Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Proxy forced to 127.0.0.1 [Closed]


  • This topic is locked This topic is locked

#1
dirio

dirio

    New Member

  • Member
  • Pip
  • 2 posts

Hello all,

 

I've tried to fix my parents PC but with no success so now I need a help from the experts.

 

I've read the FRST tutorial and I'll past the output of the scan:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02

Ran by Candeias (administrator) on FAMILIA on 18-05-2015 12:11:19
Running from C:\Users\Candeias\Downloads
Loaded Profiles: Candeias (Available profiles: Candeias)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Drobo, Inc.) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Data Robotics, Inc.) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(InstallShield®) C:\Program Files (x86)\InstallShield\isupdate.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Spotify Ltd) C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Enigma Software Group USA, LLC.) C:\Users\Candeias\AppData\Local\Temp\esg_uninstall.exe~
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Candeias\Downloads\AdwCleaner.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [IME14 CHT Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 JPN Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 KOR Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 CHS Setup] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-01-13] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2011-09-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [IME14 CHT Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IME14 JPN Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IME14 KOR Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHS Setup] => C:\Program Files (x86)\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-16] (Sony Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [DDAssist] => C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe [370536 2012-01-18] (Drobo, Inc.)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [uTorrent] => C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-11] (BitTorrent Inc.)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [Spotify Web Helper] => C:\Users\Candeias\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-27] (Spotify Ltd)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-28] (SUPERAntiSpyware)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [Spotify] => C:\Users\Candeias\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-27] (Spotify Ltd)
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> none
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTNext Legacy.lnk [2012-06-11]
ShortcutTarget: BTNext Legacy.lnk -> C:\Program Files (x86)\BTNext Legacy\BTNext.exe ()
Startup: C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Photosmart 5520 series.lnk [2014-10-12]
ShortcutTarget: Monitorar alertas de tinta - HP Photosmart 5520 series.lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent.lnk [2012-06-10]
ShortcutTarget: µTorrent.lnk -> C:\Program Files (x86)\uTorrent\uTorrent.exe (No File)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy Restriction on ProxySettings)
ProxyEnable: [HKLM] => ProxyEnable is set.
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000 -> {4F13F6AE-668C-47DD-BC99-6590C3A4073F} URL = http://websearch.ask...AC-EB120EE60420
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default\user.js [2014-11-22]
FF Extension: Corretor para Português de Portugal - C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default\Extensions\[email protected] [2015-04-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-25]
StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.pt/
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=110823&tt=3612_4&babsrc=HP_ss&mntrId=5a27fd28000000000000c86000ea6c47", "hxxp://www.delta-search.com/?affID=119527&babsrc=HP_ss&mntrId=5A27C86000EA6C47", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404551912&from=ild&uid=ST31000524AS_6VPJR8X1XXXX6VPJR8X1"
CHR Plugin: (Shockwave Flash) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll No File
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\pdf.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll No File
CHR Profile: C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-10]
CHR Extension: (Quick Login for Google Accounts) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbgngpehipfmfmpjmhonhacgbkjpdidp [2012-06-10]
CHR Extension: (Google Search) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-10]
CHR Extension: (History Eraser) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2012-06-10]
CHR Extension: (Bookmark Manager) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]
CHR Extension: (Skype Click to Call) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-22]
CHR Extension: (Awesome New Tab Page) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2012-06-10]
CHR Extension: (Google Mail Checker) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-19]
CHR Extension: (Google Wallet) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-10]
CHR Extension: (Browser QuickLinks) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\Default\Extensions\plpjogfhobhpdcmcblieglnoooccfcmm [2012-06-10]
CHR HKLM-x32\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\Candeias\AppData\Roaming\StatusWinks\statuswinks.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-18] (SUPERAntiSpyware.com)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DDService; C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe [1259376 2012-01-18] (Data Robotics, Inc.)
R2 ImeDictUpdateService; C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [83312 2010-10-20] (Microsoft Corporation)
R2 isupdate.exe; C:\Program Files (x86)\InstallShield\isupdate.exe [43008 2015-01-21] (InstallShield®) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-16] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-21] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14646560 2011-12-15] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel® Corporation) [File not signed]
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-18 12:11 - 2015-05-18 12:11 - 00029967 _____ () C:\Users\Candeias\Downloads\FRST.txt
2015-05-18 12:11 - 2015-05-18 12:11 - 00000000 ____D () C:\AdwCleaner
2015-05-18 12:08 - 2015-05-18 12:11 - 00000000 ____D () C:\FRST
2015-05-18 12:07 - 2015-05-18 12:07 - 02209792 _____ () C:\Users\Candeias\Downloads\AdwCleaner.exe
2015-05-18 12:07 - 2015-05-18 12:07 - 02107392 _____ (Farbar) C:\Users\Candeias\Downloads\FRST64.exe
2015-05-17 16:49 - 2015-05-17 16:49 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-17 16:49 - 2015-05-17 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-17 16:49 - 2015-05-17 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-17 16:32 - 2015-05-17 16:32 - 14243008 _____ (Microsoft Corporation) C:\Users\Candeias\Desktop\mseinstall.exe
2015-05-17 16:31 - 2015-05-18 11:34 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-17 16:31 - 2015-05-17 16:31 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-17 16:31 - 2015-05-17 16:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-17 16:31 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-17 16:31 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-17 16:31 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-17 16:29 - 2015-05-17 16:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Candeias\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-17 16:01 - 2015-05-17 16:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-17 16:01 - 2015-05-17 16:01 - 00001051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-17 16:01 - 2015-05-17 16:01 - 00001039 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-17 16:00 - 2015-05-17 16:00 - 07971304 _____ (TeamViewer GmbH) C:\Users\Candeias\Desktop\TeamViewer_Setup_pt-jdh.exe
2015-05-17 15:23 - 2015-05-18 11:45 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\Enigma Software Group
2015-05-17 15:23 - 2015-05-17 15:23 - 00000000 _____ () C:\autoexec.bat
2015-05-17 15:22 - 2015-05-17 15:22 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Candeias\Desktop\SpyHunter-Installer.exe
2015-05-17 15:22 - 2015-05-17 15:22 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-14 11:13 - 2015-05-01 14:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 11:13 - 2015-05-01 14:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 17:31 - 2015-05-05 02:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 17:31 - 2015-05-05 02:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 17:31 - 2015-04-22 03:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 17:31 - 2015-04-22 02:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 17:31 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 17:31 - 2015-04-21 18:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 17:31 - 2015-04-21 18:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 17:31 - 2015-04-21 17:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 17:31 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 17:31 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 17:31 - 2015-04-21 17:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 17:31 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 17:31 - 2015-04-21 17:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 17:31 - 2015-04-21 17:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 17:31 - 2015-04-21 17:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 17:31 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 17:31 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 17:31 - 2015-04-21 17:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 17:31 - 2015-04-21 17:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 17:31 - 2015-04-21 17:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 17:31 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 17:31 - 2015-04-21 17:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 17:31 - 2015-04-21 17:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 17:31 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 17:31 - 2015-04-21 17:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 17:31 - 2015-04-21 17:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 17:31 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 17:31 - 2015-04-21 17:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 17:31 - 2015-04-21 17:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 17:31 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 17:31 - 2015-04-21 17:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 17:31 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 17:31 - 2015-04-21 17:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 17:31 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 17:31 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 17:31 - 2015-04-21 17:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 17:31 - 2015-04-21 17:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 17:31 - 2015-04-21 17:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 17:31 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 17:31 - 2015-04-21 16:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 17:31 - 2015-04-21 16:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 17:31 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 17:31 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 17:31 - 2015-04-21 16:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 17:31 - 2015-04-21 16:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 17:31 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 17:31 - 2015-04-21 16:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 17:31 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 17:31 - 2015-04-21 16:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 17:31 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 17:31 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 17:31 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 17:31 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 17:31 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 17:31 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 17:31 - 2015-04-21 16:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 17:31 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 17:31 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 17:31 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 17:31 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 17:31 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 17:31 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 17:31 - 2015-04-18 04:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 17:31 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 17:31 - 2015-04-04 04:29 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-13 17:31 - 2015-04-04 04:29 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-13 17:31 - 2015-04-04 04:22 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-13 17:31 - 2015-04-04 04:22 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-13 17:31 - 2015-04-04 04:20 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-13 17:31 - 2015-04-04 04:20 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-13 17:31 - 2015-04-04 04:17 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-13 17:31 - 2015-04-04 04:17 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-13 17:31 - 2015-04-04 04:15 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-13 17:31 - 2015-04-04 04:05 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-13 17:31 - 2015-04-04 04:04 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-13 17:31 - 2015-04-04 04:04 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-13 17:31 - 2015-04-04 04:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-13 17:31 - 2015-04-04 04:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-13 17:31 - 2015-04-04 03:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-13 17:30 - 2015-04-20 04:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 17:30 - 2015-04-20 04:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 17:30 - 2015-04-20 03:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 17:30 - 2015-04-20 03:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 17:30 - 2015-04-13 04:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 17:30 - 2015-04-08 04:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 17:30 - 2015-04-08 04:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 17:30 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-13 17:30 - 2015-02-18 08:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-04-25 12:36 - 2015-04-25 12:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-18 12:05 - 2012-06-10 12:54 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\uTorrent
2015-05-18 11:54 - 2013-03-30 21:40 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 11:43 - 2012-06-15 10:33 - 00001008 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 11:43 - 2012-06-10 17:31 - 00000000 ____D () C:\windows\AutoKMS
2015-05-18 11:35 - 2012-06-09 15:02 - 01313852 _____ () C:\windows\WindowsUpdate.log
2015-05-18 11:15 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-18 11:15 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-18 10:10 - 2014-01-26 13:22 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\Spotify
2015-05-18 09:56 - 2014-01-26 13:22 - 00000000 ____D () C:\Users\Candeias\AppData\Local\Spotify
2015-05-18 09:56 - 2012-06-15 10:33 - 00001004 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-18 09:55 - 2013-05-13 19:46 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2015-05-18 09:54 - 2014-04-10 19:58 - 00039964 _____ () C:\windows\setupact.log
2015-05-18 09:54 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-17 17:00 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\tracing
2015-05-17 16:57 - 2012-02-22 03:38 - 00001653 _____ () C:\windows\system32\ServiceFilter.ini
2015-05-17 16:57 - 2009-07-14 05:45 - 00410512 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-17 16:56 - 2014-04-15 18:58 - 00706064 _____ () C:\windows\PFRO.log
2015-05-17 16:50 - 2012-06-10 12:47 - 00001912 _____ () C:\windows\epplauncher.mif
2015-05-17 16:50 - 2012-06-09 18:19 - 00109616 _____ () C:\Users\Candeias\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-17 16:48 - 2014-08-09 21:08 - 00000000 ____D () C:\ProgramData\Systweak
2015-05-17 16:48 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\systweak
2015-05-17 16:48 - 2014-02-02 09:31 - 00000000 ____D () C:\Users\Candeias\AppData\Local\genienext
2015-05-17 16:48 - 2013-03-31 09:29 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\DSite
2015-05-17 15:13 - 2014-07-05 12:02 - 00002300 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-17 13:41 - 2012-02-22 03:38 - 00000000 ____D () C:\windows\pss
2015-05-17 10:38 - 2012-12-05 21:18 - 00002088 ____H () C:\Users\Candeias\Searches\Videos\Documents\Default.rdp
2015-05-16 18:38 - 2012-06-15 10:33 - 00004004 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 18:38 - 2012-06-15 10:33 - 00003752 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:29 - 2012-06-10 09:17 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\vlc
2015-05-16 12:59 - 2014-09-19 17:08 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-05-16 12:59 - 2012-02-22 03:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-16 12:28 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-05-16 12:00 - 2015-02-01 19:05 - 00000468 _____ () C:\windows\Tasks\InstallShield Update Task.job
2015-05-15 18:49 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-05-14 17:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-05-14 12:26 - 2014-04-12 21:21 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-05-14 12:11 - 2014-08-21 21:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 12:11 - 2014-08-21 21:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 12:07 - 2012-06-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 12:04 - 2015-04-13 17:50 - 01691300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-14 12:04 - 2011-12-28 02:08 - 00730206 _____ () C:\windows\system32\prfh0816.dat
2015-05-14 12:04 - 2011-12-28 02:08 - 00155528 _____ () C:\windows\system32\prfc0816.dat
2015-05-14 11:42 - 2013-08-15 03:02 - 00000000 ____D () C:\windows\system32\MRT
2015-05-14 11:28 - 2012-06-10 13:02 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-14 11:13 - 2014-08-21 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-09 12:40 - 2013-11-04 20:10 - 00002172 _____ () C:\Users\Candeias\Desktop\Pickme.txt
2015-05-03 23:58 - 2012-06-11 09:14 - 00000000 ____D () C:\Program Files (x86)\BTNext Legacy
2015-04-27 17:21 - 2012-06-14 00:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 14:57 - 2012-06-10 16:23 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\Skype
2015-04-21 16:30 - 2012-06-10 16:18 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 13:09 - 2012-06-09 15:06 - 00000000 ____D () C:\Users\Candeias
 
==================== Files in the root of some directories =======
 
2014-07-05 15:38 - 2014-08-07 11:25 - 0000000 _____ () C:\Users\Candeias\AppData\Roaming\bitlord_log.txt
2014-08-07 11:29 - 2014-08-07 11:29 - 0000218 _____ () C:\Users\Candeias\AppData\Local\recently-used.xbel
2012-07-08 09:25 - 2013-04-28 10:34 - 0007600 _____ () C:\Users\Candeias\AppData\Local\Resmon.ResmonCfg
2014-10-12 18:38 - 2014-10-12 18:38 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some content of TEMP:
====================
C:\Users\Candeias\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Candeias\AppData\Local\Temp\ose00000.exe
C:\Users\Candeias\AppData\Local\Temp\Quarantine.exe
C:\Users\Candeias\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 00:22
 
==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Candeias at 2015-05-18 12:12:03
Running from C:\Users\Candeias\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrador (S-1-5-21-1700775888-2337107692-2886028352-500 - Administrator - Disabled)
Candeias (S-1-5-21-1700775888-2337107692-2886028352-1000 - Administrator - Enabled) => C:\Users\Candeias
Convidado (S-1-5-21-1700775888-2337107692-2886028352-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.07 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
Amazon Kindle (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Amazon Kindle) (Version:  - Amazon)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Aoao Video to GIF Converter (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\AoaoVideotoGIF) (Version:  - AoaoPhoto Digital Studio. All Rights Reserved.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.27 - ASUSTeK Computer Inc)
ASUS Instant On (HKLM-x32\...\{CCC4652E-F5E0-498A-84F3-5DDBEF84642B}) (Version: 1.01.08 - ASUSTeK Computer Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.104.216 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.628 - ASUSTEK)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version:  - Online Media Technologies Ltd.)
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Editor 5 (HKLM-x32\...\AVS Video Editor_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
BTNext Legacy (HKLM-x32\...\BTNext Legacy) (Version:  - )
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Collectorz.com Book Collector (HKLM-x32\...\Collectorz.com Book Collector) (Version:  - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Drobo Dashboard (HKLM-x32\...\{333B10B5-5DD1-44C0-891C-9738FDE14CC2}) (Version: 2.1.2 - Drobo)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 2.0.0 - ASUS)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Free DVD Video Converter version 2.0.21.806 (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.21.806 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Ajuda (HKLM-x32\...\{675D209A-B21E-4652-880E-1B6887F15AB4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Estudo de aprimoramento de produtos (HKLM\...\{2EEB99E5-ACC7-470F-BE46-E2C65C1E6B7F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Software básico do dispositivo (HKLM\...\{193E1D6C-1B30-43E7-BB74-20DE53C7FA90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Ajuda (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
Image Resizer for Windows (64 bit) (Version: 3.0.4442.6002 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}) (Version: 3.0.4442.6002 - Brice Lambson)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java™ SE Development Kit 6 Update 26 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Kyodai Mahjongg 2006 v1.0 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
Malwarebytes Anti-Malware versão 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile PTG Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile PTG Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended PTG Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended PTG Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office XP SBS Files (HKLM-x32\...\Microsoft Office XP SBS Files) (Version:  - )
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{33e79337-ebf8-4822-9e72-4131a234630d}) (Version:  - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.3 - )
NVIDIA Controlador gráfico 280.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 280.35 - NVIDIA Corporation)
Pacote de controladores do Windows - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Pacote de controladores do Windows - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Pacote de controladores do Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden
popular dictionary update for CHS IME (HKLM\...\{073F3E96-CA36-45DC-9AC1-3F85B222C824}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{0E00B7B5-F34B-441F-AC3D-1440BBE47320}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{114F9E4F-EFEA-4A9A-933B-B0E63AFB7244}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{23ED47CE-A835-4A48-AB3B-FC1B83EDA637}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{28F78513-1796-4C2C-9EA1-7266D1AE0DF9}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{2BE644E4-4611-4ED1-ABEF-89DF933BDD0C}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{6556579E-FBE4-4174-BAAB-BA7FBAA32897}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{9177D231-B7C6-4EF8-86FB-9AB03CA90E0B}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{A4CBE7A5-5AE6-446F-904E-E5AD772475AE}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{C29E5F83-A164-4FE1-8986-C897E713F9BA}) (Version: 1.0.0 - Microsoft)
popular dictionary update for CHS IME (HKLM\...\{CF88F1C2-8185-4B67-86B4-93AAB5DE993B}) (Version: 1.0.0 - Microsoft)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Relatório Único 2011 (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Relatório Único 2011) (Version:  - GEP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-004B-0000-1000-0000000FF1CE}_Office14.PROOFKIT_{F2D64AA9-2EE6-423B-AD9E-B0780FA11F0A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Spotify (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Suporte para Aplicações Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nome da empresa:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UnLock Root 2.42 (HKLM-x32\...\UnLock Root) (Version: 2.42 - Unlcokroot)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Candeias\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Candeias\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
03-05-2015 02:24:55 Windows Update
03-05-2015 09:43:12 Windows Update
07-05-2015 12:18:54 Windows Update
10-05-2015 09:43:29 Windows Update
13-05-2015 17:51:26 Windows Update
14-05-2015 11:13:23 Instalador de Módulos do Windows
14-05-2015 11:14:26 Instalador de Módulos do Windows
14-05-2015 11:15:58 Instalador de Módulos do Windows
17-05-2015 00:57:38 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0AAF42B8-3EAD-42BF-A7DB-E09B4A040DDD} - System32\Tasks\DSite => C:\Users\Candeias\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {2C024122-3E8F-4DEF-A99C-53EC9A3ADACF} - System32\Tasks\{A0C1C15F-A6C9-476D-A6FF-EAFD98E602A0} => Chrome.exe 
Task: {2C756289-850F-45DD-BB05-C302B644B055} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {30047149-E3EA-4433-8175-C57B0867B017} - System32\Tasks\InstallShield Update Task => Wscript.exe //nologo //E:jscript //B "C:\Program Files (x86)\InstallShield\isupdate.ini"
Task: {37D0B466-48F5-4D4B-A737-A48E011CDB7A} - System32\Tasks\{F7DFB59F-D377-464B-94E1-9A984CB4AF72} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: {3B785A7E-F837-4F83-8FB7-9346EC06D3E1} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {3D9BD851-DDD2-4FE4-BA06-3891575BCF5A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {53C572C9-00F2-4258-9D4E-5FA3BEF09653} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {742795C9-E2E6-4EE9-922E-050DE9B4F7AE} - System32\Tasks\ASUS\Asus HybridSleep Helper => C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe [2011-12-29] (ASUSTeK Computer Inc.)
Task: {7C3B54B6-7477-412A-A11D-F5CFCA4713FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)
Task: {9E697812-6B07-489D-A826-EB2C7597451F} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {A0CCE8B2-6E41-4D53-81C4-A9855BF0BEFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)
Task: {A459EC4B-1022-4BF1-9D43-15D543A92DD2} - System32\Tasks\ASUS\ASUS Dr.Net Execute => C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe [2012-07-06] (ASUSTeK Computer Inc.)
Task: {BE63E322-E321-4823-899C-4CD89359B63E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C3A9EF16-F889-4404-8523-FE4B8C575C54} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D2ABD0A5-0A01-4B0B-8BE7-27CED691F612} - System32\Tasks\{F6F166F1-E176-4B4F-85B8-09DF7AB1B63B} => Chrome.exe http://ui.skype.com/...all?page=tsBing
Task: {F9784DD7-F738-47FA-96D3-2F2B6D5674A0} - \ASP No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\InstallShield Update Task.job => Wscript.exe M/nologo /E:jscript /B C:\Program Files (x86)\InstallShield\isupdate.ini
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-12 21:18 - 2012-06-01 18:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-05-18 12:07 - 2015-05-18 12:07 - 02209792 _____ () C:\Users\Candeias\Downloads\AdwCleaner.exe
2012-02-22 03:39 - 2010-04-23 12:23 - 00011264 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\Images\AsMultiLang.dll
2012-02-22 03:39 - 2011-06-13 18:53 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\MSPowerLib.dll
2014-11-12 21:18 - 2015-05-18 09:54 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-11-12 21:18 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 40518200 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 01365560 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\libglesv2.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 00219192 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\libegl.dll
2015-03-05 17:14 - 2015-03-20 14:18 - 09305656 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\pdf.dll
2015-03-05 17:14 - 2015-04-27 17:23 - 00990776 _____ () C:\Users\Candeias\AppData\Roaming\Spotify\ffmpegsumo.dll
2012-02-22 03:33 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
AlternateDataStreams: C:\ProgramData\TEMP:5C6EBC69
AlternateDataStreams: C:\ProgramData\TEMP:78E0DF72
AlternateDataStreams: C:\ProgramData\TEMP:7C60A173
AlternateDataStreams: C:\ProgramData\TEMP:D48500F8
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1700775888-2337107692-2886028352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Candeias\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S
MSCONFIG\startupreg: bitlord.exe => "C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe" -t
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\windows\SysWOW64\rundll32.exe "C:\Users\Candeias\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Candeias\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: Torntv Downloader => C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe /c=startup
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{06340847-3FAE-4E1F-9288-2EBDC53FE589}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{40665720-87C2-469C-A4B1-F416AD13F6F6}] => (Allow) LPort=2869
FirewallRules: [{FFE7D682-1DB6-4286-A03E-5E10BBDC36CF}] => (Allow) LPort=1900
FirewallRules: [{45A37296-FA8F-4917-B9B1-8F732F300A54}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4F0307A9-ACFE-450E-90B6-A6E4866DC4D2}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{EB6B9638-6C31-4B5B-8B0A-53E8AE1925ED}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{185AAF2D-96BC-4E06-B267-E482E9398BB4}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{0BF166F6-287F-4628-BBCA-2AC8DD37EF7B}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{89A35CB5-C42C-45BE-BA7B-F095D722D480}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{18AFA1CC-53C1-4EA0-A1A3-42D5FA50D44F}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
FirewallRules: [{D4E62F7F-6D48-433B-ABEA-741E987961C9}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{66C0CB79-CF7C-42F7-890A-D658ACCA651A}] => (Allow) C:\Program Files (x86)\Drobo\Drobo Dashboard\Drobo Dashboard.exe
FirewallRules: [{856AAE1D-306E-4151-9385-46E8DD000327}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{24496EF2-1AC3-48DE-B931-C5FFDFE1D2DC}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{F39D5F68-E433-4398-B3EB-41778E6BAAD0}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{73BD0D51-9D71-4053-9F5C-C85D3655DCA3}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0D5A3F03-E75C-4E8E-8F6B-55688C669A48}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{CE910760-4C28-42CB-8774-AAEACC1205F3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{88D8F5A4-FBFE-45D8-A9EB-F9CF2BC73A86}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{A9E060D6-1792-43C7-AB8B-FF5D02168B82}C:\program files (x86)\btnext legacy\btnext.exe] => (Allow) C:\program files (x86)\btnext legacy\btnext.exe
FirewallRules: [UDP Query User{98365492-1623-4F20-8F5C-1F42E4ED080B}C:\program files (x86)\btnext legacy\btnext.exe] => (Allow) C:\program files (x86)\btnext legacy\btnext.exe
FirewallRules: [{CBB84155-0DDB-4053-B5A7-0FB0203678F9}] => (Allow) J:\@Dirceu\SOFTWARE\PDF Creator and Converter\pdf_converter.exe
FirewallRules: [{863BB317-F3D3-4CB4-84AE-2540C641BED2}] => (Allow) J:\@Dirceu\SOFTWARE\PDF Creator and Converter\pdf_converter.exe
FirewallRules: [{FD3EF3EC-21FF-43E6-BB94-B5BF8AF7EB91}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{D838CD0E-AC0D-4C40-8279-6C27CA57B1CF}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [UDP Query User{DD85C25D-DEE3-465E-A6A1-C1997408F68D}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{9D4A613C-C81F-423B-807D-E169DDCAF3BE}] => (Allow) G:\SOFTWARE\Adobe Digital Editions 2.0\AdobeDigitalEditions_SoftangoDownloader.exe
FirewallRules: [{43CA8850-305C-490E-890A-0A3FF2AD28E9}] => (Allow) G:\SOFTWARE\Adobe Digital Editions 2.0\AdobeDigitalEditions_SoftangoDownloader.exe
FirewallRules: [{4FE2444B-8E17-4997-8190-8CAA55320A27}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{636DE710-8818-4C94-97EA-36441297924B}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B0AF4FBC-D748-4AC0-A6C6-246293D44206}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4F55A59F-C392-4241-823D-20708F0826C9}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{810A1A88-0721-46EB-B5C0-E7FBF467C4E9}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B84D17C7-CEC1-4546-9083-45DEAF804108}C:\users\candeias\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\candeias\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0269FB51-752B-4374-BFBD-D304992EA75E}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{00B0038F-899F-407A-ACDD-5FB9570EB0EA}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [{14E45AE3-5AA9-44E9-AD6B-8E75257F5D25}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{024453E7-3C5B-4AF7-AD96-FD23583183B1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{67BAA637-FD7D-4E94-9945-98903784FBF9}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
FirewallRules: [UDP Query User{6BCAB76B-49A6-4878-A793-9478B0412F8B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
FirewallRules: [{C938351F-4781-4A93-8359-79BDB03C3E5C}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3274198A-32DA-41FE-9BEC-4F08A9C1591D}] => (Allow) C:\Users\Candeias\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5ADD9B07-F2EA-4E61-91E6-3957FB7CB65D}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [UDP Query User{ADB6C5ED-9135-42AB-BDFB-2B5036E60E4B}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{51E17D1B-6A67-4CED-93E7-66CAE1B297BD}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{2B7E6FE3-FDD9-4482-9E11-7892794B59E7}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9300C991-AED2-4F27-A4FC-0E551554E510}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{851554E2-A12B-4BD0-8D80-CD0A088C031B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{C3649EB1-9F44-414B-B092-FB1823D6234D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{2D3248FF-5A47-4322-93C5-AA502776A293}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8DF34DEC-D9CF-4B1D-A339-7D3A46B093B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D0748A7-2308-4A4F-8443-8DC6EBDF0A49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7A50D7E5-C6DF-45ED-BBB4-19B3489533F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9A0E5FD6-BB39-41AE-B612-F73C86C52FC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/18/2015 09:56:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 04:58:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 02:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome da aplicação com falha: Explorer.EXE, versão: 6.1.7601.17567, carimbo de data/hora: 0x4d672ee4
Nome do módulo com falha: EXPLORERFRAME.dll, versão: 6.1.7601.17514, carimbo de data/hora: 0x4ce7c6a8
Código de excepção: 0xc0000005
Desvio de falha: 0x00000000000411ce
ID do processo com falha: 0x694
Data/hora de início da aplicação com falha: 0xExplorer.EXE0
Caminho da aplicação com falha: Explorer.EXE1
Caminho do módulo com falha: Explorer.EXE2
ID do Relatório: Explorer.EXE3
 
Error: (05/17/2015 01:42:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 00:42:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 10:42:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 00:32:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha ao gerar o contexto de activação para "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Não foi possível localizar a Assemblagem Dependente Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.
 
Error: (05/16/2015 01:53:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha ao gerar o contexto de activação para "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Não foi possível localizar a Assemblagem Dependente Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Utilize sxstrace.exe para obter um diagnóstico detalhado.
 
Error: (05/16/2015 11:34:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/16/2015 10:25:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/18/2015 11:25:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro: 
%%1070
 
Error: (05/18/2015 11:25:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
 
Error: (05/18/2015 11:23:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro: 
%%1070
 
Error: (05/18/2015 11:23:23 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
 
Error: (05/18/2015 11:21:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro: 
%%1070
 
Error: (05/18/2015 11:21:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
 
Error: (05/18/2015 11:19:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro: 
%%1070
 
Error: (05/18/2015 11:19:43 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
 
Error: (05/18/2015 11:17:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: O serviço Browser de computador depende do serviço Servidor o qual falhou o arranque devido ao seguinte erro: 
%%1070
 
Error: (05/18/2015 11:17:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: O serviço Servidor desligou-se ao iniciar.
 
 
Microsoft Office Sessions:
=========================
Error: (05/18/2015 09:56:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 04:58:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 02:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4EXPLORERFRAME.dll6.1.7601.175144ce7c6a8c000000500000000000411ce69401d0909ebc3b1105C:\windows\Explorer.EXEC:\windows\system32\EXPLORERFRAME.dll24623283-fc9b-11e4-99ad-c86000ea6c47
 
Error: (05/17/2015 01:42:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 00:42:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 10:42:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/17/2015 00:32:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
 
Error: (05/16/2015 01:53:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll
 
Error: (05/16/2015 11:34:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/16/2015 10:25:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-06-13 14:11:29.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-06-13 14:11:29.241
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-06-13 14:11:29.226
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-06-13 14:11:29.210
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 48%
Total physical RAM: 6099.61 MB
Available physical RAM: 3144.33 MB
Total Pagefile: 12197.4 MB
Available Pagefile: 7125.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (WIN7) (Fixed) (Total:372.6 GB) (Free:291.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:540.23 GB) (Free:50.77 GB) NTFS
Drive j: (Familia) (Fixed) (Total:2048 GB) (Free:1889.19 GB) NTFS
Drive l: (Dirceu) (Fixed) (Total:2048 GB) (Free:1549.55 GB) NTFS
Drive m: (Cid) (Fixed) (Total:2048 GB) (Free:66.58 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56920702)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=18.6 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=372.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=540.2 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (Size: 2048 GB) (Disk ID: 19204680)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
 
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 2048 GB) (Disk ID: 778B9EA0)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
 
========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 2048 GB) (Disk ID: 778B9EA1)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

Attached Files


  • 0

Advertisements


#2
dirio

dirio

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Hello all and thanks in advance,

 

just some more info. what happens is that proxy use is forced, can't disable it and its configured to point to 127.0.0.1 for http and https.


  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, let me know if this cures the proxy problem

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Policy Restriction on ProxySettings)
ProxyEnable: [HKLM] => ProxyEnable is set.
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
SearchScopes: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
FF user.js: detected! => C:\Users\Candeias\AppData\Roaming\Mozilla\Firefox\Profiles\pb60iger.default\user.js [2014-11-22]
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=110823&tt=3612_4&babsrc=HP_ss&mntrId=5a27fd28000000000000c86000ea6c47", "hxxp://www.delta-search.com/?affID=119527&babsrc=HP_ss&mntrId=5A27C86000EA6C47", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404551912&from=ild&uid=ST31000524AS_6VPJR8X1XXXX6VPJR8X1"
CHR Plugin: (Shockwave Flash) - C:\Users\Candeias\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll No File
2015-05-17 16:48 - 2014-08-09 21:08 - 00000000 ____D () C:\ProgramData\Systweak
2015-05-17 16:48 - 2014-04-10 19:45 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\systweak
2015-05-17 16:48 - 2014-02-02 09:31 - 00000000 ____D () C:\Users\Candeias\AppData\Local\genienext
2015-05-17 16:48 - 2013-03-31 09:29 - 00000000 ____D () C:\Users\Candeias\AppData\Roaming\DSite
CustomCLSID: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Candeias\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1700775888-2337107692-2886028352-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Candeias\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {0AAF42B8-3EAD-42BF-A7DB-E09B4A040DDD} - System32\Tasks\DSite => C:\Users\Candeias\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {2C024122-3E8F-4DEF-A99C-53EC9A3ADACF} - System32\Tasks\{A0C1C15F-A6C9-476D-A6FF-EAFD98E602A0} => Chrome.exe
Task: {2C756289-850F-45DD-BB05-C302B644B055} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {F9784DD7-F738-47FA-96D3-2F2B6D5674A0} - \ASP No Task File <==== ATTENTION
C:\Program Files (x86)\TornTV.com
C:\Users\Candeias\AppData\Roaming\newnext.me
C:\Users\Candeias\AppData\Local\PriceMeter
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP