Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Extremely Slow - Please help. [Solved]

Started by Andre Silva , Feb 02 2015 11:17 AM
browsing attaching files uploading copy and paste

  • This topic is locked This topic is locked

#1
Andre Silva
Posted 02 February 2015 - 11:17 AM

Andre Silva

    Member

  • Member
  • PipPipPip
  • 140 posts

Dear Experts, 

 

I have been experiencing computer issues. It is running extremely slow altogether, more noticeable while browsing the internet, uploading and attaching files, moving through different computer folders, copy and paste, etc. I am suspecting malware. This is a shared computer in the household and I'm not sure whether any corrupt software has been installed recently.

 

Thank you in advance for your kind assistance!

 

Here follows the OTL log:

 

OTL logfile created on: Feb/2/2015 11:50:40 AM - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Izilda\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MMM/d/yyyy
 
7.48 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 61.75% Memory free
14.96 Gb Paging File | 11.69 Gb Available in Paging File | 78.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 137.14 Gb Free Space | 23.69% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 109.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32
 
Computer Name: IZILDA-HP | User Name: Izilda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/27 09:11:07 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/01/25 01:08:45 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/12/22 17:52:34 | 001,919,256 | ---- | M] (IBM Corp.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/12/09 13:59:55 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/12/08 22:45:28 | 039,207,112 | ---- | M] (Dropbox, Inc.) -- C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/07/23 12:52:01 | 000,102,400 | ---- | M] (                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ) -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe
PRC - [2014/07/21 11:23:58 | 000,546,104 | ---- | M] (GAS Tecnologia) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe
PRC - [2014/07/02 04:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/06/14 20:54:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izilda\Downloads\OTL (1).exe
PRC - [2013/12/24 15:01:35 | 001,258,504 | ---- | M] (Easybits) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
PRC - [2013/12/18 10:37:04 | 000,136,192 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
PRC - [2013/12/18 10:36:04 | 000,018,432 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
PRC - [2013/11/06 07:55:46 | 000,845,168 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/11/27 19:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2011/07/11 14:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/23 11:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/03/22 13:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 00:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 00:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/02/02 10:55:26 | 000,043,008 | ---- | M] () -- c:\Users\Izilda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwzvsmw.dll
MOD - [2015/01/25 01:08:41 | 009,170,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
MOD - [2015/01/25 01:08:37 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
MOD - [2015/01/25 01:08:35 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
MOD - [2015/01/16 10:34:02 | 000,039,200 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014/12/09 13:59:57 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/10/21 19:22:50 | 000,750,080 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2014/10/21 19:22:50 | 000,047,616 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2014/10/21 19:22:48 | 000,863,744 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MOD - [2014/10/21 19:22:46 | 000,200,704 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
MOD - [2014/10/19 15:27:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/19 15:27:21 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/19 15:27:14 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/19 15:27:10 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/05/24 11:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014/05/24 11:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
MOD - [2014/02/13 08:11:29 | 000,198,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\92e9bacef49552a4485fbb7523782133\CustomMarshalers.ni.dll
MOD - [2014/02/13 08:11:28 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/07/10 16:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/06/22 09:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2009/02/26 11:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/12/09 13:59:55 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/12/09 13:59:42 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014/11/21 21:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/06 11:56:26 | 000,847,160 | ---- | M] (GAS Tecnologia LTDA) [Auto | Running] -- C:\Program Files\Diebold\Warsaw\core.exe -- (Warsaw Technology)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 16:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/02/07 22:21:04 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/02/07 22:21:03 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/09/15 18:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/02 01:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/01/12 11:40:20 | 000,341,312 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2015/01/17 14:29:48 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/12/22 17:52:34 | 001,919,256 | ---- | M] (IBM Corp.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/07/23 12:52:01 | 000,102,400 | ---- | M] (                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                ) [Auto | Running] -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe -- (Vono_Manager)
SRV - [2014/07/21 11:23:58 | 000,546,104 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Program Files (x86)\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2014/07/02 04:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/18 10:36:04 | 000,018,432 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe -- (SZDrvSvc)
SRV - [2013/09/11 18:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/11/27 19:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/09/27 08:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/11 14:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/23 11:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/07 19:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/01/12 11:40:30 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/11/20 22:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014/12/22 17:52:44 | 000,535,576 | ---- | M] (IBM Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2014/12/09 14:00:27 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/12/09 14:00:03 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/12/09 14:00:03 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/12/09 14:00:03 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/12/09 14:00:03 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/12/09 14:00:03 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/12/09 14:00:03 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/12/09 14:00:03 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/12/09 13:59:42 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014/08/25 11:10:04 | 000,037,592 | ---- | M] (Basil's Projects) [Kernel | Disabled | Running] -- C:\Windows\SysNative\WinDivert64.sys -- (WinDivert1.1)
DRV:64bit: - [2013/12/06 08:37:50 | 000,035,232 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2013/11/26 20:54:02 | 000,042,016 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv.sys -- (ManyCam)
DRV:64bit: - [2013/08/20 23:31:40 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/08/20 23:31:40 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/12/13 11:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 07:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 10:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/26 11:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/07 22:21:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/10/14 03:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/15 18:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 17:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/29 19:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 19:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/15 16:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 16:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 19:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/18 00:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/18 00:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2010/12/16 03:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 12:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/25 12:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015/01/17 11:18:27 | 000,845,464 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys -- (RapportCerberus_80120)
DRV - [2014/12/22 17:52:44 | 000,558,872 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2014/12/22 17:52:44 | 000,445,816 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2013/05/08 07:52:48 | 000,049,536 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2012/06/21 13:58:20 | 000,020,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys -- (mdf16)
DRV - [2012/06/21 13:58:10 | 000,099,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys -- (mvd23)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...Encoding?}&rlz=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaulturl: "https://search.yahoo.com/yhs/search"
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)"
FF - prefs.js..browser.startup.homepage: "https://www.yahoo.co...&type=avastbcl"
FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E8873%7D:3.7.1
FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E886C%7D:3.5.2
FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E886D%7D:3.5.2
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.1.0.170
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0
FF - prefs.js..keyword.URL: "https://search.yahoo.com/yhs/search"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Izilda\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Izilda\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/bb: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/cef: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/uni: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/01/29 10:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/01/17 14:29:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886D}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015/01/17 16:57:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E8873}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014/03/24 11:11:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886C}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014/12/09 14:29:20 | 000,000,000 | ---D | M]
 
[2012/09/19 19:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Extensions
[2015/01/22 16:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777\extensions
[2014/06/13 09:25:51 | 000,009,419 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777\searchplugins\yahoo-avast.xml
[2015/01/17 14:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2015/01/17 14:29:38 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2015/01/17 14:29:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/01/17 14:29:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/02/01 09:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2015/02/01 09:23:20 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\[email protected]
[2015/02/01 09:23:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2015/02/01 09:23:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/01/29 10:52:00 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2014/12/09 14:29:20 | 000,000,000 | ---D | M] (GBBD Banco do Brasil) -- C:\USERS\IZILDA\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\BB\XPI
[2015/01/17 16:57:50 | 000,000,000 | ---D | M] (GBBD Caixa Economica Federal) -- C:\USERS\IZILDA\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\CEF\XPI
[2014/03/24 11:11:47 | 000,000,000 | ---D | M] (GBBD Guardião - Itaú 30 horas) -- C:\USERS\IZILDA\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\UNI\XPI
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp\3.7.2_0\
CHR - Extension: No name found = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei\3.7.1_1\
CHR - Extension: No name found = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi\3.7.2_0\
 
O1 HOSTS File: ([2014/12/15 13:29:30 | 000,000,002 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Diebold - Warsaw] C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [Magic Desktop for HP notification] C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Easybits)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8:64bit: - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bb.com.br ([seg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bb.com.br ([www] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.96.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0211F5D2-0B48-4A83-8097-2D3C20677B0B}: DhcpNameServer = 65.32.5.74 65.32.5.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{894FB0E4-5432-4A2A-B791-AB7238B6F4E2}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E66EA923-D0B8-4739-A6C2-1045AE207BFE}: DhcpNameServer = 192.168.96.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Program Files (x86)\GbPlugin\gbiehUni.dll) - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/06/13 11:27:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/10/18 03:30:16 | 000,000,154 | RH-- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{520b7578-3f36-11e1-9d4c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{520b7578-3f36-11e1-9d4c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2013/10/18 03:28:39 | 042,041,656 | R--- | M] (Belkin International, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/02 00:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
[2015/02/01 23:25:34 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{5F05E4D4-1FEA-4A6A-9825-6CEB27BAC90D}
[2015/01/31 15:39:55 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{79A62C5E-E6FE-45A1-A4A8-00B93EC34D6A}
[2015/01/31 15:32:01 | 000,033,592 | ---- | C] (Basil's Projects) -- C:\Windows\SysNative\WinDivert.dll
[2015/01/31 15:29:32 | 000,037,592 | ---- | C] (Basil's Projects) -- C:\Windows\SysNative\WinDivert64.sys
[2015/01/31 15:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015/01/31 15:24:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\GAS Tecnologia
[2015/01/31 15:24:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Diebold
[2015/01/31 15:24:01 | 000,000,000 | ---D | C] -- C:\Program Files\Diebold
[2015/01/29 12:01:28 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{91778746-0C9E-4387-A9F4-AC4E0C81EBF5}
[2015/01/28 12:03:49 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{C54FD868-2682-429E-97BB-0B7A863A992F}
[2015/01/28 00:03:00 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{8E130609-81D9-4C0B-8145-05BB6CB95690}
[2015/01/27 09:06:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{124012AD-A5E9-4D44-A175-B07682E603F7}
[2015/01/26 15:59:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B18D7A12-5B04-431D-9520-C2A032ABC383}
[2015/01/20 10:01:09 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B2ECF996-F6C7-4524-AEB4-87DBA016C0ED}
[2015/01/18 12:46:25 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{614E26DA-91BA-4DBE-BC22-45110B6DC1AA}
[2015/01/17 16:56:54 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{2823E8FE-23DA-4B7D-8664-EE69385D6C9F}
[2015/01/17 14:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/01/15 01:25:21 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{C532F299-0DE0-4742-945E-C0367ED22A1B}
[2015/01/14 13:02:27 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{1E774B63-4E75-44D4-B55D-D6D2BCF02451}
[2015/01/13 11:46:22 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{DCB8A56E-0FBF-4D57-A5D8-7A3FD18D4D83}
[2015/01/12 16:30:35 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{FB1E4BAB-DD9F-4913-ABE1-2A696E53ECC6}
[2015/01/12 15:12:50 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\Joomla
[2015/01/10 12:16:23 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{1E7775CD-FB9D-4E7E-B7D2-DDF86B647C22}
[2015/01/10 00:15:43 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{BB46DCC7-1BD0-4BA7-8A61-42190310F6C4}
[2015/01/08 10:53:38 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{7C59D07B-9E9B-4E44-816E-2CFE0414FD91}
[2015/01/07 22:38:00 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{C623F808-5D9F-43A9-A49A-1AB5130F6DC6}
[2015/01/06 13:57:35 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{BF5F4348-4334-4CC7-9F5C-0B26C20FB3F8}
[2015/01/05 16:05:58 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\Shaarx
[2015/01/05 15:25:26 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{FAC9246A-6EA0-49AE-9DEA-AE077C9309EA}
[2015/01/04 15:22:58 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{DEA2968A-3A0E-42E8-B801-8A1589C9349A}
[2015/01/03 23:30:17 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\Trusteer
[2015/01/03 23:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
[2015/01/03 23:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trusteer
[2015/01/03 23:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusteer
[2015/01/03 22:10:09 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\TuneUp Software
[2015/01/03 22:10:09 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\TuneUp Software
[2015/01/03 22:07:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2015/01/03 22:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2015/01/03 21:50:48 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{E00AF59C-D891-4B01-9154-B818A07C3680}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/02 11:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/02 11:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/02 11:03:44 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/02 11:03:44 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/02 10:55:14 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2015/02/02 10:52:53 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2015/02/02 10:51:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/02 10:51:04 | 1728,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/02 10:49:35 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2015/02/01 22:46:49 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2015/02/01 22:46:42 | 000,318,781 | ---- | M] () -- C:\Users\Izilda\.ranktracker.properties
[2015/01/31 17:46:48 | 005,097,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/01/31 15:33:07 | 000,001,024 | ---- | M] () -- C:\.rnd
[2015/01/31 15:22:44 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIzilda.job
[2015/01/29 16:17:32 | 000,016,914 | ---- | M] () -- C:\Users\Izilda\Desktop\LASER-CO2.jpg
[2015/01/29 16:17:32 | 000,001,456 | ---- | M] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
[2015/01/28 17:43:05 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIZILDA-HP$.job
[2015/01/28 16:10:10 | 000,000,132 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2015/01/28 16:05:00 | 000,527,780 | ---- | M] () -- C:\Users\Izilda\Desktop\vinicius2.pdf
[2015/01/28 15:40:00 | 000,232,404 | ---- | M] () -- C:\Users\Izilda\Desktop\vinicius.pdf
[2015/01/26 19:33:18 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/01/26 15:20:24 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2015/01/22 23:27:22 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/22 23:27:22 | 000,662,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/22 23:27:22 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/16 14:01:00 | 000,006,903 | ---- | M] () -- C:\Users\Izilda\Desktop\phone-email.png
[2015/01/13 13:59:57 | 002,518,528 | ---- | M] () -- C:\Users\Izilda\Desktop\2015-01-13 13.59.57.jpg
[2015/01/11 22:25:08 | 000,044,352 | ---- | M] () -- C:\Users\Izilda\Desktop\email-banner.jpg
[2015/01/11 21:38:39 | 000,000,027 | ---- | M] () -- C:\Users\Izilda\.mjsync_pt_BR
[2015/01/11 21:38:24 | 000,000,018 | ---- | M] () -- C:\Windows\SysWow64\.lock
[2015/01/11 18:34:03 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/03 21:06:00 | 000,183,417 | ---- | M] () -- C:\Users\Izilda\.spyglass.properties
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/31 15:32:28 | 000,001,024 | ---- | C] () -- C:\.rnd
[2015/01/29 16:17:31 | 000,016,914 | ---- | C] () -- C:\Users\Izilda\Desktop\LASER-CO2.jpg
[2015/01/28 16:05:00 | 000,527,780 | ---- | C] () -- C:\Users\Izilda\Desktop\vinicius2.pdf
[2015/01/28 15:40:00 | 000,232,404 | ---- | C] () -- C:\Users\Izilda\Desktop\vinicius.pdf
[2015/01/16 14:02:46 | 000,006,903 | ---- | C] () -- C:\Users\Izilda\Desktop\phone-email.png
[2015/01/14 13:21:34 | 002,518,528 | ---- | C] () -- C:\Users\Izilda\Desktop\2015-01-13 13.59.57.jpg
[2015/01/11 22:25:08 | 000,044,352 | ---- | C] () -- C:\Users\Izilda\Desktop\email-banner.jpg
[2014/12/09 14:29:20 | 000,813,217 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins001.exe
[2014/12/09 14:29:20 | 000,017,995 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins001.dat
[2014/12/06 01:59:18 | 000,086,652 | ---- | C] () -- C:\Users\Izilda\.linkassistant.properties
[2014/03/24 11:11:47 | 000,718,497 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins002.exe
[2014/03/24 11:11:47 | 000,016,594 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins002.dat
[2014/01/22 21:26:52 | 000,428,351 | ---- | C] () -- C:\Users\Izilda\.websiteauditor.properties
[2014/01/22 12:10:58 | 000,004,096 | -H-- | C] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2014/01/02 17:26:07 | 000,000,005 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\WBPU-TTL.DAT
[2014/01/02 17:26:06 | 000,000,098 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\WB.CFG
[2013/11/05 18:43:49 | 000,000,027 | ---- | C] () -- C:\Users\Izilda\.mjsync_pt_BR
[2013/10/30 09:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/10/30 09:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013/10/30 09:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013/10/30 09:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013/10/30 09:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013/10/15 22:54:55 | 000,009,321 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Comma Separated Values (DOS).EML
[2013/09/30 10:02:20 | 000,000,202 | ---- | C] () -- C:\Users\Izilda\RmDvrUserCfg85.ini
[2013/08/16 14:10:45 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/08/15 12:33:47 | 000,001,456 | ---- | C] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/06/19 13:30:43 | 000,720,594 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/19 13:30:43 | 000,012,679 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/05/30 20:17:35 | 000,183,417 | ---- | C] () -- C:\Users\Izilda\.spyglass.properties
[2013/05/07 22:04:57 | 000,009,327 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
[2013/03/29 22:41:17 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/29 22:41:17 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012/12/24 17:41:11 | 000,009,316 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
[2012/11/12 20:20:34 | 000,000,892 | ---- | C] () -- C:\Users\Izilda\AppData\Local\recently-used.xbel
[2012/09/26 14:32:48 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/09/23 22:32:08 | 000,001,456 | ---- | C] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/09/21 23:29:31 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/09/20 01:19:56 | 000,318,781 | ---- | C] () -- C:\Users\Izilda\.ranktracker.properties
[2012/01/14 17:37:01 | 000,000,477 | ---- | C] () -- C:\Users\Izilda\Desktop.lnk
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 21:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/01/05 21:59:11 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Ashampoo
[2014/07/18 00:22:36 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Audacity
[2013/10/18 15:39:32 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\AVAST Software
[2012/01/15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Blio
[2012/12/16 20:50:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/01/29 12:45:09 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Cocoon Software
[2013/10/21 12:32:43 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Downloaded Installations
[2015/02/02 10:56:01 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Dropbox
[2013/06/19 13:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2015/01/31 16:39:04 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileZilla
[2014/01/29 12:13:03 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\HandBrake
[2013/03/15 15:16:39 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\MP3SkypeRecorder
[2013/06/19 13:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2015/01/28 16:11:19 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro PDF
[2013/05/06 15:14:57 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Oracle
[2015/02/02 11:08:01 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\PrimoPDF
[2014/05/02 16:45:50 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\rmi
[2013/11/17 22:02:43 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Samsung
[2012/01/23 19:10:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\ScanSoft
[2013/01/07 12:45:38 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/14 22:38:25 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Stellarium
[2012/01/14 17:39:13 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Synaptics
[2014/02/11 11:10:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TeamViewer
[2012/09/19 00:18:29 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Thunderbird
[2015/01/03 22:10:09 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TuneUp Software
[2015/02/02 10:47:04 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\uTorrent
[2012/12/15 08:30:12 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET
[2014/07/23 12:52:57 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Vono
[2012/09/20 00:19:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\WildTangent
[2012/02/11 21:45:01 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Windows Live Writer
[2014/05/27 23:18:10 | 000,000,000 | -HSD | M] -- C:\Users\Izilda\AppData\Roaming\wyUpdate AU
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 621 bytes -> C:\Users\Izilda\Desktop\2015-01-13 13.59.57.jpg:com.dropbox.attributes
 
< End of report >
 

 


  • 0

Advertisements

#2
ruggie_uk
Posted 02 February 2015 - 02:01 PM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Greetings Andre

My nickname is Ruggie and I will be assisting you in cleaning your computer.

  • Malware removal can be a long process and will at times get complicated with multiple steps to perform to ensure that your system is no longer infected.
  • When we start the process, the list of instructions must be followed closely, it may seem difficult at times but it is important that you stay with me until your computer is declared clean.
  • If you are receiving help elsewhere, please let me know so we can close this thread and help someone else.

stop32.png Before going any further, I recommend that you print out (or save to a file) these guidelines and also the instructions when I post them, as part of the repair process may involve going into safe mode and therefore you will not have internet access.

The following guidelines are important but the ones highlighted in RED are of the highest importance and must not be skipped.

right-grn.pngPlease save all tools to the desktop,. Our tools are updated very regularly, sometimes several times per day so always download the latest version from the links I provide.

right-grn.pngPlease be aware, the fixes we perform are specific to this machine, at this moment in time. They must not be used on another computer or unsupervised at another time. This can render your computer unbootable.

right-grn.pngIf at all possible, Make backups of all your important files, whilst we will do our best to ensure that no files are lost or damaged, sometimes things can go wrong.

right-grn.png I will do everything in my power to ensure that this clean is successful, but occasionally failure hits us all. In this event, please have your original installation disks to hand and be prepared to have to format and reinstall your computer.

right-grn.png Refrain from using any tool that hasn't been instructed as it could alter the process that we are working through and cause further problems. Also only use the tools I instruct in the manner provided as they are very powerful and if not used properly can cause even more problems. It is best if you can avoid using the computer at all, apart from to perform the cleaning steps to ensure that any infections aren't spread.

right-grn.png Please stick with me until the end. malware removal is difficult and time consuming. We have to analyse hundreds of lines in log files. This takes time which we give freely so I ask that you do us the courtesy of seeing it through.

right-grn.png Only paste the contents of log files into your reply, DO NOT attach any log files unless requested to do so.

right-grn.png If you have any questions or get stuck, stop and ask....I am here to help you make this go as smoothly as possible.

right-grn.png If you do not reply within 3 days, your topic will be closed. It can be reopened if you ask. But if you plan on being gone for a longer period, just let me know and I will hold it open for you.

I am currently reviewing your log and will be back soon to get started
 


  • 0

#3
Andre Silva
Posted 02 February 2015 - 02:17 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Dear Ruggie,

 

Thank you in advance for your fast reply. I look forward to your next contact.

 

Best regards,

 

Andre


  • 0

#4
ruggie_uk
Posted 02 February 2015 - 02:33 PM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
Hi again Andre.
 
By any chance did the problems start about 1 month ago?
 
I do have a few things to remove, nothing major and we will give you a thorough check out. But I think I know where your main problems are coming from.
 
 
Step 1
 
OTL fix

Ensure OTL is located on your desktop. If it is not, then please download from http://oldtimer.geekstogo.com/OTL.exe and save it to your desktop.

If you are using Windows Vista/7/8 then right click it and select Run As Administrator. If you are using XP then please double click on OTL.exe to start it.

Copy the text in the following box (do not include the word Quote). To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.
 

:commands
[createrestorepoint]

:OTL
SRV - [2014/07/23 12:52:01 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe -- (Vono_Manager)
O32 - AutoRun File - [2014/06/13 11:27:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/10/18 03:30:16 | 000,000,154 | RH-- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{520b7578-3f36-11e1-9d4c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{520b7578-3f36-11e1-9d4c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2013/10/18 03:28:39 | 042,041,656 | R--- | M] (Belkin International, Inc.)
[2014/07/23 12:52:57 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Vono

:files
C:\Program Files (x86)\Vono


:commands
[emptytemp]

Next, right click in the box named Custom Scans/Fixes and select paste.
 
otl-run-fix.jpg

This will insert the code into OTL.

Now click Run Fix

OTL will generate a report when it has finished. Please paste the contents of this report in your next post.
 
 
Step 2
 
 jrt.pngJunkware Removal Tool
Please download Junkware Removal Tool to your desktop. << Important
Ensure that any security software is temporarily disabled for the duration of the scan. Don't forget to re-enable it afterwards.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by right-clicking jrt.png and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3
 
Initial FRST Scan

Please download Farbar Recovery Scan Tool and save it to your Desktop. There will be 2 versions offered, if you know which version is the one you need, download that one, if not, download both, only one will work on your computer, that is the one you need.
  • Right click frst.png to run as administrator. When the tool opens click Yes to the disclaimer.
  • Ensure that the following are ticked as in the image below
  • Addition.txt
    frst-addition.png
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • This will also generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
  • Items I need to see in your next post:
    • OTL Report
    • JRT Log
    • FRST & Addition files
    • When did the problems start

  • 0

#5
Andre Silva
Posted 02 February 2015 - 02:46 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Hello Ruggie, 

 

Thanks again for your reply. Yes, my problem started about a month or so ago. I am using a laptop. I have also received a message that my battery is not performing as it should. Not sure if it influences the performance altogether.

 

I will do all steps recommended and will get back to you ASAP.

 

Thank you!

 

Andre


  • 0

#6
Andre Silva
Posted 02 February 2015 - 07:12 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Hello Ruggie, how are you?

 

Just a quick heads up. OTL has been running the Quick Fix for about 2 hours now. The progress bar goes up to full completion, but then starts over again... Is this normal?

 

Thanks!

 

Andre


  • 0

#7
ruggie_uk
Posted 03 February 2015 - 03:03 AM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Hi. That does seems long time. The fix was only a very small one but the temp files clearing can take a while.

 

If it is still going when you see this, stop it and continue with the rest, we can deal with it in the next stage.


  • 0

#8
Andre Silva
Posted 03 February 2015 - 04:57 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Hello Ruggie, how are you? Thanks again for your patience and kind attention. 

 

Just to give you some additional info:

 

1. The OTL Fix did not complete. It ran for several hours, but I had to restart the computer. The log created is below.

 

2. The file "Vono Manager.exe -- (Vono_Manager)" should be related to my Soft Phone application from this company. http://www.falevono.com.br
I NEVER use it and would have no problem uninstalling it. Please let me know how to proceed.

 

Thanks again for your help! Greetings from Brazil!

 

Here are the logs:

 

== OTL ==

 
Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\Setup.exe scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Izilda on Tue Feb/03/2015 at 17:30:25.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\regwork"
Successfully deleted: [Folder] "C:\Users\Izilda\appdata\local\blekkotb_005"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\regwork"
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{004B8EE7-AD27-413E-B3A0-7740E0116D56}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{004DA086-0C04-4E32-A7D2-225FF5CC8CCD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{00578677-3BB4-47A4-8E0C-F1782B24D929}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{017CC3EB-00C0-4722-B14F-D96D540B7246}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{01B1D1F7-05C5-4AE8-B36B-F75C14248D5D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{024FBA85-EB79-4E30-942D-C82B282AF71D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{02B2E02A-46C8-402A-817D-7892F4ABBDE4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{02D60B2C-882A-4A41-9FA6-8763382808D4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{03D72729-534A-4123-B8C9-14692230C842}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{04010CE8-ADF6-4F54-9DFE-E60776C26A3F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{04BBCD3B-8237-4AB4-B89B-0A3B086A6E4D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{052D5B68-BA19-4FEF-BE72-FC7A24ADBE54}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{05630867-3BD0-4831-8A00-3933C9AC2327}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{06DEDD7F-218C-4112-B5E3-D1A937C89B9D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{074F820A-908F-4D27-9533-09EE43944F2C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{07B445E4-9A13-4F2F-A014-6004BC65721C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{07CB7FDA-82F4-436D-86B1-445F1AFD17E1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{07F43C6A-2606-46BA-A78A-7C1399883E12}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{07F742F7-6BAF-407A-B9AA-CE2515879B96}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0882D42E-ED73-4D9D-9C62-94580304940E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{089F0B43-5DE7-4A47-BEA3-C7BEEF10BD6E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{092095A0-AFB5-4660-909A-F59004138B54}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{094420E7-04DF-4A72-A092-FC65710CC114}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{09D6DCC4-0682-4EA5-8F82-AC2704817E0F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0A1746AA-BDAC-4B84-A705-7654660E22A5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0BE27B7A-A80E-49EB-B500-9BF16D3C6726}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0C3A2A7B-51B5-41A1-BDD4-8BEA542F3F42}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0C93128A-0193-411B-800F-4928A7A08BF8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0C98D403-E93C-434D-B22A-D4564B83E695}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0F3263F6-1504-4B01-BE84-BDEBAF3A4A74}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0F46B99E-BED9-4CBF-AF9B-40321F76A08D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0F684375-9862-436E-98FC-BA4832A480FE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{0FF2A2AD-CF84-4448-A7DE-DF3737E225F3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1034690D-C973-4B0A-8CDB-98146A77BA3F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1041C831-575F-4FEC-85FE-9AEA6D6A555D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{107E83F0-6726-4EF9-B757-4A67F1547389}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{11C5C67D-EE77-42E9-80B0-9DFFACE52875}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{124012AD-A5E9-4D44-A175-B07682E603F7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{12938F78-3BC2-48B7-A45E-D3420EAD58BD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{12963411-080D-495A-B1C5-0B1EE4DC0540}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{12C63331-018C-40EF-AFB9-A5EFDD60D3D8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{13C1A379-0950-45B4-BF8E-89357A8124E9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{13E97FB4-9F17-4FC3-B284-E51F49788A8B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{13F40BD0-C2BD-45AA-9441-5804B220EEE7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{13F956A6-79B3-4F8D-BBA9-6212C1A1FAA9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{13FDC65A-06F9-4F7E-B74B-C348BFBD3A3D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{14A6DB60-3F63-4D35-8A72-AA6857B58749}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{15015FD9-FE32-450C-BC15-343E02410386}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1587B479-1A45-46BE-935C-11332B8C82CD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1651E27D-4B90-40EA-831F-993935A9B086}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{16D49C87-B57D-41FB-817A-6CDC565BA7AE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{16ED0B5D-CA6E-41CD-A1C6-03E426608B6A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{17492A4E-1287-4F2D-9018-A821C14F7D43}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1756A134-3B3F-472F-9AE4-8F5223D8B74B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{177B7D62-481F-44D1-A626-5E26E3495B89}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{17B5ED61-3B24-4946-8585-BAB464BE411B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{17C9DBC2-7087-4E8B-BDE2-74481E773CA1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{18058DE1-3E2C-471C-A36D-F6014ACFD7C5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{18106B38-06CC-44D0-AC61-F86FC4E177D7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{19726705-50FE-45FD-B28C-26F838B27F27}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1A011E8B-1DD1-4549-B8B4-3E68492F4517}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1AE0CDD1-07A8-4C5A-B3B3-56B471FDB369}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1B01C475-F74A-409B-89D7-5A0B1BD96036}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1B31DDBE-95DF-4CCD-9B31-40795F9B9160}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1B67EA1B-C9EC-4AD7-84D6-03726175227D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1DA746B7-98C6-43D9-A9D4-59446D08E2E1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1E351CE3-4877-4758-B85B-D1B020473B97}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1E774B63-4E75-44D4-B55D-D6D2BCF02451}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1E7775CD-FB9D-4E7E-B7D2-DDF86B647C22}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1E857C9E-FD5D-44FE-B6BA-0E738859E799}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1EA8B696-A222-4B94-BE3F-A46F93737CD0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1EDD7F28-A748-480D-9B32-2D62DC77A03B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{1FF059A7-8783-4BED-A223-372E582121C3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2007F795-C8AD-434F-B192-3B794C3D10BD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{203230E0-7B34-40BE-B302-2584D3994221}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{203AF46C-3D35-4FAA-9D16-E68CAD8F8B89}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{20ADEB72-C839-4DE3-AE0D-6CCF8085543D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{20D65314-A7F7-4751-B375-1768975D8FD0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2143E3A1-CFC2-478E-9501-60C0F174A2DC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{21BBF99C-5059-4E76-818B-D8113C8505D0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{21E1760C-CF41-4D49-B52E-36E3597C29BE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{226370BA-7057-495C-B572-091225281738}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{232A1C8C-00EE-4C03-9BD2-9E2E864A4C4F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{234E20FA-1C1D-47AE-A889-AB0B5100A7E3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{249D9978-15B7-4319-81A4-3A093A6AECE0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2593C30C-FDBB-434C-82CA-622A1CA4DF62}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{259D12F7-8180-49B2-BB90-0C304CEB1436}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{25B4F7CC-E633-4967-817E-1F344D0AA0E8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{265F03F8-6A54-435D-A862-7C952C7ABB31}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2823E8FE-23DA-4B7D-8664-EE69385D6C9F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{283CEB89-2D96-45CE-A07C-0C820D175D5D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{295099B8-F7CF-42EE-91C9-E9774D76C5C3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2B016FEE-E0A0-483E-B81E-E20F8E309429}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2B0D1CEA-4D63-447D-AEE1-C9F7CFFD17EC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2B8DC919-F0A0-4D6E-BD3D-2DEFD1108034}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2B9347D0-C9BA-440F-8F50-E3512388B856}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2BB3FEDF-6C4F-4721-9EAD-AA2EED4E06CD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2C3552F3-63FB-45F5-9358-3DE81263315A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2C5C316D-BAC6-4785-8512-4E2CEE187053}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2C811CD2-AF51-4984-B1A8-0C5C8D2C370A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2CADD800-E9B3-49A4-BA36-CCC9C636D8D2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2E0CE7FA-A155-4C22-B6D1-2545FA5C69FA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2EE1E818-8655-4601-AB1C-6D5A909D1F04}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{2FF0A7CA-4F7A-4926-A302-0A87A5B0CC8A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{30A74B71-9F30-4574-AC09-D1A67607062D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{31500BA2-9586-40E4-A513-46615196AD23}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{31ACAC84-99F0-49E8-963C-DB42F13DA421}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{32BB75AA-4BD8-4949-ABCF-676A6F2F4229}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{32E21F6A-9FFA-4320-B445-A24DB112C23E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{331668BD-DDC9-49A5-A376-44F86FF64B7B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{333C8FEB-1001-4660-AAE9-3C1FF7D9E060}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{33615BDC-8917-4512-AE0F-757124B44CE8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{338B1261-850A-4446-B2C8-BEC54BAF168D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{33F997EB-510F-4AF9-B19C-DF44E4A3A18D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{33FC9ED7-51A6-4892-90B4-B795D6D444E9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3446F066-47C7-4E26-89FA-023F78C7BCA6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3447BA87-0682-4713-916A-E77D528B19D6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{345ECE06-508E-432A-8B9C-0C5C2322C44B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{35DB72AB-A84F-4B77-96B8-4F1A5390137C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{36497E02-03E1-456D-955D-A3ED858F38DB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{36620253-84F8-4DB6-A9A2-0CDA3CCFAE3B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{37205C2C-8545-4D83-AE7F-F0D43709A3A3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3792B660-0F60-444E-9140-BD81D64C4823}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{396EC5DF-5D40-4231-BBF1-C088F535C562}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{396EFA30-68ED-47C2-B5F6-543E0DB77146}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{398A79AD-5295-48B5-A181-058B5527BC2C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3997112C-0C1A-4049-9F3A-53129A8447DE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{39EB174E-FE85-49D6-9292-071B70701438}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3A6A31C7-7A33-424F-898B-16AA428740FF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3AAD30CF-CE5B-48C1-A060-ADDE7D458272}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3B005B89-9783-43EC-886E-50C5FAA798B7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3B6168BA-08AD-4927-BFC3-7A9548182C2B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3B7F2930-D7BD-4C60-9B5F-A050AF7C0C45}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3CD39DD4-CF25-484F-9390-BCF3F71E9AD6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3CFEB432-1EDE-48DF-8C00-932872BED371}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3DF839CC-7A8C-41B6-9E2B-61F18B7C700D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3F4C3979-EE17-4F73-B605-3E6E6002C338}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3F5A364A-BBC0-494B-BE7F-10002FF6E29E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3F613F1E-A2D3-4447-A5CD-B1579A2D6505}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3FB9EE04-5BFE-4640-A077-4B737879180C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{3FD1EE7E-FBB8-463E-A162-3FBD96A5CBAD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{40552A36-091F-4AB6-AE01-84139FA9639A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{40A247EC-4B79-4955-858A-F153DD1F57B7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4150692B-F6FB-41F4-9145-C5641930319D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{42F3E014-ECFB-4145-8588-115B8C50AF16}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{433133EE-7424-44ED-ACCF-FC0CA79C04F8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4494169C-C560-4744-9F21-2965F6A0840B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{44A5CE4C-3625-46D5-AC6F-851C983649BD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{456248B9-BE61-437C-BB55-1F514F8DB6DF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{464B7448-2163-4476-8A5D-DBEDA4501B09}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{46971586-D1FF-4455-AA55-3A9D6089D245}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{475C9374-6A88-4AE7-9E7A-B3C9517E8586}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{47BCDDD8-8DDB-4FC0-A899-AE6E6395AFA8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{47C309E0-3F2D-4480-8D50-369AA3304442}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{47D044C7-7492-4610-97B2-6E74A7C5783C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{486D3099-E21F-41EB-B011-24950AFEDCC3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{48D54F51-6E34-4850-A736-87D3F56B2E47}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4986F38D-E5C4-4679-AAB9-07A79145701B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{49C35701-B107-49A4-B352-9E7DF7BBB4D6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4ACA923D-7949-40D7-97EB-D0FC34EA45C3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4B007E53-7755-4655-BFFB-810574988EFC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4C467A65-5E8F-4A2D-A868-CB486D9FCE30}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4C4C7290-E44D-45B2-92A8-A762C9BC7F79}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4CAF2433-1909-428A-BBB4-4CE0295ABF6C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4D32C2FF-D5CC-47AE-9F41-4745C24535D5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4D76E9E2-6A87-4F74-A645-1D9D65DA79B2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4E26CE89-B960-40A4-8EFC-4878926A4413}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4E619F94-D9B8-4B27-BFCC-4FC372900F92}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4ECA4ED6-B8D0-413B-99A5-E392C354AECD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4F263047-5108-4848-8E96-CDA21534A541}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4F4B0D4D-8630-4DDF-BB05-E212146426E4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{4FCDAFD5-E0A4-4FE2-AE63-0697D611E924}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{505633E1-093D-4CA6-B6E3-1D44B5B3AA5C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5190D95E-7CC8-4509-AC55-4BB5EB75569A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{51DB7B11-025D-4599-AA71-225A0F6D4DBD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5374C977-939A-482D-BE32-FB14B3CC1FB3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{53856E5D-9584-47D1-9631-DE0605A13B5E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5407C8DF-4FB9-47F3-BDC9-DDC7E1B5AFF9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5477F56D-A192-487E-8D94-266B4D0F3D8F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{548AE501-362B-4849-B7E3-95CBDD141E2F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{553B4AE8-A0C9-4C3B-95D5-B4A3F0D104B6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{575AF182-EF9C-4F91-94C5-06221FEE22B0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5766C46E-4A24-4DA4-9B50-FEFBBA428A8D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{58969809-9549-48D5-B00E-0D41A4E814A1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{58FD2442-F03D-439B-8642-2024CD54376F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5908A523-E6C5-4DF1-AB12-F01FF24CF26F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{59D2AB80-8798-4B8F-B1B8-2FD02587D1C4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5ADB5567-B9BB-4F57-B858-C27584EA5F18}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5AF80CE6-1EEF-43F3-ADB2-5317FE1EE90A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5BE5227C-42A2-41CC-BE4A-56DC7A55638E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5D799AFF-5715-4497-8C2B-DFD07CF19C54}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5E069222-064C-42DF-A4EF-505EF4002616}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5E8C70B9-D686-4BC2-A2D2-2C8161B60E9F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5F05E4D4-1FEA-4A6A-9825-6CEB27BAC90D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{5FAAF38F-378F-458F-961C-3A8B28D83885}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{603A2304-E554-4B80-A085-79018CB79C4A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{60419885-9D28-409D-B087-EDF2C87B995B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{60898BAF-710C-4A64-81F3-BF767E7A9740}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{60B5CF68-B596-4CF4-9400-1E50FDB8F777}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{60D0DBC1-7B8A-4FFA-89D6-95498B5D96F9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{614E26DA-91BA-4DBE-BC22-45110B6DC1AA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{621B0F48-CF15-4A4C-A17C-066913339FC8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6245F6FE-205F-40F0-80B1-5670A5B140D9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{634E2EE3-D92C-4F83-828D-D1354295C41D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{65033747-58CD-4EEB-BC29-9FB29A994798}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6582ED52-E261-4F79-AA81-1E60EE652A39}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6606F4E1-14B9-46C0-843B-AC632CCD8210}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{66529626-F04F-4A2E-ABE2-9B821DFA0867}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6712ECE7-7B45-412E-A9C4-61318CD669EA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{67168CCE-7D08-4BF8-BB16-7E6A01F49B7C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{680074A1-52BD-4A50-8AB4-FFB4EA591038}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{68B3A3F6-0F07-480D-85FA-F0A866EDCA4D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{698CF4D3-BFAF-440D-A65F-5FE684F65AF7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{69E14117-DFFC-49CA-BB87-EF8C2148AA33}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6AE61FFE-E448-4BFE-8D4C-32673CBE793E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6B11E944-6676-44A5-9D64-58705D9484BF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6B554856-471E-4EC6-AA7E-C480A0E65252}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6B5B5A5A-2BCF-40D0-B5A5-DD15AE7CA7E0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6B8B834C-E58C-4464-80F7-87C4CBA7E254}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6B9B2848-124B-42C3-9048-1FBF5BCC6B86}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6C516235-33DE-4B3D-B54B-6732787B4F2F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6CB2EED6-3561-423D-B855-B33D38890FEC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6CDDC62C-5EE1-4F9A-9B46-826CC6227B38}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6D122240-61BC-4F11-873B-B5E0541E092A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6D2DD7FA-DB5E-4EA5-BDE0-27B01AB28150}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6DF6499B-361B-4057-A374-2FA5D07CDFCC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6E2E08A7-E3CB-4DC7-BB27-48024070F648}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6E841DF6-6BD2-4BA6-AB1D-9DA803EE6CB2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6F4A91F3-1E5D-47B8-813A-B127DFED25D7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6F6303D9-1C88-4FFF-8C11-6A8ECC63AF16}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{6FE29385-066F-4554-AAEA-FEF663BF2DA6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{709002C6-B7E9-4A29-8A0D-2040B4508917}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{70D54171-54E1-46CB-B5E5-9FDE77496689}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{71175055-475C-4852-A454-71122BE7448D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{714CA317-0B69-483F-AC44-E8FF60FC1477}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7162F915-0666-4452-96DC-373F83424FF2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{728C5F08-116F-4F4C-B50D-9CB649C046F0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{728ED019-A78A-441C-92E0-2B3D2D2C4B99}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{732ED677-C9AF-4B1C-AC34-9C29E65736CC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7370AC7E-B0A0-496F-87F9-4CEA36E66F84}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{739ECD63-70E9-4748-94F6-F6608CE655E1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{73C2CD4A-0130-40C2-BCEB-8CE043BFF73A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{73EB1F6F-4C52-4DE9-8D77-F12D097155B5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7427A543-4665-4F38-9AF1-083D77E2E805}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7521A2D9-28BE-4D5F-95E0-B852D608C5A7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{752B3EEE-CF01-4564-BA3D-F07CE5223727}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{76B5F196-0716-4DCD-BF08-7634C668FA3F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{76BB2E58-ABC1-47C0-8A02-7E7C28D6A5E4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{771154C1-A3B7-4257-A3FD-B1BE593A68C0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{777FBA3B-3C4D-425E-AF87-09952D458688}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{78111A69-BD06-4A46-A83E-79CA6B752748}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7835675D-B2D7-41AC-A629-D21FC31100D7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7859A677-3891-420F-959F-95CD90518D9A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{78A4EC10-3130-4748-8172-374730F18B25}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7921F07D-DBE1-4A69-A2A5-5FA22EB246CF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{794A895B-652A-4087-BD08-AC47B0C0C72B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{797648D8-4745-46D1-AD70-7C35DED4028E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{79A62C5E-E6FE-45A1-A4A8-00B93EC34D6A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7AA2ED50-8150-479B-ABCD-E07929096CFD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7AB0F47E-39FA-4029-8CB7-B28688F137BF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7C59D07B-9E9B-4E44-816E-2CFE0414FD91}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7D49194E-612A-44AF-8150-381018B0D4B5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7D639E0E-97E8-462F-AADB-17417F29DAF4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7DBF90BA-8E20-4B24-A1A4-9EA5CAC705BB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7E173893-03CF-4E84-BD03-4BD777DFB9D4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7E185A79-912F-405D-9C04-2CD1235994BC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7F0AF582-577C-44B5-8440-A6DAF389262B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7F376A60-8057-4975-82C9-180BA8408DAA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7F488D6C-0875-4607-883B-B55C1DDAA8C2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{7FFCF11C-4324-45E7-99B0-3346011B7CE2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{807FCBEE-217D-4BCD-9411-BD42C7BF8E77}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{809D1BFB-5CBF-411C-AB1B-36914B979408}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{81E8C07C-A94B-4A86-8476-67062821F8D3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8259899D-8E8C-4112-AE93-780ABB8B97F3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{827F3576-D12A-45B6-80BF-6A96C14A8A0A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{828987F6-4DBF-452B-9BB4-DF2303D29DDB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{82DB889C-E1B3-4143-9114-8CC634B3F5B8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{82E30ADE-E26A-4032-BFEF-2DFECACCE69D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{84DD43B1-484B-4CEF-8F44-A09C7A0737C3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8545CD88-F944-4A4E-8849-33534DDF7D56}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{85F277D0-1F3E-41C0-AE1F-D299A094C74A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{86946AE9-CD18-4911-8B2E-F6D9CA6C8B27}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{86DA7C6F-4FD3-44D5-A053-B0BCB3897953}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8703CF21-AA6C-4D24-BBEA-31ED45647F96}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{879A8889-3CB0-4C0B-94AC-B0F617234FB3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{87A8113D-8257-4C8B-AFBA-D50512DDB6A8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{884CB6CB-3371-475A-A5E0-7BF74D8AAD0A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{88975FB3-B68F-42F9-90BA-796EFBC99106}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{88E905C8-ECDF-44EF-ABD3-BC81505D1890}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{897A3784-524E-449B-84B6-D9DBC47D4333}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8A81A62B-AF2B-4361-B7D5-41D931B9BD90}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8B16A86C-25E0-476D-BB73-6A7697639575}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8B3FB656-A57E-4C96-81B0-B893AF660894}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8B8F4744-8C1E-4652-B22C-D846FD803AED}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8BB94951-C95C-4E2F-8965-BDCE40DF6FEB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8CAACBBA-09E9-4789-877A-6DC8078D337A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8CBA1718-BD2D-49FA-B9D2-78B330F84BF0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8D0017DF-C48D-4074-B605-CD3C94408114}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8D726334-3E79-4320-B0E4-1C9C5EC5FBA5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8DAB6E63-820A-4446-B59C-68D0C5DC2375}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8E130609-81D9-4C0B-8145-05BB6CB95690}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8E75134E-8F1E-4D03-8B82-FF5970EF45F4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8F41BF67-A89D-45DD-B61A-2DCB68DA2C85}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{8F6049E5-CB0C-4713-A3C7-5193A2270CFA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{907435AC-68AB-4212-AF5E-E2DF7E71FA2A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{908033B6-38E3-4FE6-B302-C0B8A8F029B0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9094CF1B-BBAA-4DA4-B033-499263D7E817}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{90D34C19-EDAB-4EE0-B051-EC6BC61C50B2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{91778746-0C9E-4387-A9F4-AC4E0C81EBF5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{918808D5-5DA8-419F-82C9-72D6F0469479}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{92408C42-A5A5-4115-8D29-256DF7A1AF4D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{931A1D5E-563F-4055-ABC8-1E85558FA5F9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{936DB1BD-AE4B-433F-A9DB-EC29DF6289A9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{939CA255-161C-4589-9245-3AAF0B9C23ED}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{93B0C824-13F2-47FE-AFE8-71FB780C0468}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{93B42BE9-03A0-4665-824E-BDE51D3BAAB8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{951303F9-4A11-41B8-A2B5-0DBB4132A28C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{955DF5ED-5A8D-4803-8CD9-1216336E7FB4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{95CEB3D6-3AE5-4F30-AE5A-79C22AFC3BD0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{95F53401-DA18-4953-823B-969FFE9C7147}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{95FB0518-EB2B-42CF-904C-FF95AD1A3C99}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{96ECA517-1D34-4801-A8FF-3BE9745C1C42}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{97734C41-A9BD-44DF-A385-68544B861DF1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{979DB647-34B1-4D23-8C01-EF151B2458DC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{97A464CA-DA23-4653-865F-52AC4D79C4B6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{97B1DB91-ECF2-4464-A756-698D6EAC12FF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{986CD7D9-646E-42DA-BA74-738C76352843}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9874AD68-6F58-44D0-ACDA-B6F94CE53817}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9948A05E-CB83-4285-8B9A-4074139C92E3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{99914B63-88A1-457F-A34E-A6B8E852963C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{99B7F454-D5D9-4CEC-91A1-5EE7CEF30504}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{99F23A8D-8141-42D9-AFD2-31C82879BC2E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9B79F471-9EBB-4910-89AE-C3F9681C77D1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9B95CF51-78D1-4E94-AC97-D541876A350D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9BD81DD8-92A6-45AD-8CFC-C3C971BEB08B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9C56270B-6136-447B-90F6-34C620523254}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9C6FA45A-ACBD-4402-A9E8-AE7795DD1846}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9E195607-2739-48BC-B161-68EEBA5AC0FA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9E6A6D93-1847-4B20-927E-5943B96F219A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9F1E0E24-3753-421D-80B4-1726E31A0CE1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9F2E1A9D-4613-4DCC-A664-574D12FCFBF7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{9F66CFAE-B687-4D96-B584-7E9CF6BEADB9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A038BC3E-869A-49EA-8EF1-BD6C680DF7A0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A0845CCC-BD5C-475A-A54D-B5840083F006}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A0CF4E07-E9D0-4993-A759-16D96CB11B34}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A152F5EA-F895-42BE-8225-1A34CAEBFB6A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A1753D28-C995-458C-9C8F-EC4A04C9AA36}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A1D15E65-D518-48C7-BE10-18054447299A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A297EF61-8E3F-42CE-857E-43988FB7BCDE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A2CF0117-A8F4-4DF9-86A0-75EB72C37C0D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A32C2DCC-6B0A-4A90-87D4-7686DAD367D8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A3B14439-2E46-43A7-B6DE-E81107C63E53}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A41AB16C-06FB-47A3-A0E0-655D9C72D6F5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A46C088B-1974-4FD6-98F8-F97555588935}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A5D58506-A658-4378-AC2C-EBE05AC4ABF6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A5E04B53-4C36-43E8-B549-3225525FF868}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A60978C4-F085-42CB-A610-AEEEC6928E5E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A6105D4F-F9D5-4CCE-8003-B96C394E5CF9}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A66FB455-3045-42AB-B436-210661EDD9BA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A6BF263D-92BF-4BB7-A94A-EF76025706F8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A79C9B5C-5798-42B1-9531-7D95C99DEF7A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A825E7D1-58B3-4DA6-B04E-210A9BBFEC7C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A89539CB-0906-46BF-A351-1640F9F4AE3B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{A8B8B557-6B87-4C00-85AB-0DEB9E1D98C7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AA29F6D0-6678-4BA6-83A4-B404628CE7AB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AA4B52D3-134D-440C-AA83-6D16B51993A1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AA5608F4-4E46-49C4-92EC-45A2FEF03157}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AAB7E196-56CB-47D3-9D59-0AC232E9E127}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AAFB2FA7-CC5E-47C3-87CF-36AE06E9F4FB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AB09B77E-A35C-4C41-936B-01111EFA7800}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AB2FF86A-C266-47AC-BCBB-EBD57A5D516D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AB3441E2-F58F-4E9F-B80C-26028A28A9F5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AC770956-9090-4338-8ED3-47249B3E6EEB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{ACBF74EF-3512-4673-8C03-8D03CDDB0101}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{ADC8029D-7B3F-469B-B2B2-96ACD55E5990}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AE4E3A78-719D-42A2-A5CF-0CA35E1DAAF7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{AEC20BB1-7F47-4490-BC7D-CDED98AEBA88}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B03AB7B8-FFE8-4278-8B96-F9A71A1C28AA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B0488F70-F406-4235-B910-659C6409A9E0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B0D0A79A-EB95-45D6-8D98-DA31F096999B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B1586B39-C0BF-46A7-9DE4-7397A6552905}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B163F0EE-B687-402E-88F0-DA2AEAF2D3DD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B18D7A12-5B04-431D-9520-C2A032ABC383}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B1D38B75-2EA5-4994-A636-45CD451653E6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B1E2AB09-B99A-4D7E-963C-1480CB56B232}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B1EACA25-EFB2-4EB9-B167-1C271FB0BA4F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B25A8061-FCC9-4919-B44A-070025B01448}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B2700814-F696-43D1-87CA-72BE63D840BC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B2ADB736-7AE5-41FC-B1F5-7D17A9CC97BE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B2ECF996-F6C7-4524-AEB4-87DBA016C0ED}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B3086538-3B32-44CE-BC48-D33898218509}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B38CBAFB-98B1-4580-89FC-64AFD53B92EA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B4137B59-499C-4725-AA38-14E72E68552A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B4978C9A-4555-4518-87C6-AC5E43BB8FEB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B4E8753A-8D27-4248-8129-6C5F98EDCA27}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B592BB5A-602C-40BB-9CB2-B98CEAF514FA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B5989C75-454D-4EEE-9509-6116B2EBC691}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B5B9B59D-DED9-4AEF-B332-00DDD710F6D4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B5E3FEA5-4F4A-4F02-942C-C6D0DC925410}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B6161C80-76C5-4043-8EA2-1C408C8AA414}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B6251E56-7346-4FB9-816B-094FFA5EC687}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B656ECB9-E973-4710-9E49-F2BC0C1F108E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B691AFB7-D59B-4193-86C7-F76A292BD338}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B72E58D9-5206-40B5-B3C2-C95CEE0F3D93}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B7510D62-D963-4EAF-B157-4783E7A3153A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B7F3ED02-5F91-4F71-A2E1-E4201B4D5215}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{B8B60196-80CC-49A8-B6A0-DDBDBE0E26C4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BA2FC45E-A802-4F39-AC15-79B0E765360D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BA616555-9169-4852-91DD-884BCD1812CF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BB46DCC7-1BD0-4BA7-8A61-42190310F6C4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BC767DF4-05C2-41AF-BF2D-C211199EB61F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BC8C74A5-0594-41C6-9470-6B4CB870DF06}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BCEC43DC-C533-44AF-8297-8FFC805CF5B3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BD4BC540-4546-4F96-BB75-E1B332DABC00}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BDA1D65E-E42C-4443-88A0-CDCC440AB6AE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BDBDA8BD-1625-4E49-BA22-E0272C29B50A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BE7E04B3-D9C7-481F-8C1D-FC1AE0588978}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BE95B345-964F-4F16-AFF3-20BBE1A24F87}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BF0F5BEE-3A7C-4D4F-ABF9-DDA174C9CA7E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BF2B5FA8-CAC9-4D5F-86E0-709552F24231}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BF5F4348-4334-4CC7-9F5C-0B26C20FB3F8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BF8E4DC9-8BAA-4C70-8833-8521E932B669}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{BFBA0870-CE92-41B2-AFC4-4A5497BB1E14}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C02DFF37-BB86-4A34-B9BA-36DCC32D6EB3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C107F07A-CED9-4FC6-8B79-065937D855AA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C17A3121-7005-497B-A6D3-4D4384ADE068}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C21AFED5-1F29-484A-BCA8-BC1D9C9C71B8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C26718E4-ECA1-420E-A534-DDFFE9CD75AC}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C2DAB93D-5264-4C0F-B729-7925DED843D0}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C3BC356B-3A76-467E-8DE0-8E556D2E19FD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C4ABF16D-2273-4E5A-B70A-977EA5E6E451}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C4ABF96E-D88C-45A3-9114-A5F6558C2A27}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C51E8CD4-4CB9-4951-B564-F1A754C2D865}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C532F299-0DE0-4742-945E-C0367ED22A1B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C54FD868-2682-429E-97BB-0B7A863A992F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C588E58D-EC10-4008-ACB2-9578B113A509}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C5A3F802-4796-4907-9FB4-738A5BD69D8B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C623F808-5D9F-43A9-A49A-1AB5130F6DC6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C626E4E1-4A70-4B7A-821A-BFD09777B814}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{C764696F-8BFE-4D85-AF1D-0AD0DE7A25D3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CA20DB88-AC14-48EF-8B5F-FF621FE166FD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CB810CB2-8ACD-4199-9F80-5CB90A23D232}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CBBCF740-4719-4A4A-8990-34BDBBE9D05C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CBE742D7-AB84-4288-88D7-A27C713A4A9D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CC196F16-7E5C-46C4-BA9E-25004E314190}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CC2ED4AF-446C-4B8F-B5BD-35B945E06310}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CCF1BF37-58D8-4634-AEDD-CFE0FD633574}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CD03DE5C-F437-4C61-AC6D-2E4B526F48D5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CDB4C5BC-AC90-4797-903B-C50C58D1B9BE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CDD06F72-3B71-4F30-9333-0E771F941528}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CE40CF9D-EDCA-47FC-8BD7-3A693C9012F4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CE72ADA4-6C42-412E-939F-D69D95612D05}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{CEEDD22A-2523-427F-B95F-76F69E3B7F7E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D00258AC-7048-40B8-A282-3A7B7DEC1635}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D0681E64-E0F7-41D4-80E2-A1ED23E79AE7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D1E26149-7178-4FFB-B878-2D575193497A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D22C634C-E410-48EA-939B-B3A28685EE4F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D2DD5914-FD27-4B66-9263-5A20BFA53141}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D3596B59-FFD8-4343-AA3A-8134001695BA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D39EB0BD-2D6D-4425-8372-9C05DB41F8CE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D402A337-6B63-405C-8798-E762E4AD0667}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D4EB7152-4EEF-40D4-B26D-7BF040A32DA1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D5125C5C-ABBD-4ECC-8F58-DA9020065E40}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D5C65D23-EBD3-4870-A52C-2D4879E004DA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D6307B33-1012-4C84-9C44-A30078DA8196}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D63A2A29-1CAF-40F4-8F40-3E12457AEEE2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D73F723A-F813-4EC8-9DF9-03D27FD7F101}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D897120F-28F1-4866-8EB4-F38925ACD811}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{D9013EAD-1A58-4272-A60F-35785FB29932}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DA50AD49-1B49-4BB5-A2E8-4587B135DC55}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DA956428-A6C8-49E2-B538-D9C831DD083A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DAA84759-BEF6-4FF0-AD32-255D8DE14D89}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DAC60FAF-AA0F-4DFC-9EF6-438C75944B92}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DACA64E2-63EA-4BEF-94FA-84A065CE9877}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DB5B936C-837B-4DA1-A730-E976D59114AD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DB83D656-1362-402D-8F22-A3F7C2A7860F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DBBCFF55-5D35-4522-B824-1FB003A14856}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DC606F50-19CF-4AF3-A46B-13DFB5BF5F9C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DCB8A56E-0FBF-4D57-A5D8-7A3FD18D4D83}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DCE86F1C-2E48-4091-9E47-BB78042D6240}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DD55C85F-92B9-4220-BD77-13277D5A5792}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DD764F3C-53D2-4670-940E-08102BE5A890}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DDACA581-3407-478C-BAD6-60CC9DF96D4D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DDAFD947-A2CA-4405-A503-7D35857B3D78}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DE135B42-10DC-4861-949F-3363C9E2FBF3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DEA2968A-3A0E-42E8-B801-8A1589C9349A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DF3122CC-5A6E-42D7-A6E2-2A3A355EB4DF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{DF4A9E97-D06F-4CFC-A2C3-6943A52125EF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E00AF59C-D891-4B01-9154-B818A07C3680}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E0919ACE-9BFD-4CEE-8FA6-84D571D9F043}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E0F448BA-6405-432C-9012-2A6E6968F6F4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E188163A-37B8-4A0D-846A-CD3B37F1245A}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E219834D-57D2-44CF-AD77-780CF7CBE070}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E2A21326-130C-495B-BAE5-FA529D145347}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E2B10F8F-D8E0-477C-B3AF-C47D25B86CCF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E3733F66-146E-4E0D-8792-56B3FF216652}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E492DCBC-31BC-4595-9AA4-E7D76278518B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E4B68724-DED2-4CD9-9482-DBD85F73B805}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E52FA9E5-2B38-4610-AE5F-D8C83B673BF2}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E63AB566-5B8E-4AEF-8108-49D6A2A9AFD6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E653559F-F183-4C1B-BE7C-5C27F798EC20}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E67BDB64-9E0C-4F4A-9F79-5E4562B1D4BB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E7B7B484-ED86-44AA-9702-F6DD639512F5}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E88CF701-A7E8-4E9A-B58F-231BC56ECE48}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E8BBCFAC-8F62-423E-BDAA-6DF0E2FDA916}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E9036531-A395-48A3-B556-A01C5105455D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E941225F-66B3-4BA3-9476-DC06884F93B4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{E9E0DB11-8CCA-414E-8A54-3904D6F15E94}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EA206188-2168-44A4-BCC9-25720A46041F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EA3361BB-4F6B-4F28-BB3D-1C858DFE2115}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EA59D247-4F67-44B6-A8ED-811B1DFA1F34}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EB2FC3D2-BE19-4C42-B77A-F12CBBC9BB45}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EB826FDC-042D-48E4-83DE-8E87D6F44185}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EBBC4497-8BC9-42EA-B71A-9B071D3713DD}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EBC3C2D0-4A10-4AB2-88AF-A2958DC954ED}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EBD24694-5D98-4B90-9875-C00B1EE51B01}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EBE60601-18C8-433B-A2AA-914409544E64}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EC06D20F-1D13-4393-9CBB-D91A5CB7A36B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EE283405-CE99-46DC-A408-5FE021A1AB77}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{EEC8446E-2E0C-4C3D-89CD-DC6C923EC73B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F0457002-9C81-402F-9554-212EC8399031}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F0842CB5-682B-4257-A2ED-FCDA8A819678}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F23DCE3C-92F7-4D96-A366-57EF27D45A73}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F29F1747-9E75-495F-A73A-01344C25C08F}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F2C1FC47-1D70-426A-9E31-2952B6D638D6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F2E778FB-EA74-4081-9400-26612F06E0E8}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F30BE878-82A8-4478-8ED0-0525A2D72D2D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F335A0FC-E753-4E63-A685-D86A0A19892B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F336E5B9-55AB-4FDA-A294-C6CF46F643D4}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F3B5A0CB-D767-422A-A72F-1A11990B767D}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F5069DA5-BBED-4FFC-8D6C-277EC925A0D3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F542D360-97A9-4B71-A44E-32EEB6BE87BE}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F542DC5E-87E6-401F-B7BA-D2CDAB480545}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F587B205-A573-46C5-97C3-11BB920BC9A7}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F5F70D52-1CD3-44A5-A775-AC99A389BEDB}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F670E491-0DBC-4B75-AC01-AE6B4B62DFA3}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F6BE587F-3FD5-4C8C-9CC9-5BFBADA2D1A1}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F6D6A78F-834F-4A95-A3DB-4E2807371555}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F6F7A91C-4AAE-4652-84F9-8A08D7B0E309}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F6FE6BAA-9F67-4AFA-83A6-0FF45AABB129}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F731C197-BDD7-43BF-9A1B-C069775A2373}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F88568B4-663A-4073-92C4-5CB2CE24457C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F8EE5762-1C3E-4EAB-A9FF-020B1EC7FA6B}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F92F3945-98BA-4026-A1AE-8FA80425B057}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F93B65C4-3696-4D30-8F4C-831E0DCAC46E}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F951619D-B4CE-4DA7-B1F0-593CBE9CBA19}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{F96C1900-83FE-4838-ACE2-19B5DCF8EECF}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FA460C26-BEE7-4651-92E8-28D65D0E0963}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FA4F1BC1-888B-4748-A61B-8B5D3461A89C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FAC9246A-6EA0-49AE-9DEA-AE077C9309EA}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FB131D21-4B69-48A6-A0EB-FC02544B7783}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FB1E4BAB-DD9F-4913-ABE1-2A696E53ECC6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FB8411F4-C156-4765-B3D7-BA1154D530D6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FD235F83-EA35-45B1-948B-F142FBDD4880}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FEEBEAA3-5819-463A-B222-BD7748A9D5D6}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FEF2003A-3273-4F21-8164-BF818050969C}
Successfully deleted: [Empty Folder] C:\Users\Izilda\appdata\local\{FF3BD229-B9D5-4B77-BB9B-39D40F1E23D8}
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Izilda\AppData\Roaming\mozilla\firefox\profiles\qb4mtwr7.default-1380586887777\minidumps [55 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue Feb/03/2015 at 17:45:27.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Izilda (administrator) on IZILDA-HP on 03-02-2015 17:49:37
Running from C:\Users\Izilda\Desktop
Loaded Profiles: Izilda (Available profiles: Izilda)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Dropbox, Inc.) C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Google Inc.) C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2012-02-07] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-24] (Easybits)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} =>  No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} =>  No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
SearchScopes: HKLM -> {5D1E3CEC-F39F-465A-8D86-A8981406F57E} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3190529940-644357419-2377663512-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1587768 2014-02-24] (Banco Itaú Unibanco)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @talk.google.com/O1DPlugin -> C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/bb -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/cef -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/uni -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Izilda\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Izilda\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777\searchplugins\yahoo-avast.xml
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-06]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-01-17]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF Extension: GBBD Guardião - Itaú 30 horas - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-03-24]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-12-09]
 
Chrome: 
=======
CHR Profile: C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (GBBD Banco do Brasil) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2013-06-19]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-12-09]
CHR HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-06-19]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-09] (Avast Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-01-12] (Nitro PDF Software)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-26] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [845464 2015-01-17] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2014-12-22] (IBM Corp.)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-09] (Avast Software)
R4 WinDivert1.1; C:\Windows\system32\WinDivert64.sys [37592 2014-08-25] (Basil's Projects)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-03 17:49 - 2015-02-03 17:50 - 00026498 _____ () C:\Users\Izilda\Desktop\FRST.txt
2015-02-03 17:48 - 2015-02-03 17:48 - 02131456 _____ (Farbar) C:\Users\Izilda\Downloads\FRST64.exe
2015-02-03 17:45 - 2015-02-03 17:45 - 00060787 _____ () C:\Users\Izilda\Desktop\JRT.txt
2015-02-03 17:28 - 2015-02-03 17:28 - 01388274 _____ (Thisisu) C:\Users\Izilda\Desktop\JRT.exe
2015-02-02 22:07 - 2015-02-03 17:46 - 00000000 ____D () C:\Users\Izilda\Desktop\OTL
2015-02-02 15:47 - 2015-02-02 15:47 - 00602112 _____ (OldTimer Tools) C:\Users\Izilda\Desktop\OTL.exe
2015-02-02 00:43 - 2015-02-02 00:46 - 00000000 ____D () C:\Users\Izilda\Downloads\Microsoft Office ProPlus 2013 VL 32 Bit and 64 Bit en-US (Aug 2013) + MS Toolkit Activator 2.4.7
2015-02-02 00:42 - 2015-02-02 00:42 - 00156383 _____ () C:\Users\Izilda\Downloads\[kickass.so]microsoft.office.proplus.2013.vl.32.bit.and.64.bit.en.us.aug.2013.ms.toolkit.activator.2.4.7.torrent
2015-02-02 00:16 - 2015-02-02 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
2015-02-01 23:54 - 2015-02-01 23:54 - 00880784 _____ (Google Inc.) C:\Users\Izilda\Downloads\googleappssyncsetup (1).exe
2015-01-31 15:32 - 2015-01-31 15:33 - 00001024 _____ () C:\.rnd
2015-01-31 15:32 - 2014-09-29 18:55 - 00033592 _____ (Basil's Projects) C:\Windows\system32\WinDivert.dll
2015-01-31 15:29 - 2014-08-25 11:10 - 00037592 _____ (Basil's Projects) C:\Windows\system32\WinDivert64.sys
2015-01-31 15:28 - 2015-01-31 15:31 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-31 15:24 - 2015-01-31 15:24 - 00000000 ___HD () C:\Program Files (x86)\GAS Tecnologia
2015-01-31 15:24 - 2015-01-31 15:24 - 00000000 ___HD () C:\Program Files (x86)\Diebold
2015-01-31 15:24 - 2015-01-31 15:24 - 00000000 ____D () C:\Program Files\Diebold
2015-01-29 11:08 - 2015-01-29 11:08 - 02194432 _____ () C:\Users\Izilda\Downloads\adwcleaner_4.109.exe
2015-01-28 14:12 - 2013-04-26 15:05 - 00020660 _____ () C:\Users\Izilda\Downloads\PWSignaturetwo.ttf
2015-01-23 11:03 - 2015-01-23 11:46 - 00000000 ____D () C:\Users\Izilda\Downloads\Blue's Clues Season 2 Complete
2015-01-23 11:02 - 2015-01-23 11:04 - 00000000 ____D () C:\Users\Izilda\Downloads\[BTN]Sarah & Duck
2015-01-22 23:41 - 2015-01-22 23:41 - 00021580 _____ () C:\Users\Izilda\Downloads\[kickass.so]super.why.torrent
2015-01-22 23:36 - 2015-01-22 23:36 - 00019158 _____ () C:\Users\Izilda\Downloads\[kickass.so]btn.sarah.duck.torrent
2015-01-22 23:33 - 2015-01-22 23:33 - 00000000 ____D () C:\Users\Izilda\Downloads\Corel Draw Graphics Suite X7.2 -WIN64-XFORCE- [spam-TPB]
2015-01-22 23:32 - 2015-01-22 23:32 - 00509497 _____ () C:\Users\Izilda\Downloads\[kickass.so]blue.s.clues.season.2.complete.torrent
2015-01-20 14:45 - 2015-01-20 14:45 - 00025600 _____ () C:\Users\Izilda\Desktop\Controle Projetos Vila - 2014 - 2015_atualizado_20_jan_2015.xls
2015-01-20 11:04 - 2015-01-20 11:04 - 00004345 _____ () C:\Users\Izilda\Downloads\comprovante (2).html
2015-01-17 14:29 - 2015-02-01 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-17 11:25 - 2015-01-20 10:19 - 00304128 _____ () C:\Users\Izilda\Desktop\Logo Design Brief.xls
2015-01-17 11:16 - 2015-01-17 11:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Trusteer
2015-01-17 11:16 - 2015-01-17 11:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Trusteer
2015-01-16 14:40 - 2015-01-16 14:40 - 06381120 _____ (Tim Kosse) C:\Users\Izilda\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-16 14:17 - 2015-01-16 14:17 - 00002184 _____ () C:\Users\Izilda\Downloads\1A50.tmp
2015-01-16 12:51 - 2015-01-16 14:13 - 00026624 _____ () C:\Users\Izilda\Desktop\Controle Projetos Ivan 2015 - atualizado 16_JAN_2015.xls
2015-01-14 11:11 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:11 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:11 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:11 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:11 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:11 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:11 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:11 - 2014-12-11 12:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:11 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:11 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:11 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 11:10 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:10 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-12 15:12 - 2015-01-12 15:15 - 00000000 ____D () C:\Users\Izilda\Desktop\Joomla
2015-01-08 17:22 - 2015-01-10 00:24 - 00009644 _____ () C:\Users\Izilda\Downloads\www-scipioni-com-br_20150108T222219Z_CrawlErrors.csv
2015-01-08 15:48 - 2015-01-08 15:48 - 00000026 _____ () C:\Users\Izilda\Desktop\robots.txt
2015-01-08 15:46 - 2015-01-08 15:46 - 00000053 _____ () C:\Users\Izilda\Downloads\googleb41c0fe9a30a8c5b (3).html
2015-01-08 13:21 - 2015-01-08 17:25 - 00011050 _____ () C:\Users\Izilda\Downloads\Keyword Planner 2015-01-08 at 16-21-30.csv
2015-01-07 16:07 - 2015-01-07 16:07 - 00000053 _____ () C:\Users\Izilda\Downloads\googleb41c0fe9a30a8c5b (2).html
2015-01-07 16:06 - 2015-01-07 16:06 - 00000053 _____ () C:\Users\Izilda\Downloads\googleb41c0fe9a30a8c5b (1).html
2015-01-07 13:43 - 2015-01-07 13:43 - 00000388 _____ () C:\Users\Izilda\Downloads\robots.txt
2015-01-07 13:43 - 2015-01-07 13:43 - 00000388 _____ () C:\Users\Izilda\Downloads\robots (1).txt
2015-01-05 16:05 - 2015-01-05 16:06 - 00000000 ____D () C:\Users\Izilda\Desktop\Shaarx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-03 17:49 - 2014-12-17 01:31 - 00000000 ____D () C:\FRST
2015-02-03 17:48 - 2014-12-17 12:02 - 00000000 ____D () C:\Users\Izilda\Desktop\FRST-OlderVersion
2015-02-03 17:48 - 2014-12-15 13:27 - 02131456 _____ (Farbar) C:\Users\Izilda\Desktop\FRST64.exe
2015-02-03 17:27 - 2013-05-25 23:50 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2015-02-03 17:27 - 2011-10-06 12:04 - 02041116 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 17:26 - 2013-01-07 20:02 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2015-02-03 17:26 - 2012-03-06 21:08 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 15:14 - 2012-03-06 21:08 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 15:06 - 2013-11-17 23:08 - 00000000 ___RD () C:\Users\Izilda\Dropbox
2015-02-03 15:05 - 2013-11-17 23:04 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\Dropbox
2015-02-03 09:54 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-03 09:54 - 2009-07-13 23:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 09:52 - 2012-05-28 10:27 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-03 09:45 - 2012-11-30 16:58 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-03 09:45 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 09:45 - 2009-07-13 23:51 - 00170373 _____ () C:\Windows\setupact.log
2015-02-03 09:45 - 2009-07-13 23:45 - 05097232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-03 01:22 - 2012-09-19 01:45 - 00000000 ____D () C:\Users\Izilda\Desktop\Andre
2015-02-03 01:00 - 2012-07-12 17:34 - 06151680 ___SH () C:\Users\Izilda\Downloads\Thumbs.db
2015-02-03 00:26 - 2012-01-14 22:08 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\Skype
2015-02-03 00:18 - 2012-01-14 17:33 - 00124560 _____ () C:\Users\Izilda\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-03 00:08 - 2012-04-10 18:32 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\Nitro PDF
2015-02-03 00:04 - 2012-01-14 22:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-02 23:20 - 2012-01-14 17:37 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E9E6BA8C-07EE-4923-A62A-9A3F663A7BF5}
2015-02-02 22:08 - 2013-06-19 13:30 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2015-02-02 18:26 - 2013-08-15 12:33 - 00001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-02-02 15:46 - 2012-11-01 09:59 - 04554240 ___SH () C:\Users\Izilda\Desktop\Thumbs.db
2015-02-02 14:56 - 2012-01-14 22:26 - 00000000 ____D () C:\Users\Izilda\AppData\Local\Microsoft Help
2015-02-02 12:14 - 2013-07-09 21:26 - 00143824 _____ () C:\Users\Izilda\Downloads\OTL.Txt
2015-02-02 11:08 - 2012-04-10 18:29 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\PrimoPDF
2015-02-02 11:01 - 2012-01-14 18:57 - 00000000 ____D () C:\Users\Izilda\AppData\Local\CrashDumps
2015-02-02 10:59 - 2013-10-06 11:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-02 10:49 - 2013-05-25 23:50 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2015-02-02 10:47 - 2013-07-21 00:32 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\uTorrent
2015-02-01 22:46 - 2014-09-02 11:14 - 00000000 ____D () C:\Users\Izilda\Desktop\Green Card
2015-02-01 22:46 - 2012-09-20 01:19 - 00318781 _____ () C:\Users\Izilda\.ranktracker.properties
2015-02-01 22:46 - 2012-01-14 17:23 - 00000000 ____D () C:\Users\Izilda
2015-02-01 22:19 - 2012-09-19 19:15 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\Mozilla
2015-01-31 16:39 - 2012-09-25 13:08 - 00000000 ____D () C:\Users\Izilda\AppData\Roaming\FileZilla
2015-01-31 15:22 - 2012-11-25 14:51 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForIzilda
2015-01-31 15:22 - 2012-11-25 14:51 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForIzilda.job
2015-01-29 11:32 - 2010-11-20 22:47 - 01207300 _____ () C:\Windows\PFRO.log
2015-01-29 11:31 - 2014-06-15 21:59 - 00000000 ____D () C:\AdwCleaner
2015-01-28 18:03 - 2012-01-14 19:57 - 00000000 ____D () C:\Users\Izilda\Documents\Youcam
2015-01-28 17:43 - 2012-12-03 10:26 - 00003220 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForIZILDA-HP$
2015-01-28 17:43 - 2012-12-03 10:26 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForIZILDA-HP$.job
2015-01-28 16:10 - 2013-08-16 14:10 - 00000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-01-28 14:12 - 2012-09-19 23:36 - 00000000 ____D () C:\Users\Izilda\Desktop\Temporario
2015-01-27 15:47 - 2012-09-20 01:19 - 00000000 ____D () C:\Users\Izilda\.ranktracker
2015-01-26 15:20 - 2013-05-27 17:14 - 00001960 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-01-26 15:20 - 2012-09-25 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-26 15:20 - 2012-09-25 13:07 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-25 22:20 - 2012-12-09 14:43 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-25 22:20 - 2012-01-29 12:26 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-23 00:22 - 2012-11-26 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-22 23:27 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 11:16 - 2015-01-03 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-01-17 10:57 - 2013-07-20 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-17 10:35 - 2012-01-29 12:01 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 22:52 - 2013-05-25 23:50 - 00003920 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA
2015-01-16 22:52 - 2013-05-25 23:50 - 00003552 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core
2015-01-12 10:12 - 2012-09-19 00:47 - 00000000 ____D () C:\Users\Izilda\Desktop\Clientes
2015-01-11 21:38 - 2014-06-13 11:23 - 00000018 _____ () C:\Windows\SysWOW64\.lock
2015-01-11 21:38 - 2013-11-05 18:43 - 00000027 _____ () C:\Users\Izilda\.mjsync_pt_BR
2015-01-11 21:38 - 2013-11-05 18:43 - 00000000 ____D () C:\Users\Izilda\MegaJogos
2015-01-11 21:30 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security
2015-01-11 18:34 - 2014-06-16 10:10 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 23:24 - 2012-01-14 17:24 - 00000000 ____D () C:\Users\Izilda\AppData\Local\VirtualStore
 
==================== Files in the root of some directories =======
 
2012-09-21 23:29 - 2013-02-26 23:36 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-09-26 14:32 - 2013-07-11 19:01 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-08-16 14:10 - 2015-01-28 16:10 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-10-15 22:54 - 2013-10-15 22:54 - 0009321 _____ () C:\Users\Izilda\AppData\Roaming\Comma Separated Values (DOS).EML
2013-05-07 22:04 - 2013-05-07 22:04 - 0009327 _____ () C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
2012-12-24 17:41 - 2014-12-03 15:34 - 0009316 _____ () C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
2013-06-19 13:30 - 2013-06-19 13:30 - 0012679 _____ () C:\Users\Izilda\AppData\Roaming\unins000.dat
2013-06-19 13:30 - 2013-06-19 13:30 - 0720594 _____ () C:\Users\Izilda\AppData\Roaming\unins000.exe
2014-12-09 14:29 - 2014-12-09 14:29 - 0017995 _____ () C:\Users\Izilda\AppData\Roaming\unins001.dat
2014-12-09 14:29 - 2014-12-09 14:25 - 0813217 _____ () C:\Users\Izilda\AppData\Roaming\unins001.exe
2014-03-24 11:11 - 2014-03-24 11:11 - 0016594 _____ () C:\Users\Izilda\AppData\Roaming\unins002.dat
2014-03-24 11:11 - 2014-03-24 11:11 - 0718497 _____ () C:\Users\Izilda\AppData\Roaming\unins002.exe
2014-01-02 17:26 - 2014-01-06 21:26 - 0000098 _____ () C:\Users\Izilda\AppData\Roaming\WB.CFG
2014-01-02 17:26 - 2014-01-06 21:26 - 0000005 _____ () C:\Users\Izilda\AppData\Roaming\WBPU-TTL.DAT
2012-09-23 22:32 - 2013-07-13 09:04 - 0001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-08-15 12:33 - 2015-02-02 18:26 - 0001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-01-22 12:10 - 2014-02-05 13:14 - 0004096 ____H () C:\Users\Izilda\AppData\Local\keyfile3.drm
2012-11-12 20:20 - 2012-11-12 20:20 - 0000892 _____ () C:\Users\Izilda\AppData\Local\recently-used.xbel
 
Some content of TEMP:
====================
C:\Users\Izilda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvku59m.dll
C:\Users\Izilda\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Izilda\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Izilda\AppData\Local\Temp\Quarantine.exe
C:\Users\Izilda\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Izilda\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Izilda\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Izilda\AppData\Local\Temp\sqlite3.dll
 
 
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\Drivers\CCSETX64.SYS
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-03 15:04
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Izilda at 2015-02-03 17:50:58
Running from C:\Users\Izilda\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.271 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.1 (HKLM-x32\...\Ashampoo Burning Studio 12_is1) (Version: 12.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 12 v.12.0.3 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.3 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{942836D4-5395-652B-F1E8-A7C5B039910C}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ColorMania 3.2 (HKLM-x32\...\ColorMania_is1) (Version: 3.2 - Blacksun Software)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Files Opened (HKLM-x32\...\Files Opened) (Version: 1.0 - )
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
GBBD Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.7.1.1 - )
Google Apps Migration For Microsoft Outlook® 3.1.21.46 (HKLM-x32\...\{09538C28-E130-4210-A8F3-1D175EE2DDF1}) (Version: 3.1.21.46 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.5.385.1020 (HKLM-x32\...\{CEBBF68C-4C3F-4D9B-8482-428E01064C31}) (Version: 3.5.385.1020 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
IZArc 3.81 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LinkAssistant (HKLM-x32\...\seopowersuite) (Version:  - )
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13291.0 - Linksys LLC)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MegaJogos (HKLM-x32\...\MegaJogos) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo Adicional de Segurança CAIXA (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: Módulo Adicional de Segurança CAIXA - )
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.11.0.1 - )
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\MyFreeCodec) (Version:  - )
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nitro PDF Professional (HKLM\...\{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}) (Version: 6.2.0.44 - Nitro PDF Software)
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
OmniPage SE 2.0 (HKLM-x32\...\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}) (Version: 2.00.0004 - ScanSoft, Inc.)
OpenSubtitlesPlayer V4.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version:  - ALLCinema Ltd.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.5.33 - Intuit)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.02.0 - Ralink)
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.01 - Serpro - Serviço Federal de Processamento de Dados)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
Unity Web Player (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VOIP Recorder (HKLM-x32\...\{68EAD428-8B16-4CE3-832B-6E63B11852C0}) (Version: 1.0.51 - PenBay Networks)
Vono (HKLM-x32\...\.IAP{0000.0000.0005.0001}) (Version: 4.6.0000.0000 - Vono)
Warsaw 1.5.1.8886 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.1.8886 - GAS Tecnologia)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
02-12-2014 06:53:16 Windows Update
05-12-2014 10:45:11 Windows Update
09-12-2014 03:47:24 Windows Update
09-12-2014 13:44:44 Installed Java 7 Update 71
09-12-2014 13:53:28 avast! antivirus system restore point
11-12-2014 09:47:08 Windows Update
12-12-2014 05:35:20 Windows Update
13-12-2014 10:58:05 Windows Update
15-12-2014 13:28:23 OTL Restore Point - Dec/15/2014 1:28:05 PM
19-12-2014 03:00:23 Windows Update
23-12-2014 21:13:10 Windows Update
30-12-2014 10:45:04 Windows Update
03-01-2015 21:12:26 Removed bcWebCam
03-01-2015 21:15:58 Configured YouCam
03-01-2015 22:08:43 Installed TuneUp Utilities 2014
03-01-2015 23:02:42 Windows Live Essentials
03-01-2015 23:03:21 WLSetup
03-01-2015 23:07:28 Removed SpyHunter
03-01-2015 23:29:00 Installed Rapport
06-01-2015 10:44:07 Windows Update
10-01-2015 00:28:06 Windows Update
13-01-2015 11:58:16 Windows Update
16-01-2015 22:52:43 Removed TuneUp Utilities 2014
16-01-2015 22:55:15 Removido TuneUp Utilities 2014 (pt-BR)
17-01-2015 10:33:15 Windows Update
17-01-2015 11:14:34 Installed Rapport
21-01-2015 10:11:52 Windows Update
27-01-2015 15:57:00 Windows Update
31-01-2015 15:24:56 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
31-01-2015 15:29:44 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
31-01-2015 15:35:08 Windows Update
02-02-2015 17:37:12 OTL Restore Point - Feb/2/2015 5:37:00 PM
02-02-2015 22:10:02 OTL Restore Point - Feb/2/2015 10:09:43 PM
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2014-12-15 13:29 - 00000002 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01349F0A-062F-4458-A4D5-C2CD2096CD52} - System32\Tasks\Google Updater and Installer => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {040B6C86-A539-4305-A5B7-2174C585E16E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {05E7E90B-C156-49C2-B80B-5A7B90F6B2D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {09EC1C04-6923-4186-8E0D-CC9C67862FC7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {0EE9EEF0-21B1-45E3-B7CF-F59434679A53} - System32\Tasks\{086040D7-8B51-4901-9C99-9A59D7D1A236} => Firefox.exe http://ui.skype.com/...all?page=tsMain
Task: {0FA63070-F457-43BE-96DA-431EE447DABC} - System32\Tasks\{0070D9F8-F16A-4D47-A1E4-B3B8A3782289} => pcalua.exe -a C:\Users\Izilda\Desktop\clientlauncher.exe -d C:\Users\Izilda\Desktop
Task: {162C6DBE-2A6F-4E34-983E-0228EF8D5CE0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {1C6664DA-D199-4854-A51E-4406C1AE4216} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2C7FFEAB-6D34-456B-BBC7-96D4D89DCE86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-12-16] (Microsoft)
Task: {375C903F-EA55-443B-8DF2-2FF88F2810D0} - System32\Tasks\HPCeeScheduleForIZILDA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {39F4CE9A-491A-456E-81A3-466580B215D4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {45AEADC1-89A7-4CF5-ACE4-B47798D5E072} - System32\Tasks\{C30919E0-0C22-4B0E-9367-3391E85C055D} => pcalua.exe -a "C:\Users\Izilda\Desktop\Applications\Startup Manager\StartupCPL.exe" -d "C:\Users\Izilda\Desktop\Applications\Startup Manager"
Task: {52B00829-D5E0-4CFA-B215-1688F579EAF2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3190529940-644357419-2377663512-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5405D664-CF1F-4CB1-AEC3-ABA939175BDD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3190529940-644357419-2377663512-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5646EDF7-CD9A-429C-B416-447A718EC110} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)
Task: {5684B3C0-FEB8-4281-87D2-178A449359FB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {66CE7213-0233-4D4E-92DF-E7E77451C82D} - System32\Tasks\{D457FF8B-2E17-4E02-A61D-C440F8ED0724} => pcalua.exe -a C:\Users\Izilda\Downloads\iGBPCEFsf.exe -d C:\Users\Izilda\Downloads
Task: {68F197BB-6884-4036-99D3-9243F0151B8C} - System32\Tasks\Programa de atualização online DivX => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {72F3921D-97C4-40B3-818F-D1E2DA7D5CE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {7DCC1C51-AC95-4B84-865F-988D8CCD1020} - System32\Tasks\{38C7633A-7A6A-48B2-8272-F6F123ACB77D} => pcalua.exe -a C:\Users\Izilda\MegaJogos\starter.exe -c -DUNINSTALL_PREMIUM
Task: {84F67FB6-A405-4826-A629-6A61D652B353} - System32\Tasks\{782BA719-1066-4CDA-8026-E83581DB0ED1} => pcalua.exe -a C:\Users\Izilda\Desktop\Applications\Corel\ve5.exe -d C:\Users\Izilda\Desktop\Applications\Corel
Task: {91714A50-1F70-4A57-8597-98231B2A9C68} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A11333F8-35ED-40EE-93E9-F13E4CF02024} - System32\Tasks\{3B50766E-2CFC-4C09-8635-19261323916F} => Chrome.exe http://ui.skype.com/...tall?page=tsWLM
Task: {A36E4DB2-84F2-48BC-A73C-D51DF4508E26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {BDB3F131-E378-40F8-BF88-5ACD639EFBAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BF8C5D9B-B94D-46A9-ABF4-AEEB252A0A40} - System32\Tasks\{E43EE76C-C33C-4C75-9D2A-C1251A9C338B} => pcalua.exe -a "C:\Users\Izilda\Downloads\iGBPCEFsf (3).exe" -d C:\Users\Izilda\Downloads
Task: {CE8569CD-0C75-4E0B-A578-E79F5FABA946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {DFF2FCEB-959A-4625-9501-9A211254B813} - System32\Tasks\HPCeeScheduleForIzilda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {E806086C-1DEF-4DDD-8390-B3F6AADA642F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {F1381182-6AC5-42B0-A18F-01B2ED968691} - System32\Tasks\{0248BFA9-2892-4CB8-AD44-E9ED6C9C984D} => pcalua.exe -a "C:\Users\Izilda\Downloads\iGBPCEFsf (2).exe" -d C:\Users\Izilda\Downloads
Task: {F677F74D-9A50-466C-93BC-71F975AA0061} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F789B73D-3EB7-4E8F-8A8B-7CF00C60DE11} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: {F901E352-4CCA-4A9B-B554-6813BD358146} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)
Task: {FBF6E861-5F14-4BBA-875A-A0EB52FED97A} - System32\Tasks\Regwork => C:\Program Files (x86)\RegWork\RegWork.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIZILDA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIzilda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-04-07 22:20 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2012-04-10 18:28 - 2009-12-20 20:42 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2011-04-02 01:06 - 2011-04-02 01:06 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-12-09 13:59 - 2014-12-09 13:59 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-09 13:59 - 2014-12-09 13:59 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2011-04-08 09:57 - 2011-04-08 09:57 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2011-04-02 01:06 - 2011-04-02 01:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-04 14:25 - 2011-03-04 14:25 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-02 00:57 - 2011-04-02 00:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-08 05:10 - 2014-12-08 05:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-01-12 11:39 - 2011-01-12 11:39 - 00123712 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NPShellExtension64.dll
2014-12-09 13:59 - 2014-12-09 13:59 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-03 15:02 - 2015-02-03 15:02 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020301\algo.dll
2012-11-28 11:13 - 2012-11-28 11:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 11:13 - 2012-11-28 11:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-09 13:59 - 2014-12-09 13:59 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-21 19:22 - 2014-10-21 19:22 - 00750080 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-03 15:05 - 2015-02-03 15:05 - 00043008 _____ () c:\users\izilda\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvku59m.dll
2014-10-21 19:22 - 2014-10-21 19:22 - 00047616 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 19:22 - 2014-10-21 19:22 - 00863744 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 19:22 - 2014-10-21 19:22 - 00200704 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-10-21 19:22 - 2014-10-21 19:22 - 00118784 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\plugins\accessible\qtaccessiblewidgets.dll
2011-04-08 09:57 - 2011-04-08 09:57 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2015-01-16 10:34 - 2015-01-16 10:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 11:41 - 2014-05-24 11:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 11:41 - 2014-05-24 11:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-02-03 09:52 - 2015-01-26 22:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-02-03 09:52 - 2015-01-26 22:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-02-03 09:52 - 2015-01-26 22:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll
2015-02-03 09:52 - 2015-01-26 22:44 - 14913864 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Windows\System32:5B1620CE_Bb.gbp
AlternateDataStreams: C:\Windows\System32:5B1620CE_Uni.gbp
AlternateDataStreams: C:\Users\Izilda\Desktop\2015-01-13 13.59.57.jpg:com.dropbox.attributes
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: googletalk => C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OpwareSE2 => "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3190529940-644357419-2377663512-500 - Administrator - Disabled)
Guest (S-1-5-21-3190529940-644357419-2377663512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3190529940-644357419-2377663512-1003 - Limited - Enabled)
Izilda (S-1-5-21-3190529940-644357419-2377663512-1001 - Administrator - Enabled) => C:\Users\Izilda
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
Error: (05/29/2014 11:31:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 216441 seconds with 10200 seconds of active time.  This session ended with a crash.
 
Error: (01/09/2014 09:02:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 52667 seconds with 5880 seconds of active time.  This session ended with a crash.
 
Error: (07/28/2013 05:29:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30590 seconds with 1500 seconds of active time.  This session ended with a crash.
 
Error: (06/27/2013 00:06:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 65563 seconds with 360 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-30 17:32:16.406
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-30 17:32:16.403
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-30 17:32:16.400
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-25 11:52:48.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-25 11:52:48.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-25 11:52:48.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-15 15:36:40.810
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-15 15:36:40.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-15 15:36:40.778
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-10 23:35:24.408
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-3500M APU with Radeon™ HD Graphics
Percentage of memory in use: 38%
Total physical RAM: 7658.9 MB
Available physical RAM: 4742.21 MB
Total Pagefile: 15315.99 MB
Available Pagefile: 11933.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:578.92 GB) (Free:130.67 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.96 GB) (Free:1.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Setup) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1813033F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=578.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================

  • 0

#9
ruggie_uk
Posted 04 February 2015 - 10:15 AM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Hello from the UK Andre :)
Don't worry about the softphone, it was a bit of a false positive from my end, when I searched the file it came up as something else so it is nothing to worry about.

 

Your computer is actually very clean and not much to be concerned with but the reason I asked about when it all started is there is a banking program that commonly causes issues like you are describing so we really need to remove that for now..I think that is the crux of your problem.

A couple of minor items to clear up in FRST, and after that we will look to see how it is behaving.


Step 1

We need to uninstall some programs.

Open Programs and Features by clicking the Start button, clicking Control Panel, clicking Programs, and then clicking Programs and Features.

Select the following programs from the list below, one at a time and click Uninstall.

  • Trusteer Endpoint Protection

Step 2

frst.png FRST Fix

If FRST.exe/FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.

  • Copy the text in the following box. To do this, highlight everything inside the quote box , right click and click Copy.
     
    start
createrestorepoint:
C:\Windows\SysWOW64\Drivers\CCSETX64.SYS
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
end
  • Open Notepad, right click on an empty space on the page and click paste.
  • Click File, Save As..., navigate to your desktop, name the file fixlist and click save.
  • Right click frst.png and run as administrator. When the tool opens click Yes to the disclaimer.
  • Press the Fix button.
  • It will produce a log called fixlog.txt on your desktop.
  • Please copy and paste the contents of that log back here.

    NOTICE: This script was written specifically for this user, for use on that particular machine, at this point in time. Running this on another machine may cause damage to your operating system.

Items I need to see in your next post:

  • How did the uninstalls go?
  • FRST Fixlog

  • 0

#10
Andre Silva
Posted 04 February 2015 - 11:01 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Hey Ruggie! How are you? Thank you once again for your support!

 

I uninstalled "Trusteer Endpoint Protection" as instructed. Uninstall process was a success. 

 

Here follows the FRST Fixlog. Looking forward to your next contact.

 

Cheers!

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015
Ran by Izilda at 2015-02-04 11:57:23 Run:2
Running from C:\Users\Izilda\Desktop
Loaded Profiles: Izilda (Available profiles: Izilda)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
createrestorepoint:
C:\Windows\SysWOW64\Drivers\CCSETX64.SYS
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
end
*****************
 
Restore point was successfully created.
C:\Windows\SysWOW64\Drivers\CCSETX64.SYS => Moved successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
 
==== End of Fixlog 11:58:01 ====

  • 0

Advertisements

#11
ruggie_uk
Posted 04 February 2015 - 11:51 AM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

That went well :) How is it running now?

adwcleaner.pngAdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

  • Vista/7/8 users: Right click the adwcleaner.pngAdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

    AdwScan.jpg?
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
  • Click the Report button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


  • 0

#12
Andre Silva
Posted 04 February 2015 - 12:10 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Hey Ruggie!

 

Computer is running 95% better already! Thank you!

 

Here is the log as requested. Looking forward to your next reply. :)

 

# AdwCleaner v4.109 - Report created 04/02/2015 at 13:02:55
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Izilda - IZILDA-HP
# Running from : C:\Users\Izilda\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v35.0 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.94
 
[C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [4550 octets] - [15/06/2014 22:00:17]
AdwCleaner[R1].txt - [2142 octets] - [19/12/2014 11:46:45]
AdwCleaner[R2].txt - [2202 octets] - [19/12/2014 12:04:20]
AdwCleaner[R3].txt - [1647 octets] - [11/01/2015 18:00:01]
AdwCleaner[R4].txt - [1705 octets] - [11/01/2015 18:17:05]
AdwCleaner[R5].txt - [1416 octets] - [16/01/2015 19:56:58]
AdwCleaner[R6].txt - [1641 octets] - [29/01/2015 11:10:04]
AdwCleaner[R7].txt - [1500 octets] - [04/02/2015 13:02:55]
AdwCleaner[S0].txt - [4575 octets] - [15/06/2014 22:03:57]
AdwCleaner[S1].txt - [2241 octets] - [19/12/2014 12:09:00]
AdwCleaner[S2].txt - [1776 octets] - [11/01/2015 18:20:58]
AdwCleaner[S3].txt - [1479 octets] - [16/01/2015 20:36:15]
AdwCleaner[S4].txt - [1706 octets] - [29/01/2015 11:31:17]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [1860 octets] ##########

  • 0

#13
ruggie_uk
Posted 04 February 2015 - 01:56 PM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Glad to hear it :)

 

I don't expect the following to find much if anything but it is worth checking just to be safe.

 

 

Step 1
 
adwcleaner.pngRe-run AdwCleaner

Close all open windows and browsers.

  • Right click the adwcleaner.pngAdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Scan button and wait for the scan to complete.
  • When the Scan has finished the Scan button will be grayed out and the Clean button will be activated.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.
  • Once done it will ask to reboot, allow this

    adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

Step 2
 
Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here or Here (or re-run it if you already have it installed)

  • Double Click the downloaded mbam-setup-x.x.x.xxxx.exe to install the application. (x.x.x.xxxx represents the current version number).
  • During installation, make sure uncheck Enable free trial of Malwarebytes Anti-Malware Premium, then click Finish. You can always upgrade later ;) :
    MBAM1_zps65d773c0.png
  • If an update is found, it will download and install the latest updates automatically:
  • Now select the Settings tab, and check the box next to Scan for rootkits and ensure the PUP and PUM options are selected to treat as malware:
    mbam-select.png
  • Go back to the Dashboard tab, and click the Scan Now button:
    mbam-scan.png
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, it will show you the results. (This one is clean):
    MBAM65_zpsb0aa143c.png
  • Make sure that everything is checked, and click Quarantine All (or similar).
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note below) If the log doesn't open, select View detailed log in the Scan tab:
    MBAM7_zps782405f0.png
  • The log is automatically saved by MBAM and can be viewed by going to the History tab and clicking on Application Logs:
    MBAM9_zps1f87702b.png
  • Choose the latest Scan Log, and click on the View button:
    MBAM10_zps5a48f689.png
  • In the bottom of the Scanning History Log window that opens, you can click on Export > Save to Text file (*.txt). Save the report to your Desktop.
    MBAM8_zpsad402941.png
  • Copy & Paste the entire contents of the report log in your next reply.
     

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

*** In your next reply, I need you to Copy&Paste the contents of the MBAM log file.


Then...

Please run a free online scan with the ESET Online Scanner

<< Please disable any existing anti virus product before performing the following. >>

  • Click Run Eset Online Scanner

Runscan.png


Note: You will need to use Internet Explorer or Firefox (You will be prompted to install a helper program if you use firefox)for this scan.
Important: Please disable your existing AV software for the duration of the scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the option Enable detection of potentially unwanted applications is checked
  • Next click on Advanced Settings and select:

eset-selections.png

  • Make sure that the option Remove found threats is NOT checked
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

eset-selections.png

  • Click Start, the virus database will update, this may take a while depending on your internet connection.
  • Once updated, the online scan will begin. (This scan can take several hours, so please be patient)
  • Once the scan is completed, click Finish
  • Use Notepad to open the logfile located at C:\Program Files (x86)\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Items I need to see in your next post:
 

  • ADWcleaner Clean report
  • MBAM Log
  • ESET Log

 

 


  • 0

#14
Andre Silva
Posted 05 February 2015 - 07:43 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts

Hey Ruggie! How are you?

 

My computer seems to be running much better!  The scans were successful and very clean. Here follows the reports.

 

Looking forward to your next contact.

 

Thank you!

 

# AdwCleaner v4.109 - Report created 04/02/2015 at 15:19:10
# Updated 24/01/2015 by Xplode
# Database : 2015-02-04.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Izilda - IZILDA-HP
# Running from : C:\Users\Izilda\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v35.0 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.94
 
[C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [4550 octets] - [15/06/2014 22:00:17]
AdwCleaner[R1].txt - [2142 octets] - [19/12/2014 11:46:45]
AdwCleaner[R2].txt - [2202 octets] - [19/12/2014 12:04:20]
AdwCleaner[R3].txt - [1647 octets] - [11/01/2015 18:00:01]
AdwCleaner[R4].txt - [1705 octets] - [11/01/2015 18:17:05]
AdwCleaner[R5].txt - [1416 octets] - [16/01/2015 19:56:58]
AdwCleaner[R6].txt - [1641 octets] - [29/01/2015 11:10:04]
AdwCleaner[R7].txt - [1940 octets] - [04/02/2015 13:02:55]
AdwCleaner[R8].txt - [2000 octets] - [04/02/2015 15:16:12]
AdwCleaner[S0].txt - [4575 octets] - [15/06/2014 22:03:57]
AdwCleaner[S1].txt - [2241 octets] - [19/12/2014 12:09:00]
AdwCleaner[S2].txt - [1776 octets] - [11/01/2015 18:20:58]
AdwCleaner[S3].txt - [1479 octets] - [16/01/2015 20:36:15]
AdwCleaner[S4].txt - [1706 octets] - [29/01/2015 11:31:17]
AdwCleaner[S5].txt - [1927 octets] - [04/02/2015 15:19:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1987 octets] ##########
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: Feb/4/2015
Scan Time: 5:44:27 PM
Logfile: mbam_04_02.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.04.12
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Izilda
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373692
Time Elapsed: 1 hr, 13 min, 54 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=986e32fec4377848ba96608dc837440e
# engine=21626
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-19 11:20:03
# local_time=2014-12-19 06:20:03 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 0 182483293 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 170531453 0 0
# scanned=326170
# found=22
# cleaned=21
# scan_time=20083
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
sh=B12113A02C445EAE309899AF6AE176C99B3DA047 ft=1 fh=620b97ac298a71f9 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=D3FA9C431C9324572A3D9DCA336E5CF094C2740C ft=1 fh=d21d3e61d6d23db5 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=C93101196362D5A20270E709D077FD7A0CE04122 ft=1 fh=3dbde72c87295f06 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=DB05A8DF8D7F88C675BB3DC7CE3E3E11B1AD70F5 ft=1 fh=b2a611f984e48149 vn="a variant of Win32/HackTool.Patcher.AD potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe"
sh=686FFA84B518F63667B17939C4F8B475226C06C6 ft=1 fh=ef34117524fb94cb vn="a variant of Win32/CNETInstaller.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\cbsidlm-cbsi176-Quick_Media_Converter_HD-ORG-10787822.exe"
sh=46E3A0AF091D7B8F1040ED31BAF5468C931387E5 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.Themida potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Ebook (1).zip"
sh=FFA44725419851C948784C5A20310FF3E8E76C48 ft=1 fh=98bf80917212d5f0 vn="a variant of Win32/Maxiget.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\SaveAs.exe"
sh=FD36D8CB741325ADE0CA2D40A0833C565718FA6C ft=1 fh=7ef4a03c64850da1 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Shockwave_Installer_Slim(1).exe"
sh=92954631593601B05113FE3D613A780FC6298D32 ft=1 fh=10ab960a29e52180 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Shockwave_Installer_Slim(2).exe"
sh=F56F2945D570EF3FDC8B12D4FB2E0FD855397A2C ft=1 fh=67469725cf43ed38 vn="a variant of Win32/Verti.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Xvid.exe"
sh=DB05A8DF8D7F88C675BB3DC7CE3E3E11B1AD70F5 ft=1 fh=b2a611f984e48149 vn="a variant of Win32/HackTool.Patcher.AD potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Adobe Photoshop CS6 13.0 Final  Multilanguage (patch-PainteR) [ChingLiu]\patch - PainteR\adobe.photoshop.cs6-patch.exe"
sh=3088A5C3CFED7A2D1959311E8735D90CD1A59117 ft=1 fh=52b1bbca2e556353 vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Ashampoo Burning Studio 12 v12.0.1 with Key [h33t][iahq76]\ashampoo_burning_studio_12_e12.0.1_sm.exe"
sh=03790069BB7FD280FD94D4B9F0ACFCE4E6265089 ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.BK potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Nitro PDF Professional 6.2.0.44 [32+64]\Nitro PDF Professional 6.2.0.44x64.rar"
sh=224DCD2ACCB93F243F46E30995EED842CBCA1A4F ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.BK potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Izilda\Downloads\Nitro PDF Professional 6.2.0.44 [32+64]\Nitro PDF Professional 6.2.0.44x86.rar"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=FB3DB64FE5B1737631A1622DFE01E23454493D35 ft=1 fh=edd90b7995bff2d1 vn="a variant of Win32/Conduit.SearchProtect.I potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06152014_215357\C_Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe"
sh=C36499D6B2D13D522943B9063F2CF4D533D34612 ft=1 fh=19ba1bde06f4ac49 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06152014_215357\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe"
sh=8CB73EA7E7861C82FCADE45716F17827A6FC7465 ft=1 fh=968339a6e38b2293 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06152014_215357\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll"
sh=155D8F97DB6349095401EBB216078E03F2DA87CF ft=1 fh=b427abc37d4a808a vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06152014_215357\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"
sh=7626AF887406B0E24FE649576F1BDC38F729E5AC ft=1 fh=dd81f74f0256d2f5 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06152014_215357\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll"
sh=38839E1008FA6F5D3F866446FB22B1254941F688 ft=1 fh=7631fade43dc5a10 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\06152014_215357\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=986e32fec4377848ba96608dc837440e
# engine=22314
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-02-05 06:50:46
# local_time=2015-02-05 01:50:46 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 0 186614336 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 174662496 0 0
# scanned=313259
# found=0
# cleaned=0
# scan_time=22189
 

  • 0

#15
ruggie_uk
Posted 05 February 2015 - 07:45 AM

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

 
Good news, it looks like your system is now clean. A good workman cleans up after himself so let's now attend to that :D

Tool Removal

We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Activate UAC
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix-select.png
  • Click Run
  • The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

    We need to uninstall a program
    Open Programs and Features by clicking the Start button, clicking Control Panel, clicking Programs, and then clicking Programs and Features.
    Select the following programs from the list below, one at a time and click Uninstall.
    • ESET Online Scanner
    Delete the following Files and Folders (If Present):
    C:\Program Files (x86)\ESET
    Delete any other .bat, .log, .reg, .txt, and any other files created during this process, and left on the desktop and empty the Recycle Bin.



    Keep your machine updated

    Due to the ever-present tide of malware, it is important to ensure your computer is kept up-to-date to minimize the risk of future infection. An important step is to ensure that automatic updates are enabled.


    To enable automatic updates:

    Windows 7
    To turn on Automatic Updates yourself, follow these steps:
    • Click Start, type Windows update in the search box, and then click Windows Update in the Programs list.
    • In the left pane, click Change settings.
    • Select the option that you want.
    • Under Recommended updates, select the Give me recommended updates the same way I receive important updates or Include recommended updates when downloading, installing, or notifying me about updates check box, and then click OK.
    It is recommended to install an anti-malware to help prevent reinfection.
    Below are some free ones that can help keep you clean.

    Malwarebytes AntiMalware

    As you have installed Malwarebytes, I recommend that you keep this program and use it to help you stay clean.

    The free version will scan your computer and fix the problems it finds but will not provide real-time protection. You must scan regularly to find any threats.
    Consider purchasing the full version for active monitoring of threats.

    JAVA Advice
    WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
    See this article and this article.
    I would recommend that you completely uninstall Java unless you need it to run an important software or need it to play games on-line.
    In that instance I would recommend that you only use Firefox or Chrome to visit those sites and do the following:
    • For Firefox, install the NoScript add-on.
    • For Chrome, install the ScriptSafe add-on.
      -->IMPORTANT<--: After installing the add-ons you will need to tell them that the site you are visiting is allowed to run Javascript. If you don't, the sites won't work properly. Or not at all. You can go to the NoScript home page here to learn how to use the add-on.
    • Disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser or How to unplug Java from the browser)
    If you still want to update your Java, follow the instructions below:

    A.
    Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older versions of Java components and update:
    • Download the latest version of the Java Runtime Environment (JRE) Version from Here and save it to your desktop.
    • Look for "Java Platform, Standard Edition". You will see the current Java version and update number under listed under the heading. Example: The newest update is Java SE 8u25
    • Click the "Download button under "JRE".
    • On the Java SE Runtime Environment page, click the button to "Accept License Agreement".
    • Under the Java SE Runtime Environment 8u25 heading:
      To install the version for your system:
      • For Windows 64bit systems, look for Windows x64 - 88.37MB, click the jre-8u25-windows-64.exe file and save it to your desktop. Do Not run it from the Java site.
    • Close any programs you may have running - especially your web browser.
    B.
    Uninstall all versions of Java
    • Click Start > Control Panel > Add/Remove Programs. The list of installed programs will populate.
    • Click the Start Orb, then Control Panel. Under the Programs or Programs and Features section click Uninstall a program. The list of installed programs will populate.
    • Remove all older versions of Java. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE or J2SE
      The versions I see on the computer are:
      • Java 7 Update
      • Java 8 (64-bit)
      • Java SE Development Kit 8
    • Right click each program and click Uninstall and follow the on screen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java version.
    • Reboot your computer once all Java components are removed.
    C.
    Install the latest JAVA

    Back on your desktop:
    • Right click the  jre-8u25-windows-x64.exe file, click Run as Administrator and OK the UAC prompt to install the newest version.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    [Note:] The Java Quick Starter (JQS.exe) adds a service to improve the initial start up time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > You will have to be in Classic View to see Java(It looks like a coffee cup). Double-click on Java click the Advanced Tab click Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.


    Update Adobe Flash Player

    NOTE: Depending on your settings, you may have to temporarily disable your antivirus software and firewall.
    • Please click here to go to the FlashPlayer Installation page.
    • In the first column, Adobe Flash Player, make sure the system version (64bit) and the browser are correct.
      • Note: If you use IE and other browsers you will need to install both Flash Player for IE and Flash Player for Other Browsers.
    • In the middle column, Optional offer:, UNCHECK the box next to Yes, install free McAfee Security Scan Plus
    • Click the Install now button. A download window for the install_flashplayer15x64_mssd_aaa_aih.exe file will open. Save it to the desktop.
    • Close the browser and all open windows.
    • Back on the desktop, right click the install_flashplayer15x64_mssd_aaa_aih.exe file and click Run as Administrator to install Flash Player.
    Cryptolocker Warning
    Go here for information about CryptoLocker Ransomeware.
    The main thing with this infection is ~ Backup.
    If you're using an external hard drive, keep it unplugged from the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever do come across it.

    Recommended Programs
    Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed.
    [url=https://www.foolishi.../cryptoprevent/

is a free program that prevents CryptoLocker / ransomware from infecting your PC by locking down the OS so the malware can not get a grip on your system.
Web Of Trust is a browser add-on designed to alert the user before interacting with a potentially malicious website. It will highlight green if a site is known to be safe.

Adblock is a firefox browser add-on that blocks annoying banners, pop-ups and video ads.

General Advice

  • When browsing the internet, look closely at the links you click on. Some aren't always what they seem
  • Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
  • Don't open email attachments unless you are expecting them. Even an email from your best friend can be infected, they might not have sent it.
  • Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: browsing, attaching files, uploading, copy and paste

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP