10-02 15:53 - 2010-11-21 01:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 18:05 - 2009-07-14 03:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-01 13:42 - 2014-09-03 18:38 - 00534104 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys

Files to move or delete:
====================
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\FileSplitUpLoad.dll

Some content of TEMP:
====================
C:\Users\Luiz Alberto\AppData\Local\Temp\.gbas.dll
C:\Users\Luiz Alberto\AppData\Local\Temp\AcDeltree.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyatdsg.dll
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF153A.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF2A7E.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF2EF2.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF54C8.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF5804.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF7092.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF71CB.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF8CF8.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF8E41.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLF9C5.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFAD34.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFAE6D.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFB0D.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFB438.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFB6B8.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFB79.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFB790.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFB984.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFBDC7.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFC180.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFE6CA.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\GLFE813.EXE
C:\Users\Luiz Alberto\AppData\Local\Temp\j6awsrpq.dll
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\Quarantine.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\setup.exe
C:\Users\Luiz Alberto\AppData\Local\Temp\sqlite3.dll
C:\Users\Luiz Alberto\AppData\Local\Temp\VCPerfService32.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-16 19:54

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by Luiz Alberto at 2014-10-23 12:06:12
Running from D:\Usuarios\Luiz Alberto\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ACID Music Studio 8.0 (HKLM-x32\...\{6871ACC0-CFFD-11DF-B16B-005056C00008}) (Version: 8.0.178 - Sony)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60701.2253 - ATI Technologies Inc.) Hidden
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}) (Version: 2.0.149 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.444 - ArcSoft)
AssinadorRS (HKLM-x32\...\{016994DE-BD6D-45D2-831A-F71E2AB4DCAB}) (Version: 1.0.0 - PROCERGS)
Assistente de Instalação Certisign (HKLM-x32\...\{6FBA74BD-149F-4521-B921-FFCC84876864}) (Version: 3.13.0.1 - CERTISIGN)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{3A4170BE-09B7-5658-285E-6D35E9C87101}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0701.2226.38454 - Nome de sua empresa:) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0701.2226.38454 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0701.2226.38454 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0701.2226.38454 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0701.2226.38454 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help English (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help French (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help German (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0701.2225.38454 - ATI) Hidden
ccc-utility64 (Version: 2011.0701.2226.38454 - ATI) Hidden
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.5009.52 - CyberLink Corp.) Hidden
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diagnóstico da ventoinha da CPU do VAIO (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.0.0.14140 - Sony Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{26C7D8E1-CF57-11DF-BFD4-005056C00008}) (Version: 5.0.128 - Sony)
ESET NOD32 Antivirus (HKLM\...\{CA6BD368-3A5B-4D31-B8EB-14E118E643BB}) (Version: 7.0.302.26 - ESET, spol s r. o.)
Ferramenta de Restauração de Dados VAIO (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.7.0.05270 - Sony Corporation)
GBBD Banco do Brasil (HKCU\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: GBBD Banco do Brasil - )
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.3 - Receita Federal do Brasil)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Manual VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.4.0.05310 - Sony Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{0F895695-33CC-4203-9C47-25EF2AC9441C}) (Version: 1.7.254 - Sony)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Oasis2Service 1.0 (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.0 - DDNi)
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.3.1.6 - Sony Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.0 - Frank Heindörfer, Philip Chinery)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.6.01.03300 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.19 - Trusteer)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.10 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.10 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Rapport (x32 Version: 3.5.1404.19 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6487 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.0 - Renesas Electronics Corporation) Hidden
SafeSign 64-bits (HKLM\...\{66913111-2F8A-4950-AA93-51C26182FC35}) (Version: 3.0.45 - A.E.T. Europe B.V.)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SCR3xxx Smart Card Reader (HKLM-x32\...\{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}) (Version: 8.41 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sony Photo Go 1.0b (HKLM-x32\...\{E3BE5DF1-0D65-4774-904E-0192ABF29AF9}) (Version: 1.0.123 - Sony)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{8CD97250-D00C-11DF-9095-005056C00008}) (Version: 10.0.153 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Suporte de Transferência VAIO (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.2.4 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TriDef 3D (Sony) 1.1.3 (HKLM-x32\...\experience-sony-bundle) (Version: 1.1.3 - Dynamic Digital Depth Australia Pty Ltd)
V3DPX86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.18100 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Reprodução remota com PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15072 - Sony Corporation)
VAIO - Teclado Remoto (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO 3D Portal (HKLM-x32\...\{C14EAE86-C526-4E00-B245-CFF86233C3D2}) (Version: 1.1.1.10182 - Sony Corporation)
VAIO Care (HKLM\...\{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}) (Version: 7.3.0.14170 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.0.0.07070 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.0.07080 - Sony Corporation)
VAIO Help and Support (HKLM-x32\...\{BD04DEBE-923A-4157-993E-2C727C5FFB5C}) (Version: 15.00.0719 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.1.0.06030 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.7.0.07150 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.6.1.02150 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.5.06290 - Sony Corporation) Hidden
VAIO Update Merge Module x64 (Version: 5.7.13130 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Movie Studio HD Platinum 10.0 (HKLM-x32\...\{2AD737CF-C65D-11DF-9EC6-005056C00008}) (Version: 10.0.179 - Sony)
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1000784148-366241500-1769760988-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Luiz Alberto\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06280899-4534-4DD7-9DC8-0C6BDD1AB446} - System32\Tasks\GoogleUpdateTaskMachineUA1cfee01f860c50e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {0D4203FD-B5CE-48B6-B731-97E6BC5E581C} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {22E90C87-7E91-4A40-BFC1-6299461EEE73} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {39C77708-B2F7-4EEF-92E3-2B11EF4171E4} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {5DC9ABE2-8123-47FB-A4C6-D9C366A18F02} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {5F3A9306-B5E1-47C1-9DFC-557C74827E6D} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {67FCA0F0-C4D2-4DAB-814D-2E9932B50D42} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {8B9AB612-E252-4E51-BE25-8ADA8C9CFB22} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-07-13] (Sony Corporation)
Task: {93729AFB-3D3D-418A-89F7-BE7126F7C343} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-07-13] (Sony Corporation)
Task: {9796CC48-2018-4CE2-90B4-2C2CFAAC5B45} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {9ED435C0-730C-4B3A-956F-555BCFE61B24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001Core1cf8ef468f4712c => C:\Users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-06] (Google Inc.)
Task: {B1F1530F-DDD4-4F77-BB68-91A4FD276EF9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {B4A58472-E110-4627-B879-0E5A9B68CC5C} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {BA5EC033-949C-429C-BCFE-144AF2D7200D} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9019c0853f89 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {CEC63F7E-0386-4CB3-AFEC-8B7EDEFC8E07} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-07-13] (Sony Corporation)
Task: {EDF82687-FCF2-4E78-ACE7-8603BD9361B5} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {EE099916-284F-46EA-87D7-80753C4CB983} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001UA1cf8ef469a59b54 => C:\Users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-06] (Google Inc.)
Task: {F0A928FD-7F65-41BE-A6FB-CB4152A7F1B9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {F0D83B6B-03B2-489C-AA42-F33C21AEBDD8} - System32\Tasks\GoogleUpdateTaskMachineCore1cf9019bfa0cfa0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18] (Google Inc.)
Task: {F7042B67-C446-427E-B07E-1776A87207F4} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {F88E29BA-F5A2-4422-892B-21EDF5B87D85} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {FF80A2C8-CE88-4FB0-8D99-15687B4C275F} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\esrv\task.vbs"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9019bfa0cfa0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9019c0853f89.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfee01f860c50e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001Core1cf8ef468f4712c.job => C:\Users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001UA1cf8ef469a59b54.job => C:\Users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-25 20:07 - 2010-03-25 20:07 - 00046080 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
2011-07-19 22:29 - 2011-07-19 20:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-11 17:04 - 2011-04-11 17:04 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-07-01 23:25 - 2011-07-01 23:25 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-02-22 21:30 - 2013-02-22 18:02 - 00427432 _____ () C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
2013-02-22 21:30 - 2013-02-22 18:02 - 00528296 _____ () C:\Program Files\Sony\VAIO Care\esrv\intel_modeler.dll
2013-02-22 21:30 - 2013-02-22 18:02 - 00171432 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_acpi_battery_input.dll
2013-02-22 21:30 - 2013-02-22 18:02 - 00144296 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_sema_thermal_input.dll
2013-02-22 21:30 - 2013-02-22 18:02 - 00146344 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_wifi_input.dll
2013-02-22 21:30 - 2013-02-22 18:02 - 00471464 _____ () C:\Program Files\Sony\VAIO Care\esrv\esrv.exe
2013-02-22 21:30 - 2013-02-22 18:02 - 00148904 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_foreground_window_input.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00321024 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00179712 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00054784 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00061440 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00037376 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 02229760 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00035840 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00055296 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00137728 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00134144 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00024064 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2011-11-30 19:49 - 2011-11-30 19:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll
2010-03-25 20:07 - 2010-03-25 20:07 - 00046592 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\DdniCore.dll
2010-03-25 20:07 - 2010-03-25 20:07 - 00032256 _____ () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspUpdate.dll
2011-10-06 14:22 - 2011-07-07 16:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2014-03-23 18:04 - 2014-03-23 18:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2014-10-23 11:53 - 2014-10-23 11:53 - 00043008 _____ () c:\Users\Luiz Alberto\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyatdsg.dll
2013-08-23 17:01 - 2013-08-23 17:01 - 25100288 _____ () C:\Users\Luiz Alberto\AppData\Roaming\Dropbox\bin\libcef.dll
2014-10-23 11:51 - 2014-10-23 11:51 - 00098816 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32api.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00110080 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\pywintypes27.dll
2014-10-23 11:51 - 2014-10-23 11:51 - 00364544 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\pythoncom27.dll
2014-10-23 11:51 - 2014-10-23 11:51 - 00045568 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\_socket.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 01160704 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\_ssl.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00320512 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32com.shell.shell.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00713216 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\_hashlib.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 01175040 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._core_.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00805888 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._gdi_.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00811008 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._windows_.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 01062400 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._controls_.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00735232 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._misc_.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00128512 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\_elementtree.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00127488 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\pyexpat.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00557056 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\pysqlite2._sqlite.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00007168 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\hashobjs_ext.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00087552 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\_ctypes.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00119808 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32file.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00108544 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32security.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00018432 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32event.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00038912 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32inet.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00070656 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._html2.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00167936 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32gui.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00011264 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32crypt.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00027136 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\_multiprocessing.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00686080 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\unicodedata.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00122368 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._wizard.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00010240 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\select.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00024064 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32pipe.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00025600 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32pdh.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00525640 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\windows._lib_cacheinvalidation.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00035840 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32process.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00017408 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32profile.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00022528 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\win32ts.pyd
2014-10-23 11:51 - 2014-10-23 11:51 - 00078336 _____ () C:\Users\Luiz Alberto\AppData\Local\Temp\_MEI41442\wx._animate.pyd
2014-10-16 00:22 - 2014-10-16 00:22 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2011-10-06 13:29 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-10-14 19:11 - 2014-10-10 00:04 - 08910664 _____ () C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-14 19:11 - 2014-10-10 00:03 - 01681224 _____ () C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-14 19:11 - 2014-10-10 00:03 - 01042760 _____ () C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-14 19:11 - 2014-10-10 00:03 - 00211272 _____ () C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-14 19:11 - 2014-10-10 00:04 - 14902600 _____ () C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\System32:CB0C0C83_Bb.gbp

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

========================= Accounts: ==========================

Administrador (S-1-5-21-1000784148-366241500-1769760988-500 - Administrator - Disabled)
Convidado (S-1-5-21-1000784148-366241500-1769760988-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1000784148-366241500-1769760988-1002 - Limited - Enabled)
Luiz Alberto (S-1-5-21-1000784148-366241500-1769760988-1001 - Administrator - Enabled) => C:\Users\Luiz Alberto

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 11:52:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 10:51:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2014 11:36:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa chrome.exe versão 38.0.2125.104 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 1278

Hora de Início: 01cfedfba5ade12e

Hora de Término: 6

Caminho do Aplicativo: C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe

Id do Relatório: 77a5f525-59f0-11e4-98f1-ccaf78b250d8

Error: (10/22/2014 11:25:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2014 11:12:00 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/21/2014 11:10:42 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/21/2014 11:10:33 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/21/2014 11:10:21 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (10/21/2014 10:52:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 09:12:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome de aplicativo com falha: chrome.exe, versão: 38.0.2125.104, carimbo de hora: 0x5437298b
Nome do módulo de falhas: chrome_child.dll, versão: 38.0.2125.104, carimbo de hora: 0x54372940
Código de exceção: 0x80000003
Deslocamento com falha: 0x00523558
Identificação do processo com falha: 0xd4c
Hora de início do aplicativo com falha: 0xchrome.exe0
Caminho do aplicativo com falha: chrome.exe1
FCaminho do módulo de falhas: chrome.exe2
Identificação do Relatório: chrome.exe3

System errors:
=============
Error: (10/23/2014 11:50:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Baidu Hips Service devido ao seguinte erro:
%%2

Error: (10/23/2014 11:50:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Baidu AntiVirus Service devido ao seguinte erro:
%%2

Error: (10/23/2014 11:50:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/23/2014 10:49:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Baidu Hips Service devido ao seguinte erro:
%%2

Error: (10/23/2014 10:49:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Baidu AntiVirus Service devido ao seguinte erro:
%%2

Error: (10/22/2014 10:55:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (10/22/2014 04:20:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço IconMan_R.

Error: (10/22/2014 04:20:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço IconMan_R.

Error: (10/22/2014 11:24:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Baidu Hips Service devido ao seguinte erro:
%%2

Error: (10/22/2014 11:24:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Baidu AntiVirus Service devido ao seguinte erro:
%%2

Microsoft Office Sessions:
=========================
Error: (10/23/2014 11:52:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 10:51:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2014 11:36:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe38.0.2125.104127801cfedfba5ade12e6C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe77a5f525-59f0-11e4-98f1-ccaf78b250d8

Error: (10/22/2014 11:25:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2014 11:12:00 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description:

Error: (10/21/2014 11:10:42 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description:

Error: (10/21/2014 11:10:33 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description:

Error: (10/21/2014 11:10:21 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description:

Error: (10/21/2014 10:52:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2014 09:12:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1045437298bchrome_child.dll38.0.2125.104543729408000000300523558d4c01cfecbb47c0db19C:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Luiz Alberto\AppData\Local\Google\Chrome\Application\38.0.2125.104\chrome_child.dll865bbdb6-58ae-11e4-9714-ccaf78b250d8

==================== Memory info ===========================

Processor: Intel® Core™ i7-2640M CPU @ 2.80GHz
Percentage of memory in use: 48%
Total physical RAM: 6059.86 MB
Available physical RAM: 3146.36 MB
Total Pagefile: 12117.9 MB
Available Pagefile: 8374.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Sistema) (Fixed) (Total:175.78 GB) (Free:103.11 GB) NTFS
Drive d: (Dados) (Fixed) (Total:404.48 GB) (Free:358.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 71B88512)
Partition 1: (Not Active) - (Size=15.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=404.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Attached Files

Addition.txt 48.55KB 213 downloads
FRST.txt 52.7KB 209 downloads

#2
JSntgRvr

Posted 23 October 2014 - 06:38 PM

Global Moderator

Global Moderator
11,579 posts

Hi and :welcome:

Having multiple Chrome.exe as a process is normal.

Lets check your computer.

Many peer-to-peer networks are under constant attack by people with a variety of motives.

Examples include:

poisoning attacks (e.g. providing files whose contents are different than the description)
denial of service attacks (attacks that may make the network run very slowly or break completely)
defection attacks (users or software that make use of the network without contributing resources to it)
insertion of viruses to carried data (e.g. downloaded or carried files may be infected with viruses or other malware)
malware in the peer-to-peer network software itself (e.g. distributed software may contain spyware)
filtering (network operators may attempt to prevent peer-to-peer network data from being carried)
identity attacks (e.g. tracking down the users of the network and harassing or legally attacking them)
spamming (e.g. sending unsolicited information across the network- not necessarily as a denial of service attack)

In your position I would remove uTorrent from your computer.

Please download Junkware Removal Tool to your desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Download AdwCleaner from here. Save the file to the desktop.

XP users: Double click the AdwCleaner icon to start the program.
Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
Click the Scan button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
Click the Clean button.
Everything checked will be deleted.
When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this.
On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

#3
jr.cardosinho

Posted 24 October 2014 - 09:01 AM

New Member

Topic Starter
Member
4 posts

Hi, thank you for the welcome.

Follow the results obtained with the procedures described above.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.3.3 (10.21.2014:1)

OS: Windows 7 Home Premium x64

Ran by Luiz Alberto on 24/10/2014 at 12:43:02,53

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8249B62D-37C5-42AE-A99A-C3370AE4F841}

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Luiz Alberto\appdata\local\{4E85D139-A24D-4659-AEC6-42C489DB3626}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 24/10/2014 at 12:48:07,36

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v4.001 - Relatório criado 24/10/2014 às 12:51:50

# DB v2014-10-23.2

# Atualizado 20/10/2014 por Xplode

# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)

# Usuário : Luiz Alberto - BETO-VAIO

# Executando de : D:\Usuarios\Luiz Alberto\Downloads\adwcleaner_4.001.exe

# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

***** [ Tarefas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [5217 octets] - [23/10/2014 11:41:02]

AdwCleaner[R1].txt - [1029 octets] - [24/10/2014 12:49:11]

AdwCleaner[S0].txt - [4252 octets] - [23/10/2014 11:49:42]

AdwCleaner[S1].txt - [930 octets] - [24/10/2014 12:51:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [989 octets] ##########

Many thanks.

Attached Files

AdwCleanerS1.txt 1.05KB 126 downloads
JRT.txt 894bytes 142 downloads

#4
JSntgRvr

Posted 24 October 2014 - 09:51 AM

Global Moderator

Global Moderator
11,579 posts

Please download ComboFix from Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

-----------------------------------------------------------

Please, never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

-----------------------------------------------------------
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
Install the Recovery Console if prompted. (XP only)
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" .

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

#5
jr.cardosinho

Posted 24 October 2014 - 11:44 AM

New Member

Topic Starter
Member
4 posts

The results:

ComboFix 14-10-24.01 - Luiz Alberto 24/10/2014 14:58:27.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1046.18.6060.3825 [GMT -2:00]

Executando de: d:\usuarios\Luiz Alberto\Downloads\ComboFix.exe

AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}

SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Criado um novo ponto de restauração

/wow section - STAGE 6A

O arquivo já está sendo usado por outro processo.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\_ctypes.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\_elementtree.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\_hashlib.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\_multiprocessing.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\_socket.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\_ssl.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\hashobjs_ext.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\pyexpat.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\pysqlite2._sqlite.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\python27.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\pythoncom27.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\PyWinTypes27.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\select.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\unicodedata.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32api.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32com.shell.shell.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32crypt.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32event.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32file.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32gui.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32inet.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32pdh.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32pipe.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32process.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32profile.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32security.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\win32ts.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\windows._lib_cacheinvalidation.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._animate.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._controls_.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._core_.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._gdi_.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._html2.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._misc_.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._windows_.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wx._wizard.pyd

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wxbase294u_net_vc90.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wxbase294u_vc90.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wxmsw294u_adv_vc90.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wxmsw294u_core_vc90.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wxmsw294u_html_vc90.dll

c:\users\Luiz Alberto\AppData\Local\Temp\_MEI45762\wxmsw294u_webview_vc90.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\_ctypes.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\_elementtree.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\_hashlib.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\_multiprocessing.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\_socket.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\_ssl.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\hashobjs_ext.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\pyexpat.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\pysqlite2._sqlite.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\python27.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\pythoncom27.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\PyWinTypes27.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\select.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\unicodedata.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32api.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32com.shell.shell.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32crypt.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32event.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32file.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32gui.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32inet.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32pdh.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32pipe.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32process.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32profile.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32security.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\win32ts.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\windows._lib_cacheinvalidation.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._animate.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._controls_.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._core_.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._gdi_.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._html2.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._misc_.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._windows_.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wx._wizard.pyd

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wxbase294u_net_vc90.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wxbase294u_vc90.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wxmsw294u_adv_vc90.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wxmsw294u_core_vc90.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wxmsw294u_html_vc90.dll

c:\users\LUIZAL~1\AppData\Local\Temp\_MEI45762\wxmsw294u_webview_vc90.dll

c:\windows\SysWow64\Config.ini

(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-24 to 2014-10-24 ))))))))))))))))))))))))))))

2014-10-24 17:22 . 2014-10-24 17:22 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-10-24 14:42 . 2014-10-24 14:42 -------- d-----w- c:\windows\ERUNT

2014-10-23 17:49 . 2014-10-23 17:50 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-10-23 17:49 . 2014-10-23 17:49 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2014-10-23 17:49 . 2014-10-23 17:49 -------- d-----w- c:\programdata\Malwarebytes

2014-10-23 17:49 . 2014-10-01 13:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-10-23 17:49 . 2014-10-01 13:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-10-23 17:49 . 2014-10-01 13:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-10-23 14:19 . 2014-10-23 14:19 -------- d-----w- c:\program files (x86)\ESET

2014-10-23 14:04 . 2014-10-23 14:06 -------- d-----w- C:\FRST

2014-10-23 13:40 . 2014-10-24 14:51 -------- d-----w- C:\AdwCleaner

2014-10-23 13:36 . 2014-10-23 13:36 -------- d-----w- c:\users\Luiz Alberto\AppData\Local\Apps

2014-10-20 10:03 . 2014-10-20 10:03 -------- d-----w- c:\program files (x86)\Common Files\Java

2014-10-20 10:03 . 2014-10-20 10:03 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-10-20 10:03 . 2014-10-20 10:03 -------- d-----w- c:\program files (x86)\Java

2014-10-14 22:22 . 2014-08-19 03:08 63488 ----a-w- c:\windows\system32\setbcdlocale.dll

2014-10-14 22:21 . 2014-09-18 02:00 3241472 ----a-w- c:\windows\system32\msi.dll

2014-10-14 22:21 . 2014-09-18 01:32 2363904 ----a-w- c:\windows\SysWow64\msi.dll

2014-10-14 22:21 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll

2014-10-14 22:21 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll

2014-10-02 01:42 . 2014-10-03 01:10 -------- d-----w- c:\users\Luiz Alberto\AppData\Roaming\uTorrent

2014-09-30 21:55 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll

2014-09-30 21:55 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-10-14 22:43 . 2012-06-08 01:38 103265616 ----a-w- c:\windows\system32\MRT.exe

2014-10-14 19:59 . 2014-10-24 14:43 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A89D5E5-041B-49B6-9571-84A5D8ABC9FA}\mpengine.dll

2014-10-02 17:53 . 2010-11-21 03:27 278152 ------w- c:\windows\system32\MpSigStub.exe

2014-10-01 15:42 . 2014-09-03 20:38 534104 ----a-w- c:\windows\system32\drivers\RapportKE64.sys

2014-09-09 22:11 . 2014-09-23 21:17 2048 ----a-w- c:\windows\system32\tzres.dll

2014-09-09 21:47 . 2014-09-23 21:17 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2014-08-28 21:50 . 2010-06-24 14:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2014-08-23 02:07 . 2014-08-28 00:54 404480 ----a-w- c:\windows\system32\gdi32.dll

2014-08-23 01:45 . 2014-08-28 00:54 311808 ----a-w- c:\windows\SysWow64\gdi32.dll

2014-08-01 11:53 . 2014-09-11 18:39 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll

2014-08-01 11:35 . 2014-09-11 18:39 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"34AC9F0CEE04D8917CD17F2B888277A4955D85D8._service_run"="c:\users\Luiz Alberto\AppData\Local\Google\Chrome\Application\chrome.exe" [2014-10-10 854344]

"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-08-08 22734160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-02 336384]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-05-31 2801288]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2012-01-19 75048]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]

c:\users\Luiz Alberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Luiz Alberto\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-12 36414624]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2014-07-31 20:37 1754664 ----a-w- c:\program files (x86)\GbPlugin\gbieh.dll

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys;c:\windows\SYSNATIVE\drivers\GbpKm.sys [x]

R2 bavsvc;Baidu AntiVirus Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe [x]

R2 bhipssvc;Baidu Hips Service;c:\program files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe;c:\program files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe [x]

R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/06/07 22:16;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]

R3 BdApiUtil;BdApiUtil;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [x]

R3 BdCameraProtect;BdCameraProtect;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys;c:\program files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [x]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]

R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys;c:\windows\SYSNATIVE\DRIVERS\S3XXx64.sys [x]

R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]

R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\esrv\esrv_svc.exe;c:\program files\Sony\VAIO Care\esrv\esrv_svc.exe [x]

R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]

R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]

S1 Bfilter;Baidu Antivirus Minifilter Driver;c:\windows\System32\drivers\Bfilter.sys;c:\windows\SYSNATIVE\drivers\Bfilter.sys [x]

S1 Bfmon;Baidu FS Monitor Driver;c:\windows\System32\drivers\Bfmon.sys;c:\windows\SYSNATIVE\drivers\Bfmon.sys [x]

S1 Bprotect;Baidu Protect;c:\windows\System32\drivers\Bprotect.sys;c:\windows\SYSNATIVE\drivers\Bprotect.sys [x]

S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]

S1 RapportCerberus_80055;RapportCerberus_80055;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys [x]

S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]

S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]

S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]

S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\esrv\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\esrv\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]

S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]

S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]

S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

S3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x]

--- =Outros Serviços/Drivers Na Memória ---

*NewlyCreated* - WS2IFSL

*Deregistered* - CLKMDRV10_9EC60124

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

Conteúdo da pasta 'Tarefas Agendadas'

2014-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001Core1cf8ef468f4712c.job

- c:\users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-06 02:42]

2014-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000784148-366241500-1769760988-1001UA1cf8ef469a59b54.job

- c:\users\Luiz Alberto\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-06 02:42]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]