Hello all,
I've tried to fix my parents PC but with no success so now I need a help from the experts.
I've read the FRST tutorial and I'll past the output of the scan:
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Candeias (administrator) on FAMILIA on 18-05-2015 12:11:19
Running from C:\Users\Candeias\Downloads
Loaded Profiles: Candeias (Available profiles: Candeias)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Drobo, Inc.) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Data Robotics, Inc.) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(InstallShield®) C:\Program Files (x86)\InstallShield\isupdate.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Enigma Software Group USA, LLC.) C:\Users\Candeias\AppData\Local\Temp\esg_uninstall.exe~
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Candeias\Downloads\AdwCleaner.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [IME14 CHT Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 JPN Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 KOR Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 CHS Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-01-13] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2011-09-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [IME14 CHT Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IME14 JPN Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IME14 KOR Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHS Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-16] (Sony Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [DDAssist] => C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe [370536 2012-01-18] (Drobo, Inc.)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [uTorrent] => C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-11] (BitTorrent Inc.)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [Spotify Web Helper] => C:\Users\Candeias\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-27] (Spotify Ltd)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-28] (SUPERAntiSpyware)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [Spotify] => C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-27] (Spotify Ltd)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> none
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTNext Legacy.lnk [2012-06-11]
ShortcutTarget: BTNext Legacy.lnk -> C:\Program Files (x86)\BTNext Legacy\BTNext.exe ()
Startup: C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Photosmart 5520 series.lnk [2014-10-12]
ShortcutTarget: Monitorar alertas de tinta - HP Photosmart 5520 series.lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent.lnk [2012-06-10]
ShortcutTarget: µTorrent.lnk -> C:\Program Files (x86)\uTorrent\uTorrent.exe (No File)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy Restriction on ProxySettings)
ProxyEnable: [HKLM] => ProxyEnable is set.
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default\user.js [2014-11-22]
FF Extension: Corretor para Português de Portugal - C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default\Extensions\
[email protected] [2015-04-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-25]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.pt/
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=110823&tt=3612_4&babsrc=HP_ss&mntrId=5a27fd28000000000000c86000ea6c47", "hxxp://www.delta-search.com/?affID=119527&babsrc=HP_ss&mntrId=5A27C86000EA6C47", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404551912&from=ild&uid=ST31000524AS_6VPJR8X1XXXX6VPJR8X1"
CHR Plugin: (Shockwave Flash) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll No File
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\pdf.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll No File
CHR Profile: C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-10]
CHR Extension: (Quick Login for Google Accounts) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbgngpehipfmfmpjmhonhacgbkjpdidp [2012-06-10]
CHR Extension: (Google Search) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-10]
CHR Extension: (History Eraser) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2012-06-10]
CHR Extension: (Bookmark Manager) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]
CHR Extension: (Skype Click to Call) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-22]
CHR Extension: (Awesome New Tab Page) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2012-06-10]
CHR Extension: (Google Mail Checker) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-19]
CHR Extension: (Google Wallet) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-10]
CHR Extension: (Browser QuickLinks) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2012-06-10]
CHR HKLM-x32\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Candeias\AppData\Roaming\StatusWinks\statuswinks.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-18] (SUPERAntiSpyware.com)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DDService; C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe [1259376 2012-01-18] (Data Robotics, Inc.)
R2 ImeDictUpdateService; C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [83312 2010-10-20] (Microsoft Corporation)
R2 isupdate.exe; C:\Program Files (x86)\InstallShield\isupdate.exe [43008 2015-01-21] (InstallShield®) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-16] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-21] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14646560 2011-12-15] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel® Corporation) [File not signed]
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-18 12:11 - 2015-05-18 12:11 - 00029967 _____ () C:\Users\Candeias\Downloads\FRST.txt
2015-05-18 12:11 - 2015-05-18 12:11 - 00000000 ____D () C:\AdwCleaner
2015-05-18 12:08 - 2015-05-18 12:11 - 00000000 ____D () C:\FRST
2015-05-18 12:07 - 2015-05-18 12:07 - 02209792 _____ () C:\Users\Candeias\Downloads\AdwCleaner.exe
2015-05-18 12:07 - 2015-05-18 12:07 - 02107392 _____ (Farbar) C:\Users\Candeias\Downloads\FRST64.exe
2015-05-17 16:49 - 2015-05-17 16:49 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-17 16:49 - 2015-05-17 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-17 16:49 - 2015-05-17 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-17 16:32 - 2015-05-17 16:32 - 14243008 _____ (Microsoft Corporation) C:\Users\Candeias\Desktop\mseinstall.exe
2015-05-17 16:31 - 2015-05-18 11:34 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-17 16:31 - 2015-05-17 16:31 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-17 16:31 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-17 16:31 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-17 16:31 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-17 16:29 - 2015-05-17 16:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Candeias\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-17 16:01 - 2015-05-17 16:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-17 16:01 - 2015-05-17 16:01 - 00001051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-17 16:01 - 2015-05-17 16:01 - 00001039 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-17 16:00 - 2015-05-17 16:00 - 07971304 _____ (TeamViewer GmbH) C:\Users\Candeias\Desktop\TeamViewer_Setup_pt-jdh.exe
2015-05-17 15:23 - 2015-05-18 11:45 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\Enigma Software Group
2015-05-17 15:23 - 2015-05-17 15:23 - 00000000 _____ () C:\autoexec.bat
2015-05-17 15:22 - 2015-05-17 15:22 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Candeias\Desktop\SpyHunter-Installer.exe
2015-05-17 15:22 - 2015-05-17 15:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-14 11:13 - 2015-05-01 14:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 11:13 - 2015-05-01 14:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 17:31 - 2015-05-05 02:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 17:31 - 2015-05-05 02:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 17:31 - 2015-04-22 03:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 17:31 - 2015-04-22 02:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 17:31 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 17:31 - 2015-04-21 18:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 17:31 - 2015-04-21 18:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 17:31 - 2015-04-21 17:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 17:31 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 17:31 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 17:31 - 2015-04-21 17:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 17:31 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 17:31 - 2015-04-21 17:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 17:31 - 2015-04-21 17:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 17:31 - 2015-04-21 17:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 17:31 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 17:31 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 17:31 - 2015-04-21 17:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 17:31 - 2015-04-21 17:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 17:31 - 2015-04-21 17:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 17:31 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 17:31 - 2015-04-21 17:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 17:31 - 2015-04-21 17:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 17:31 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 17:31 - 2015-04-21 17:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 17:31 - 2015-04-21 17:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 17:31 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 17:31 - 2015-04-21 17:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 17:31 - 2015-04-21 17:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 17:31 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 17:31 - 2015-04-21 17:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 17:31 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 17:31 - 2015-04-21 17:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 17:31 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 17:31 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 17:31 - 2015-04-21 17:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 17:31 - 2015-04-21 17:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 17:31 - 2015-04-21 17:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 17:31 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 17:31 - 2015-04-21 16:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 17:31 - 2015-04-21 16:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 17:31 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 17:31 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 17:31 - 2015-04-21 16:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 17:31 - 2015-04-21 16:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 17:31 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 17:31 - 2015-04-21 16:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 17:31 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 17:31 - 2015-04-21 16:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 17:31 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 17:31 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 17:31 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 17:31 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 17:31 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 17:31 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 17:31 - 2015-04-21 16:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 17:31 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 17:31 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 17:31 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 17:31 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 17:31 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 17:31 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 17:31 - 2015-04-18 04:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 17:31 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 17:31 - 2015-04-04 04:29 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-13 17:31 - 2015-04-04 04:29 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-13 17:31 - 2015-04-04 04:22 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-13 17:31 - 2015-04-04 04:20 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-13 17:31 - 2015-04-04 04:20 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-13 17:31 - 2015-04-04 04:17 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-13 17:31 - 2015-04-04 04:17 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-13 17:31 - 2015-04-04 04:15 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-13 17:31 - 2015-04-04 04:04 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-13 17:31 - 2015-04-04 04:04 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-13 17:31 - 2015-04-04 04:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-13 17:31 - 2015-04-04 04:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-13 17:31 - 2015-04-04 03:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-13 17:30 - 2015-04-20 04:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 17:30 - 2015-04-20 04:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 17:30 - 2015-04-20 03:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 17:30 - 2015-04-20 03:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 17:30 - 2015-04-13 04:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 17:30 - 2015-04-08 04:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 17:30 - 2015-04-08 04:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 17:30 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-13 17:30 - 2015-02-18 08:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-04-25 12:36 - 2015-04-25 12:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-18 12:05 - 2012-06-10 12:54 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\uTorrent
2015-05-18 11:54 - 2013-03-30 21:40 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 11:43 - 2012-06-15 10:33 - 00001008 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 11:43 - 2012-06-10 17:31 - 00000000 ____D () C:\windows\AutoKMS
2015-05-18 11:35 - 2012-06-09 15:02 - 01313852 _____ () C:\windows\WindowsUpdate.log
2015-05-18 11:15 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-18 11:15 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-18 10:10 - 2014-01-26 13:22 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\Spotify
2015-05-18 09:56 - 2014-01-26 13:22 - 00000000 ____D () C:\Users\Candeias\AppData\Local\Spotify
2015-05-18 09:56 - 2012-06-15 10:33 - 00001004 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-18 09:55 - 2013-05-13 19:46 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2015-05-18 09:54 - 2014-04-10 19:58 - 00039964 _____ () C:\windows\setupact.log
2015-05-18 09:54 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-17 17:00 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\tracing
2015-05-17 16:57 - 2012-02-22 03:38 - 00001653 _____ () C:\windows\system32\ServiceFilter.ini
2015-05-17 16:57 - 2009-07-14 05:45 - 00410512 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-17 16:56 - 2014-04-15 18:58 - 00706064 _____ () C:\windows\PFRO.log
2015-05-17 16:50 - 2012-06-10 12:47 - 00001912 _____ () C:\windows\epplauncher.mif
2015-05-17 16:50 - 2012-06-09 18:19 - 00109616 _____ () C:\Users\Candeias\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-17 16:48 - 2014-08-09 21:08 - 00000000 ____D () C:\ProgramData\Systweak
2015-05-17 16:48 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\systweak
2015-05-17 16:48 - 2014-02-02 09:31 - 00000000 ____D () C:\Users\Candeias\AppData\Local\genienext
2015-05-17 16:48 - 2013-03-31 09:29 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\DSite
2015-05-17 15:13 - 2014-07-05 12:02 - 00002300 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-17 13:41 - 2012-02-22 03:38 - 00000000 ____D () C:\windows\pss
2015-05-17 10:38 - 2012-12-05 21:18 - 00002088 ____H () C:\Users\Candeias\Searches\Videos\Documents\Default.rdp
2015-05-16 18:38 - 2012-06-15 10:33 - 00004004 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 18:38 - 2012-06-15 10:33 - 00003752 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:29 - 2012-06-10 09:17 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\vlc
2015-05-16 12:59 - 2014-09-19 17:08 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-05-16 12:59 - 2012-02-22 03:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-16 12:28 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-05-16 12:00 - 2015-02-01 19:05 - 00000468 _____ () C:\windows\Tasks\InstallShield Update Task.job
2015-05-15 18:49 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-05-14 17:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-05-14 12:26 - 2014-04-12 21:21 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-05-14 12:11 - 2014-08-21 21:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 12:11 - 2014-08-21 21:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 12:07 - 2012-06-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 12:04 - 2015-04-13 17:50 - 01691300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-14 12:04 - 2011-12-28 02:08 - 00730206 _____ () C:\windows\system32\prfh0816.dat
2015-05-14 12:04 - 2011-12-28 02:08 - 00155528 _____ () C:\windows\system32\prfc0816.dat
2015-05-14 11:42 - 2013-08-15 03:02 - 00000000 ____D () C:\windows\system32\MRT
2015-05-14 11:28 - 2012-06-10 13:02 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-14 11:13 - 2014-08-21 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-09 12:40 - 2013-11-04 20:10 - 00002172 _____ () C:\Users\Candeias\Desktop\Pickme.txt
2015-05-03 23:58 - 2012-06-11 09:14 - 00000000 ____D () C:\Program Files (x86)\BTNext Legacy
2015-04-27 17:21 - 2012-06-14 00:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 14:57 - 2012-06-10 16:23 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\Skype
2015-04-21 16:30 - 2012-06-10 16:18 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 13:09 - 2012-06-09 15:06 - 00000000 ____D () C:\Users\Candeias
==================== Files in the root of some directories =======
2014-07-05 15:38 - 2014-08-07 11:25 - 0000000 _____ () C:\Users\Candeias\AppData\Roaming\bitlord_log.txt
2014-08-07 11:29 - 2014-08-07 11:29 - 0000218 _____ () C:\Users\Candeias\AppData\Local\recently-used.xbel
2012-07-08 09:25 - 2013-04-28 10:34 - 0007600 _____ () C:\Users\Candeias\AppData\Local\Resmon.ResmonCfg
2014-10-12 18:38 - 2014-10-12 18:38 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\Candeias\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Candeias\AppData\Local\Temp\ose00000.exe
C:\Users\Candeias\AppData\Local\Temp\Quarantine.exe
C:\Users\Candeias\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-14 00:22
==================== End Of Log ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Candeias at 2015-05-18 12:12:03
Running from C:\Users\Candeias\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1700775888-2337107692-2886028352-500 - Administrator - Disabled)
Candeias (S-1-5-21-1700775888-2337107692-2886028352-1000 - Administrator - Enabled) => C:\Users\Candeias
Convidado (S-1-5-21-1700775888-2337107692-2886028352-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.07 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
Amazon Kindle (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Amazon Kindle) (Version: - Amazon)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Aoao Video to GIF Converter (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\AoaoVideotoGIF) (Version: - AoaoPhoto Digital Studio. All Rights Reserved.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.27 - ASUSTeK Computer Inc)
ASUS Instant On (HKLM-x32\...\{CCC4652E-F5E0-498A-84F3-5DDBEF84642B}) (Version: 1.01.08 - ASUSTeK Computer Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.104.216 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.628 - ASUSTEK)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: - Online Media Technologies Ltd.)
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Editor 5 (HKLM-x32\...\AVS Video Editor_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
BTNext Legacy (HKLM-x32\...\BTNext Legacy) (Version: - )
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
Collectorz.com Book Collector (HKLM-x32\...\Collectorz.com Book Collector) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Drobo Dashboard (HKLM-x32\...\{333B10B5-5DD1-44C0-891C-9738FDE14CC2}) (Version: 2.1.2 - Drobo)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 2.0.0 - ASUS)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Free DVD Video Converter version 2.0.21.806 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.21.806 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Ajuda (HKLM-x32\...\{675D209A-B21E-4652-880E-1B6887F15AB4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Estudo de aprimoramento de produtos (HKLM\...\{2EEB99E5-ACC7-470F-BE46-E2C65C1E6B7F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Software básico do dispositivo (HKLM\...\{193E1D6C-1B30-43E7-BB74-20DE53C7FA90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Ajuda (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
Image Resizer for Windows (64 bit) (Version: 3.0.4442.6002 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}) (Version: 3.0.4442.6002 - Brice Lambson)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java SE Development Kit 6 Update 26 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Kyodai Mahjongg 2006 v1.0 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Malwarebytes Anti-Malware versão 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile PTG Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile PTG Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended PTG Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended PTG Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office XP SBS Files (HKLM-x32\...\Microsoft Office XP SBS Files) (Version: - )
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{33e79337-ebf8-4822-9e72-4131a234630d}) (Version: - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.3 - )
NVIDIA Controlador gráfico 280.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 280.35 - NVIDIA Corporation)
Pacote de controladores do Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Pacote de controladores do Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Pacote de controladores do Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden
popular dictionary update for CHS IME (HKLM\...\{073F3E96-CA36-45DC-9AC1-3F85B222C824}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{0E00B7B5-F34B-441F-AC3D-1440BBE47320}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{114F9E4F-EFEA-4A9A-933B-B0E63AFB7244}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{23ED47CE-A835-4A48-AB3B-FC1B83EDA637}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{28F78513-1796-4C2C-9EA1-7266D1AE0DF9}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{2BE644E4-4611-4ED1-ABEF-89DF933BDD0C}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{6556579E-FBE4-4174-BAAB-BA7FBAA32897}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{9177D231-B7C6-4EF8-86FB-9AB03CA90E0B}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{A4CBE7A5-5AE6-446F-904E-E5AD772475AE}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{C29E5F83-A164-4FE1-8986-C897E713F9BA}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{CF88F1C2-8185-4B67-86B4-93AAB5DE993B}) (Version: 1.0.0 - Microsoft)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Relatório Único 2011 (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Relatório Único 2011) (Version: - GEP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-004B-0000-1000-0000000FF1CE}_Office14.PROOFKIT_{F2D64AA9-2EE6-423B-AD9E-B0780FA11F0A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Spotify (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Suporte para Aplicações Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nome da empresa:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UnLock Root 2.42 (HKLM-x32\...\UnLock Root) (Version: 2.42 - Unlcokroot)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Candeias\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Candeias\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
03-05-2015 02:24:55 Windows Update
03-05-2015 09:43:12 Windows Update
07-05-2015 12:18:54 Windows Update
10-05-2015 09:43:29 Windows Update
13-05-2015 17:51:26 Windows Update
14-05-2015 11:13:23 Instalador de Módulos do Windows
14-05-2015 11:14:26 Instalador de Módulos do Windows
14-05-2015 11:15:58 Instalador de Módulos do Windows
17-05-2015 00:57:38 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AAF42B8-3EAD-42BF-A7DB-E09B4A040DDD} - System32\Tasks\DSite => C:\Users\Candeias\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {2C024122-3E8F-4DEF-A99C-53EC9A3ADACF} - System32\Tasks\{A0C1C15F-A6C9-476D-A6FF-EAFD98E602A0} => Chrome.exe
Task: {2C756289-850F-45DD-BB05-C302B644B055} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {30047149-E3EA-4433-8175-C57B0867B017} - System32\Tasks\InstallShield Update Task => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\InstallShield\isupdate.ini"
Task: {3B785A7E-F837-4F83-8FB7-9346EC06D3E1} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {3D9BD851-DDD2-4FE4-BA06-3891575BCF5A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {53C572C9-00F2-4258-9D4E-5FA3BEF09653} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {742795C9-E2E6-4EE9-922E-050DE9B4F7AE} - System32\Tasks\ASUS\Asus HybridSleep Helper => C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe [2011-12-29] (ASUSTeK Computer Inc.)
Task: {7C3B54B6-7477-412A-A11D-F5CFCA4713FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)
Task: {9E697812-6B07-489D-A826-EB2C7597451F} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {A0CCE8B2-6E41-4D53-81C4-A9855BF0BEFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)
Task: {A459EC4B-1022-4BF1-9D43-15D543A92DD2} - System32\Tasks\ASUS\ASUS Dr.Net Execute => C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe [2012-07-06] (ASUSTeK Computer Inc.)
Task: {BE63E322-E321-4823-899C-4CD89359B63E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C3A9EF16-F889-4404-8523-FE4B8C575C54} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F9784DD7-F738-47FA-96D3-2F2B6D5674A0} - \ASP No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\InstallShield Update Task.job => Wscript.exe M/nologo /E:jscript /B C:\Program Files (x86)\InstallShield\isupdate.ini
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-12 21:18 - 2012-06-01 18:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-05-18 12:07 - 2015-05-18 12:07 - 02209792 _____ () C:\Users\Candeias\Downloads\AdwCleaner.exe
2012-02-22 03:39 - 2010-04-23 12:23 - 00011264 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\Images\AsMultiLang.dll
2012-02-22 03:39 - 2011-06-13 18:53 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\MSPowerLib.dll
2014-11-12 21:18 - 2015-05-18 09:54 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-11-12 21:18 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 40518200 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 01365560 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\libglesv2.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 00219192 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\libegl.dll
2015-03-05 17:14 - 2015-03-20 14:18 - 09305656 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\pdf.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 00990776 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\ffmpegsumo.dll
2012-02-22 03:33 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
AlternateDataStreams: C:\ProgramData\TEMP:5C6EBC69
AlternateDataStreams: C:\ProgramData\TEMP:78E0DF72
AlternateDataStreams: C:\ProgramData\TEMP:7C60A173
AlternateDataStreams: C:\ProgramData\TEMP:D48500F8
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S
MSCONFIG\startupreg: bitlord.exe => "C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe" -t
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\windows\SysWOW64\rundll32.exe "C:\Users\Candeias\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Candeias\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: Torntv Downloader => C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe /c=startup
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{06340847-3FAE-4E1F-9288-2EBDC53FE589}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{40665720-87C2-469C-A4B1-F416AD13F6F6}] => (Allow) LPort=2869
FirewallRules: [{FFE7D682-1DB6-4286-A03E-5E10BBDC36CF}] => (Allow) LPort=1900
FirewallRules: [{45A37296-FA8F-4917-B9B1-8F732F300A54}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4F0307A9-ACFE-450E-90B6-A6E4866DC4D2}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{EB6B9638-6C31-4B5B-8B0A-53E8AE1925ED}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{185AAF2D-96BC-4E06-B267-E482E9398BB4}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{0BF166F6-287F-4628-BBCA-2AC8DD37EF7B}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{89A35CB5-C42C-45BE-BA7B-F095D722D480}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{18AFA1CC-53C1-4EA0-A1A3-42D5FA50D44F}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{D4E62F7F-6D48-433B-ABEA-741E987961C9}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{66C0CB79-CF7C-42F7-890A-D658ACCA651A}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{856AAE1D-306E-4151-9385-46E8DD000327}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{24496EF2-1AC3-48DE-B931-C5FFDFE1D2DC}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{F39D5F68-E433-4398-B3EB-41778E6BAAD0}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{73BD0D51-9D71-4053-9F5C-C85D3655DCA3}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0D5A3F03-E75C-4E8E-8F6B-55688C669A48}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{CE910760-4C28-42CB-8774-AAEACC1205F3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{88D8F5A4-FBFE-45D8-A9EB-F9CF2BC73A86}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{A9E060D6-1792-43C7-AB8B-FF5D02168B82}C:\program files (x86)\btnext legacy\btnext.exe] => (Allow) C:\program files (x86)\btnext legacy\btnext.exe
FirewallRules: [UDP Query User{98365492-1623-4F20-8F5C-1F42E4ED080B}C:\program files (x86)\btnext legacy\btnext.exe] => (Allow) C:\program files (x86)\btnext legacy\btnext.exe
FirewallRules: [{CBB84155-0DDB-4053-B5A7-0FB0203678F9}] => (Allow) J:\@Dirceu\SOFTWARE\PDF Creator and Converter\pdf_converter.exe
FirewallRules: [{863BB317-F3D3-4CB4-84AE-2540C641BED2}] => (Allow) J:\@Dirceu\SOFTWARE\PDF Creator and Converter\pdf_converter.exe
FirewallRules: [{FD3EF3EC-21FF-43E6-BB94-B5BF8AF7EB91}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{D838CD0E-AC0D-4C40-8279-6C27CA57B1CF}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [UDP Query User{DD85C25D-DEE3-465E-A6A1-C1997408F68D}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{9D4A613C-C81F-423B-807D-E169DDCAF3BE}] => (Allow) G:\SOFTWARE\Adobe Digital Editions 2.0\AdobeDigitalEditions_SoftangoDownloader.exe
FirewallRules: [{43CA8850-305C-490E-890A-0A3FF2AD28E9}] => (Allow) G:\SOFTWARE\Adobe Digital Editions 2.0\AdobeDigitalEditions_SoftangoDownloader.exe
FirewallRules: [{4FE2444B-8E17-4997-8190-8CAA55320A27}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{636DE710-8818-4C94-97EA-36441297924B}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B0AF4FBC-D748-4AC0-A6C6-246293D44206}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4F55A59F-C392-4241-823D-20708F0826C9}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{810A1A88-0721-46EB-B5C0-E7FBF467C4E9}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B84D17C7-CEC1-4546-9083-45DEAF804108}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0269FB51-752B-4374-BFBD-D304992EA75E}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{00B0038F-899F-407A-ACDD-5FB9570EB0EA}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [{14E45AE3-5AA9-44E9-AD6B-8E75257F5D25}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{024453E7-3C5B-4AF7-AD96-FD23583183B1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{67BAA637-FD7D-4E94-9945-98903784FBF9}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
FirewallRules: [UDP Query User{6BCAB76B-49A6-4878-A793-9478B0412F8B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
FirewallRules: [{C938351F-4781-4A93-8359-79BDB03C3E5C}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3274198A-32DA-41FE-9BEC-4F08A9C1591D}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5ADD9B07-F2EA-4E61-91E6-3957FB7CB65D}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [UDP Query User{ADB6C5ED-9135-42AB-BDFB-2B5036E60E4B}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{51E17D1B-6A67-4CED-93E7-66CAE1B297BD}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{2B7E6FE3-FDD9-4482-9E11-7892794B59E7}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9300C991-AED2-4F27-A4FC-0E551554E510}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{851554E2-A12B-4BD0-8D80-CD0A088C031B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{C3649EB1-9F44-414B-B092-FB1823D6234D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{2D3248FF-5A47-4322-93C5-AA502776A293}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8DF34DEC-D9CF-4B1D-A339-7D3A46B093B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D0748A7-2308-4A4F-8443-8DC6EBDF0A49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7A50D7E5-C6DF-45ED-BBB4-19B3489533F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9A0E5FD6-BB39-41AE-B612-F73C86C52FC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/18/2015 09:56:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 04:58:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 02:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: Explorer.EXE, versão: 6.1.7601.17567, carimbo de data/hora: 0x4d672ee4
Nome do módulo com falha: EXPLORERFRAME.dll, versão: 6.1.7601.17514, carimbo de data/hora: 0x4ce7c6a8
Código de excepção: 0xc0000005
Desvio de falha: 0x00000000000411ce
ID do processo com falha: 0x694
Data/hora de início da aplicação com falha: 0xExplorer.EXE0
Caminho da aplicação com falha: Explorer.EXE1
Caminho do módulo com falha: Explorer.EXE2
ID do Relatório: Explorer.EXE3
Error: (05/17/2015 01:42:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 00:42:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 10:42:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 00:32:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha ao gerar o contexto de activação para "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Não foi possível localizar a Assemblagem Dependente Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.
Error: (05/16/2015 01:53:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha ao gerar o contexto de activação para "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Não foi possível localizar a Assemblagem Dependente Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.
Error: (05/16/2015 11:34:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/16/2015 10:25:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/18/2015 11:25:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro:
%%1070
Error: (05/18/2015 11:25:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
Error: (05/18/2015 11:23:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro:
%%1070
Error: (05/18/2015 11:23:23 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
Error: (05/18/2015 11:21:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro:
%%1070
Error: (05/18/2015 11:21:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
Error: (05/18/2015 11:19:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro:
%%1070
Error: (05/18/2015 11:19:43 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
Error: (05/18/2015 11:17:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro:
%%1070
Error: (05/18/2015 11:17:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
Microsoft Office Sessions:
=========================
Error: (05/18/2015 09:56:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 04:58:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 02:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4EXPLORERFRAME.dll6.1.7601.175144ce7c6a8c000000500000000000411ce69401d0909ebc3b1105C:\windows\Explorer.EXEC:\windows\system32\EXPLORERFRAME.dll24623283-fc9b-11e4-99ad-c86000ea6c47
Error: (05/17/2015 01:42:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 00:42:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 10:42:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/17/2015 00:32:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
Error: (05/16/2015 01:53:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
Error: (05/16/2015 11:34:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/16/2015 10:25:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-06-13 14:11:29.256
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-06-13 14:11:29.241
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-06-13 14:11:29.226
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-06-13 14:11:29.210
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 48%
Total physical RAM: 6099.61 MB
Available physical RAM: 3144.33 MB
Total Pagefile: 12197.4 MB
Available Pagefile: 7125.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (WIN7) (Fixed) (Total:372.6 GB) (Free:291.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:540.23 GB) (Free:50.77 GB) NTFS
Drive j: (Familia) (Fixed) (Total:2048 GB) (Free:1889.19 GB) NTFS
Drive l: (Dirceu) (Fixed) (Total:2048 GB) (Free:1549.55 GB) NTFS
Drive m: (Cid) (Fixed) (Total:2048 GB) (Free:66.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56920702)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=18.6 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=372.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=540.2 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 2048 GB) (Disk ID: 19204680)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 2048 GB) (Disk ID: 778B9EA0)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 2048 GB) (Disk ID: 778B9EA1)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
==================== End Of Log ============================