Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

NEW TAB resource://jid1-g80...newtab.html INFECTION [Solved]

Started by weile , Sep 30 2015 10:35 AM
malware java firefox not responding new tab

  • This topic is locked This topic is locked

#1
weile
Posted 30 September 2015 - 10:35 AM

weile

    New Member

  • Member
  • Pip
  • 6 posts

I dont remember exactly what I installed (maybe an add-on that I already removed, maybe a java/flash update installation, or maybe a software that asks to install yahoo search tool), but now everytime I open a new tab on firefox, it open on resource://jid1-g80ec8llebk5fq-at-jetpack/newtab/data/newtab.html

 

And my firefox is VERY slow, everytime keep stopping and saying "not responding" and after 5 seconds it gets back to normal slow navegation.

 

I've aready used: Spyhunter, AdwCleaner, Malwarebytes Anti-Malware

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Diogo Vaille (administrator) on ASUS-DIOGO-01 (30-09-2015 13:17:36)
Running from C:\Users\Diogo Vaille\Desktop
Loaded Profiles: Diogo Vaille (Available Profiles: Diogo Vaille & Usuário)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Baidu Inc.) C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
() C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2launcher.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Baidu PC Faster 5.1.0.0] => "C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [Touro Cloud Backup] => C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe [1324544 2012-10-18] ()
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [GoogleChromeAutoLaunch_D0B3ABAD4F9044A9098FE3F6D6EC93DC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [Dropbox Update] => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} =>  No File
ShellIconOverlayIdentifiers: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
Startup: C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE72083-8DB1-456D-BA99-29CFE9B059FF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globo.com/
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> {854BE253-8917-40F5-8196-0EC9FEC1F2F6} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456
FF NewTab: resource://jid1-g80ec8llebk5fq-at-jetpack/newtab/data/newtab.html
FF Homepage: hxxp://g1.globo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-06] (Apple Inc.)
FF SearchPlugin: C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\searchplugins\soundcloud.xml [2015-03-23]
FF Extension: Fess Google Bookmark Extension - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\[email protected] [2015-06-23]
FF Extension: Wiktionary and Google Translate - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\[email protected] [2015-06-04]
FF Extension: Evernote Web Clipper - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-09-17]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.netvibes.com/privatepage/1#Geral
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-09-16]
CHR Extension: (YouTube) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (TinyURL.com URL shortener (by Tiny-URL.info)) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpggaodbilneopgpjgbimgpaecdchfm [2015-03-24]
CHR Extension: (Cortex) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc [2015-03-25]
CHR Extension: (Simple Google bookmarks) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2015-03-24]
CHR Extension: (RSS Subscription Extension Plus) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobjkkjbcmhohalobdalmmenogajjlaj [2015-03-24]
CHR Extension: (Pin It Button) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-07-06]
CHR Extension: (Clipular! Research, save & share screenshot) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjbgcjbgmcfgbgikmbdioggjlhjegpp [2015-03-25]
CHR Extension: (Shareaholic for Google Chrome™) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-25]
CHR Extension: (My Alerts) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkngaknldfkgfoeookhiheejgnbhpnak [2015-03-24]
CHR Extension: (feedly) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2015-03-25]
CHR Extension: (Save to Pocket) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-08-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Yahoo Web) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-08-04]
CHR Extension: (Evernote Web Clipper) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [7680 2014-07-02] (ASUS) [File not signed]
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1709552 2015-03-12] (Baidu Inc.) [File not signed]
R2 Touro Cloud Backup Crawler; C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe [3671176 2012-10-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2015-01-06] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2015-01-06] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2015-01-06] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-09] (Ralink Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [502488 2014-05-08] (Realsil Semiconductor Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 MpKsl8d151c0b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{77A941FF-8A20-4E00-8946-047C75409797}\MpKsl8d151c0b.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-30 13:17 - 2015-09-30 13:18 - 00027210 _____ C:\Users\Diogo Vaille\Desktop\FRST.txt
2015-09-30 13:15 - 2015-09-30 13:15 - 02192384 _____ (Farbar) C:\Users\Diogo Vaille\Desktop\FRST64.exe
2015-09-30 12:22 - 2015-09-30 12:22 - 00000191 _____ C:\spyhunter.fix
2015-09-30 11:03 - 2015-09-30 11:13 - 00002316 _____ C:\Users\Diogo Vaille\Desktop\SpyHunter.lnk
2015-09-30 11:03 - 2015-09-30 11:13 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-09-30 11:03 - 2015-09-30 11:03 - 00000000 ____D C:\sh4ldr
2015-09-30 11:03 - 2015-09-30 11:03 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-09-30 11:01 - 2015-09-30 11:12 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-09-30 10:54 - 2015-09-30 10:55 - 00000000 ____D C:\Users\Diogo Vaille\Downloads\SpyHunter 4.20.9.4533 Portable
2015-09-30 10:52 - 2015-09-30 10:54 - 14959010 _____ C:\Users\Diogo Vaille\Downloads\Spy Hunter PRO.rar
2015-09-30 10:39 - 2015-09-30 10:39 - 44409924 _____ C:\Users\Diogo Vaille\Downloads\SpyHunter 4.17.6.4336 (FULL + Patch).zip
2015-09-21 11:33 - 2015-09-21 11:33 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-21 11:33 - 2015-09-21 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-21 11:32 - 2015-09-21 11:33 - 00000000 ____D C:\Program Files\iTunes
2015-09-21 11:32 - 2015-09-21 11:32 - 00000000 ____D C:\Program Files\iPod
2015-09-21 11:32 - 2015-09-21 11:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-21 11:29 - 2015-09-21 11:29 - 00000000 ____D C:\Program Files\Bonjour
2015-09-21 11:29 - 2015-09-21 11:29 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-21 11:28 - 2015-09-21 11:28 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-09-21 11:28 - 2015-09-21 11:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-17 16:30 - 2015-09-17 16:37 - 21905071 _____ C:\Users\Diogo Vaille\Downloads\27sat.iMobie.AnyTrans.4.4.1.Multilingual.MacOSX.rar
2015-09-17 12:40 - 2015-09-17 12:40 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\vlc
2015-09-17 12:28 - 2015-09-17 12:45 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\SpotifyResolver
2015-09-17 12:27 - 2015-09-17 12:44 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\Tomahawk
2015-09-17 12:22 - 2015-09-17 12:22 - 00001021 _____ C:\Users\Diogo Vaille\Desktop\Tomahawk.lnk
2015-09-17 12:22 - 2015-09-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tomahawk
2015-09-17 12:21 - 2015-09-17 12:22 - 00000000 ____D C:\Program Files (x86)\Tomahawk
2015-09-17 12:19 - 2015-09-17 12:20 - 35828536 _____ C:\Users\Diogo Vaille\Downloads\tomahawk-0.8.4.exe
2015-09-16 15:30 - 2015-09-16 15:30 - 06849298 _____ C:\Users\Diogo Vaille\Downloads\iPhotoLibraryManager_421.zip
2015-09-09 09:39 - 2015-08-26 23:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 09:39 - 2015-08-26 15:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 09:39 - 2015-08-26 11:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 09:39 - 2015-08-26 11:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 09:39 - 2015-08-26 11:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 09:39 - 2015-08-26 11:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 09:38 - 2015-09-02 23:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 09:38 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 09:38 - 2015-09-02 15:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 09:38 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 09:38 - 2015-09-01 23:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 09:38 - 2015-09-01 23:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 09:38 - 2015-09-01 23:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 09:38 - 2015-09-01 23:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 09:38 - 2015-09-01 23:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 09:38 - 2015-08-22 15:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 09:38 - 2015-08-22 14:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 09:38 - 2015-08-22 14:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 09:38 - 2015-08-22 14:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 09:38 - 2015-08-22 14:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 09:38 - 2015-08-22 14:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 09:38 - 2015-08-22 13:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 09:38 - 2015-08-22 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 09:38 - 2015-08-22 13:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 09:38 - 2015-08-22 13:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 09:38 - 2015-08-22 13:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 09:38 - 2015-08-22 13:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 09:38 - 2015-08-22 13:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 09:38 - 2015-08-22 13:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 09:38 - 2015-08-22 13:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 09:38 - 2015-08-22 13:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 09:38 - 2015-08-22 13:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 09:38 - 2015-08-22 13:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 09:38 - 2015-08-22 13:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 09:38 - 2015-08-22 13:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 09:38 - 2015-08-22 13:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 09:38 - 2015-08-22 13:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 09:38 - 2015-08-22 13:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 09:38 - 2015-08-22 13:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 09:38 - 2015-08-22 12:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 09:38 - 2015-08-22 12:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 09:38 - 2015-08-03 18:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 09:38 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 09:38 - 2015-08-01 11:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 09:38 - 2015-08-01 00:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 09:38 - 2015-08-01 00:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 09:38 - 2015-08-01 00:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 09:38 - 2015-08-01 00:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 09:38 - 2015-08-01 00:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 09:38 - 2015-07-30 14:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 09:38 - 2015-07-30 13:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 09:38 - 2015-07-22 11:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 09:38 - 2015-07-22 11:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 09:38 - 2015-07-22 11:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 09:38 - 2015-07-22 11:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 09:38 - 2015-07-22 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 09:38 - 2015-07-22 10:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 09:38 - 2015-07-18 15:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 09:38 - 2015-07-18 15:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 09:38 - 2015-07-18 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 09:38 - 2015-07-18 15:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 09:38 - 2015-07-17 11:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 09:38 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 09:38 - 2015-07-14 00:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-09 09:38 - 2015-07-13 16:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 09:38 - 2015-07-09 13:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-09 09:38 - 2015-07-03 18:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 09:38 - 2015-07-03 11:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-09 09:38 - 2015-06-27 08:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 09:38 - 2015-06-19 14:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-09 09:37 - 2015-07-10 16:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-04 15:52 - 2015-09-04 15:52 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-31 09:47 - 2015-08-31 09:47 - 00001859 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-31 09:47 - 2015-08-31 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-30 13:17 - 2015-08-04 12:00 - 00000000 ____D C:\FRST
2015-09-30 13:17 - 2014-12-08 23:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-30 13:14 - 2015-07-15 19:58 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42.job
2015-09-30 13:04 - 2015-06-18 11:54 - 00001086 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA.job
2015-09-30 13:00 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-30 12:52 - 2014-09-18 17:41 - 01391453 _____ C:\Windows\WindowsUpdate.log
2015-09-30 12:50 - 2014-12-11 09:11 - 00000000 ____D C:\Users\Diogo Vaille\advfn
2015-09-30 12:43 - 2014-12-15 13:53 - 00000000 ___RD C:\Users\Diogo Vaille\Dropbox
2015-09-30 12:41 - 2014-12-15 13:49 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Dropbox
2015-09-30 12:41 - 2014-12-06 00:40 - 00000000 ___RD C:\Users\Diogo Vaille\OneDrive
2015-09-30 12:41 - 2014-09-20 18:32 - 00000094 _____ C:\Users\Diogo Vaille\AppData\Roaming\sp_data.sys
2015-09-30 12:40 - 2015-07-15 19:58 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814.job
2015-09-30 12:40 - 2015-03-18 10:13 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-30 12:29 - 2014-03-18 07:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-30 12:26 - 2015-03-23 20:42 - 00002347 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-09-30 12:25 - 2013-08-22 11:46 - 00224291 _____ C:\Windows\setupact.log
2015-09-30 12:25 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 12:23 - 2013-08-22 10:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-30 12:05 - 2014-09-20 18:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2305498699-3212122031-866692255-1001
2015-09-30 12:01 - 2015-05-11 10:49 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-09-30 12:01 - 2015-05-11 10:49 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-09-30 11:23 - 2015-03-18 10:13 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-30 11:17 - 2015-03-18 16:16 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\CrashDumps
2015-09-30 11:03 - 2015-01-26 18:28 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieBrowserModeList
2015-09-30 11:03 - 2014-09-20 19:47 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieUserList
2015-09-30 11:03 - 2014-09-20 19:47 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieSiteList
2015-09-30 10:57 - 2014-12-09 10:05 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent
2015-09-30 10:05 - 2014-09-20 18:33 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0CDF39D-1E29-4293-ADD0-54C3E4C7AE5D}
2015-09-30 10:03 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-29 20:04 - 2015-06-18 11:54 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core.job
2015-09-23 10:01 - 2015-01-29 12:46 - 00000000 ____D C:\ProgramData\KMSAutoS
2015-09-22 11:17 - 2014-12-08 23:10 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-22 10:04 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-21 11:32 - 2014-12-23 08:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-21 11:28 - 2014-12-15 11:26 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-21 09:46 - 2015-03-18 10:13 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\Google
2015-09-17 12:27 - 2014-09-20 18:29 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\VirtualStore
2015-09-16 12:09 - 2015-07-15 19:58 - 00004076 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42
2015-09-16 12:09 - 2015-07-15 19:58 - 00003840 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814
2015-09-15 12:13 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2015-09-15 10:00 - 2014-12-23 11:59 - 00633856 ___SH C:\Users\Diogo Vaille\Downloads\Thumbs.db
2015-09-14 22:18 - 2015-03-17 10:06 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 22:18 - 2015-03-17 10:06 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 12:50 - 2013-08-22 11:44 - 00482456 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 12:47 - 2014-03-18 06:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-12 12:47 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 11:14 - 2014-09-20 20:02 - 00000000 ____D C:\Windows\system32\MRT
2015-09-03 11:10 - 2015-08-28 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-03 11:10 - 2014-09-20 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-03 11:10 - 2014-03-18 06:54 - 00750946 _____ C:\Windows\PFRO.log
2015-08-31 09:47 - 2014-12-15 11:12 - 00000000 ____D C:\Program Files (x86)\QuickTime

==================== Files in the root of some directories =======

2014-09-20 18:32 - 2015-09-30 12:41 - 0000094 _____ () C:\Users\Diogo Vaille\AppData\Roaming\sp_data.sys
2015-03-23 18:45 - 2015-03-23 18:48 - 0011838 _____ () C:\Users\Diogo Vaille\AppData\Local\Temp-log.txt
2014-09-18 17:50 - 2014-09-18 17:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-18 18:09 - 2014-03-25 22:11 - 0000137 _____ () C:\ProgramData\RefreshReg.vbs
2014-05-16 17:02 - 2014-03-26 17:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-05-16 17:02 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-16 17:02 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\RefreshReg.vbs
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Diogo Vaille\AppData\Local\Temp\25C3ED7F-E5BD-C0C3-7BE7-86BE339D7A47.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\b6da719e-b2c5-4fa1-a318-660dd4c71990.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnu9lem.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\ose00000.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\Quarantine.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\SetupProPlusRetail.x86.en-US_ProPlusRetail_XRNFT-HG2FV-G74BP-7PVDC-JB29K_act_1_.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\SpOrder.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\sqlite3.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\uninst.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-22 11:57

==================== End of FRST.txt ============================

 

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Diogo Vaille (2015-09-30 13:19:19)
Running from C:\Users\Diogo Vaille\Desktop
Windows 8.1 (X64) (2014-09-20 21:28:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2305498699-3212122031-866692255-500 - Administrator - Disabled)
Diogo Vaille (S-1-5-21-2305498699-3212122031-866692255-1001 - Administrator - Enabled) => C:\Users\Diogo Vaille
Guest (S-1-5-21-2305498699-3212122031-866692255-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2305498699-3212122031-866692255-1003 - Limited - Enabled)
Usuário (S-1-5-21-2305498699-3212122031-866692255-1004 - Limited - Enabled) => C:\Users\Usuário

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
BitTorrent (HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoPro App (x32 Version: 5.6.509 - GoPro, Inc.) Hidden
GoPro Studio 2.5.6 (HKLM-x32\...\{8850d4d9-a0fc-453f-ba03-ec084375d0c2}) (Version: 2.5.6.509 - GoPro, Inc.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Malwarebytes Anti-Malware versão 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mediatek Bluetooth (HKLM\...\{F10FA818-DF9D-B070-DD53-94B07238F5DA}) (Version: 11.0.753.0 - Mediatek)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21255 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
rekordbox 3.2.0 (HKLM-x32\...\Pioneer rekordbox 3.2.0) (Version: 3.2.0.3059 - Pioneer)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SoundTouch (HKLM-x32\...\{9BA4ED09-6482-46F2-AC75-23EDC31B4BDD}) (Version: 7.2.21.8752 - BOSE)
SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Tomahawk (HKLM-x32\...\Tomahawk) (Version: 0.8.4 - Tomahawk-player.org)
Touro Cloud Backup 2.0.5 (HKLM\...\Touro Cloud Backup) (Version: 2.0.5 - Touro Cloud Backup)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

20-08-2015 09:28:57 Windows Update
10-09-2015 10:58:37 Windows Update
22-09-2015 10:01:45 Windows Update
30-09-2015 11:01:40 Installed SpyHunter

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-03-23 18:11 - 2015-09-30 11:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08418538-2270-499A-B6ED-8266978A78DB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {0AB29AFF-A61D-4000-9917-D5A2EA471489} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {0FDCDE5B-73B3-4B4F-8DDC-4E4DD76E24CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {269AF05C-68B1-4FE3-A1E4-E7137914BC36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2D650E32-82F3-429A-834C-E29AEB96A3C3} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-01-29] (MSfree Inc.)
Task: {32EEBFD3-8231-40A2-8162-7DA9ECD163AC} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {3AF1B7FA-4663-487A-B847-E48064B087F5} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {482CD76E-12D7-4D6B-9A59-2FBC77D123F9} - \248b10b1-a621-44f4-bebd-4c1b1cdfdcf6-10_user -> No File <==== ATTENTION
Task: {49EF5685-0586-40E4-BDF7-AA68BE1F0FF1} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {5653C609-1CA5-40EF-A9D3-F5706F5DDF03} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5E0E4D21-AD9E-46B4-A775-8E6C1F82D2C8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {6BFC942F-DC3F-444B-99B0-11825FBCF7FB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {7ABB773F-E1BB-400A-8423-AA3EC404503F} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe
Task: {8774C136-C6A5-48F5-B210-6A6E32035ABB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {87A32F1E-6F38-4FB0-9DA1-63659017BC1D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {87DD05A9-4E9D-41F9-BEC0-0CDF6910DDB1} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {8EF29395-6D16-4F45-BC54-81990D27B9C7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9485DE53-A545-42AB-BA71-551EF997D4DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {A381FCBC-DB7B-4452-9F2A-77B366757047} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {AE28EA9E-7B25-4FCA-972A-E433782275CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {B4CDEB8C-3226-4663-BD7F-70F462FBD43E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {CE9BFBA5-C556-40D7-9CB7-81CCF87CC49C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-04] (ASUS)
Task: {CEA14622-4535-44B4-B7CB-7D09EDCAE74A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {DDBFC967-B82F-4DD3-81B6-34081F18C315} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {E2043940-71AB-4CD2-8C97-1E57D1CDC7F7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E3BC87A3-D570-41E4-A651-09F9804F7620} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E9A8665E-208B-4404-B1EF-47EFC7EC2793} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {FA3D6842-105B-4DD3-8EF3-EFAF11287AA7} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [2015-03-12] (Baidu Inc.)
Task: {FCC23DB8-BBCF-404E-AA9B-1830B5F419EB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core.job => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA.job => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-02 18:38 - 2014-07-02 18:38 - 00016896 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-03-23 20:42 - 2015-01-06 12:47 - 00156936 _____ () C:\Windows\SYSTEM32\bdfwcore.dll
2015-03-23 20:56 - 2015-08-17 19:11 - 00875864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2015-03-23 20:55 - 2015-08-17 19:11 - 00741952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2015-03-23 20:56 - 2015-08-17 19:11 - 02801464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2015-03-23 20:56 - 2015-08-17 19:11 - 01412512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2012-10-18 14:44 - 2012-10-18 14:44 - 03671176 _____ () C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe
2014-01-23 07:05 - 2014-01-23 07:05 - 08878248 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2012-10-18 14:43 - 2012-10-18 14:43 - 01486848 _____ () C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll
2012-10-18 14:41 - 2012-10-18 14:41 - 01324544 _____ () C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe
2014-07-02 18:38 - 2014-07-02 18:38 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2014-09-18 17:49 - 2013-10-23 17:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2012-10-11 10:13 - 2012-10-11 10:13 - 00897536 _____ () C:\Program Files\Touro Cloud Backup\NativeControls7.dll
2012-10-18 14:41 - 2012-10-18 14:41 - 01484288 _____ () C:\Program Files\Touro Cloud Backup\OnlineBackupFacade.dll
2015-09-25 10:15 - 2015-09-23 23:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 10:15 - 2015-09-23 23:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-30 12:41 - 2015-09-30 12:41 - 00071168 _____ () c:\Users\Diogo Vaille\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnu9lem.dll
2015-07-22 23:13 - 2015-08-05 02:26 - 00012800 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00779776 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:06 - 2015-08-05 02:26 - 00056320 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-22 23:13 - 2015-08-05 02:26 - 00012288 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-02 23:31 - 2015-07-02 23:31 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll
2015-08-04 13:22 - 2015-08-04 13:22 - 00019040 _____ () C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2native.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\Users\Diogo Vaille\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2534E512-2018-4D81-8AB6-CA12CF531985}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2754B754-6575-4789-B7EA-109001A16E70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F0CE20AF-79AD-4B3F-815D-789E67DFBD8C}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{0D848C3A-785D-473A-BF7B-C4F8AB5B019E}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A9AD8E44-4A65-4575-AA3D-BA46D69AA32F}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E79F9349-750C-4E8D-8F5F-91436AA9E469}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{71DBAF2F-3707-4474-A7FC-3B3BDF83F5CC}C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{42786EB0-60A9-43B0-90E6-FB0A37227F02}C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{6AE5837E-D556-41B5-8C19-5B45CE77499B}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{295801E1-585D-41C7-B7C0-74DFBEBB02A8}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{31CF5693-D9BB-47AD-8C7D-CF7A3AD3A43B}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{1A13D062-9A36-4EFE-817F-ADAB4CB99FD0}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{C10BF569-E17E-4D14-A8E1-CE71B31B56FC}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{D1ED842C-8B85-4D46-8F4E-F7502F20C0F1}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [{2C01F481-891E-49B6-9642-1C06E1F42742}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9FFB4D1-2B78-400D-9A1A-92ED69C95DED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC2CC42A-2C0E-4CCA-8F32-83B5B76E8B86}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{852CC7DB-AECA-416C-B538-D59B8354AF2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2DAFF880-FC70-4BD7-AFF5-3C1EA23E30F9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AB5753A2-8A79-4DE6-B73A-2A9F3C46D354}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D60EEA1-630B-4DD9-93B6-4C97AF3F2EAF}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{FF917041-80CB-4624-B145-0F8A36299C0D}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{198B0935-F434-4B16-A596-FF404D33929B}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{DD6C13E5-187C-48C7-972F-38DC15DE32F6}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{8728DC3B-9C61-46FA-BA3C-6D0A7EC456FF}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{DA1467F0-1C04-409E-973D-FCD978F8AB08}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{7FB59E13-39A3-4B3B-9B86-2705591A94E1}C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe
FirewallRules: [UDP Query User{B836B47F-3333-4511-9511-613D9F943C72}C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe
FirewallRules: [TCP Query User{D69895DE-FE5D-4BA3-820B-53C3B11AC323}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe
FirewallRules: [UDP Query User{2B7C93C8-1112-4A34-9363-0690D8A13D7A}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe
FirewallRules: [TCP Query User{A9016F06-A0D1-4870-BFD9-7CD010D3E004}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{5DDF0D02-90C6-4D2F-9708-DDF01FE6C328}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{6B6A06F2-4EE2-4BCA-8E47-238D39C46ACA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BE9157C4-55FE-49C4-BB4A-92C1FF6339B0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{80842492-E118-4885-8B62-756ABAB22886}] => (Allow) C:\Program Files (x86)\SoundTouch\SoundTouch.exe
FirewallRules: [{CA547C55-63B3-47C7-B144-82E05B1D3D30}] => (Allow) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe
FirewallRules: [TCP Query User{C62E3A54-F6E4-4471-AC67-561A3343D1F6}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{05915DC9-1E63-4424-AD94-FCDB59B261EC}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{DB40BD00-06D0-4F7B-82E7-3BB0D2DB2060}C:\program files (x86)\mozilla firefox\firefoxx.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefoxx.exe
FirewallRules: [UDP Query User{1756CD74-863A-4935-B03E-76E757B64AC7}C:\program files (x86)\mozilla firefox\firefoxx.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefoxx.exe
FirewallRules: [{DB0A4B30-E1E2-4617-9432-8351FD4B4AB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8DB2544A-92B3-4635-A62F-748B8D76FA62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF6EF969-58D6-4ADE-9D2E-E56F8CDF0B4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B753FE14-69DD-409A-B92B-77FA94321982}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66EC1D79-12FC-43E1-A5D4-7B458411A7F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{143A5902-6A51-4039-97C3-3B3D4EBE6EA3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2015 11:17:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 40.0.3.5716, time stamp: 0x55ddb213
Faulting module name: mozglue.dll, version: 40.0.3.5716, time stamp: 0x55dda062
Exception code: 0x80000003
Fault offset: 0x0000e250
Faulting process id: 0x10124
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (09/30/2015 11:07:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpyHunter4.exe, version: 4.1.11.0, time stamp: 0x4bf29ca5
Faulting module name: ExecutionGuard.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0x121cc
Faulting application start time: 0xSpyHunter4.exe0
Faulting application path: SpyHunter4.exe1
Faulting module path: SpyHunter4.exe2
Report Id: SpyHunter4.exe3
Faulting package full name: SpyHunter4.exe4
Faulting package-relative application ID: SpyHunter4.exe5

Error: (09/30/2015 12:09:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3546

Error: (09/30/2015 12:09:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3546

Error: (09/30/2015 12:09:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2015 12:09:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2390

Error: (09/30/2015 12:09:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2390

Error: (09/30/2015 12:09:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/30/2015 12:09:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (09/30/2015 12:09:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156


System errors:
=============
Error: (09/29/2015 12:02:46 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MAURO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FE72083-8DB1-456D-BA99-29CFE9B059FF}.
The master browser is stopping or an election is being forced.

Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/22/2015 05:10:08 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MAURO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FE72083-8DB1-456D-BA99-29CFE9B059FF}.
The master browser is stopping or an election is being forced.

Error: (09/16/2015 09:50:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (09/11/2015 05:47:25 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MAURO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FE72083-8DB1-456D-BA99-29CFE9B059FF}.
The master browser is stopping or an election is being forced.

Error: (09/10/2015 11:15:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.

Error: (09/08/2015 04:48:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.14 did not allow the name to be claimed by
this computer.


CodeIntegrity:
===================================
  Date: 2015-03-18 18:27:35.815
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 35%
Total physical RAM: 8075.53 MB
Available physical RAM: 5224.54 MB
Total Virtual: 9419.53 MB
Available Virtual: 6303 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:56.57 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:256.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6CD53F35)

Partition: GPT.

==================== End of Addition.txt ============================

 

 


  • 0

Advertisements

#2
Essexboy
Posted 30 September 2015 - 12:49 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know if this resolves the problem


CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globo.com/
FF NewTab: resource://jid1-g80ec8llebk5fq-at-jetpack/newtab/data/newtab.html
FF Homepage: hxxp://g1.globo.com/
FF SearchPlugin: C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\searchplugins\soundcloud.xml [2015-03-23]
2015-09-30 11:01 - 2015-09-30 11:12 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-09-30 11:03 - 2015-01-26 18:28 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieBrowserModeList
2015-09-30 11:03 - 2014-09-20 19:47 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieUserList
2015-09-30 11:03 - 2014-09-20 19:47 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieSiteList
Task: {3AF1B7FA-4663-487A-B847-E48064B087F5} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {482CD76E-12D7-4D6B-9A59-2FBC77D123F9} - \248b10b1-a621-44f4-bebd-4c1b1cdfdcf6-10_user -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
weile
Posted 30 September 2015 - 07:02 PM

weile

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thanks!! It has worked to take out the problem with the new tab!!! You think this is the same problem that caused the slowlyness on firefox???

 

Can I do something else to make it faster??

 

This is the Logfile

 

# AdwCleaner v5.009 - Logfile created 30/09/2015 at 21:45:36
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Diogo Vaille - ASUS-DIOGO-01
# Running from : C:\Users\Diogo Vaille\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PCFasterSvc_{PCFaster_5.1.0.0}

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Adobe Flash Player Updater
[-] Task Deleted : Baidu PC Faster Service

***** [ Registry ] *****

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP

***** [ Web browsers ] *****

[-] [C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : simplyrar.en.softonic.com
[-] [C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : br.ask.com
[-] [C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : br.search.yahoo.com
[-] [C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aperture.en.softonic.com
[-] [C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [3176 bytes] ##########
 


  • 0

#4
Essexboy
Posted 01 October 2015 - 07:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It was part of the problem could you post the FRST fixlog please and let me know what problems remain
  • 0

#5
weile
Posted 01 October 2015 - 08:29 AM

weile

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Now there is a "Java Update Avaiable" blinking on my system tray....should I update Java with no worries??? Can It be virus like Flash Update??

 

Here is the fixlog now and the addition:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Diogo Vaille (administrator) on ASUS-DIOGO-01 (01-10-2015 11:23:26)
Running from C:\Users\Diogo Vaille\Desktop
Loaded Profiles: Diogo Vaille (Available Profiles: Diogo Vaille & Usuário)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
() C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Dropbox, Inc.) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2launcher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Baidu PC Faster 5.1.0.0] => "C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [Touro Cloud Backup] => C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe [1324544 2012-10-18] ()
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [GoogleChromeAutoLaunch_D0B3ABAD4F9044A9098FE3F6D6EC93DC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [Dropbox Update] => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
Startup: C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE72083-8DB1-456D-BA99-29CFE9B059FF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> {854BE253-8917-40F5-8196-0EC9FEC1F2F6} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-06] (Apple Inc.)
FF Extension: Fess Google Bookmark Extension - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\[email protected] [2015-06-23]
FF Extension: Wiktionary and Google Translate - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\[email protected] [2015-06-04]
FF Extension: Evernote Web Clipper - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-09-17]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.netvibes.com/privatepage/1#Geral
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-09-16]
CHR Extension: (YouTube) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (TinyURL.com URL shortener (by Tiny-URL.info)) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpggaodbilneopgpjgbimgpaecdchfm [2015-03-24]
CHR Extension: (Cortex) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc [2015-03-25]
CHR Extension: (Simple Google bookmarks) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2015-03-24]
CHR Extension: (RSS Subscription Extension Plus) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobjkkjbcmhohalobdalmmenogajjlaj [2015-03-24]
CHR Extension: (Pin It Button) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-07-06]
CHR Extension: (Clipular! Research, save & share screenshot) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjbgcjbgmcfgbgikmbdioggjlhjegpp [2015-03-25]
CHR Extension: (Shareaholic for Google Chrome™) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-25]
CHR Extension: (My Alerts) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkngaknldfkgfoeookhiheejgnbhpnak [2015-03-24]
CHR Extension: (feedly) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2015-03-25]
CHR Extension: (Save to Pocket) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-08-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Yahoo Web) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-09-30]
CHR Extension: (Evernote Web Clipper) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [7680 2014-07-02] (ASUS) [File not signed]
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Touro Cloud Backup Crawler; C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe [3671176 2012-10-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2015-01-06] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2015-01-06] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2015-01-06] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-09] (Ralink Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [502488 2014-05-08] (Realsil Semiconductor Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 MpKsl8d151c0b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{77A941FF-8A20-4E00-8946-047C75409797}\MpKsl8d151c0b.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 11:23 - 2015-10-01 11:24 - 00026006 _____ C:\Users\Diogo Vaille\Desktop\FRST.txt
2015-09-30 21:38 - 2015-09-30 21:39 - 01670656 _____ C:\Users\Diogo Vaille\Desktop\AdwCleaner.exe
2015-09-30 20:12 - 2015-09-30 20:12 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-30 13:15 - 2015-09-30 13:15 - 02192384 _____ (Farbar) C:\Users\Diogo Vaille\Desktop\FRST64.exe
2015-09-30 12:22 - 2015-09-30 12:22 - 00000191 _____ C:\spyhunter.fix
2015-09-30 11:03 - 2015-09-30 11:13 - 00002316 _____ C:\Users\Diogo Vaille\Desktop\SpyHunter.lnk
2015-09-30 11:03 - 2015-09-30 11:13 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-09-30 11:03 - 2015-09-30 11:03 - 00000000 ____D C:\sh4ldr
2015-09-30 11:03 - 2015-09-30 11:03 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-09-30 10:54 - 2015-09-30 10:55 - 00000000 ____D C:\Users\Diogo Vaille\Downloads\SpyHunter 4.20.9.4533 Portable
2015-09-30 10:52 - 2015-09-30 10:54 - 14959010 _____ C:\Users\Diogo Vaille\Downloads\Spy Hunter PRO.rar
2015-09-30 10:39 - 2015-09-30 10:39 - 44409924 _____ C:\Users\Diogo Vaille\Downloads\SpyHunter 4.17.6.4336 (FULL + Patch).zip
2015-09-21 11:33 - 2015-09-21 11:33 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-21 11:33 - 2015-09-21 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-21 11:32 - 2015-09-21 11:33 - 00000000 ____D C:\Program Files\iTunes
2015-09-21 11:32 - 2015-09-21 11:32 - 00000000 ____D C:\Program Files\iPod
2015-09-21 11:32 - 2015-09-21 11:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-21 11:29 - 2015-09-21 11:29 - 00000000 ____D C:\Program Files\Bonjour
2015-09-21 11:29 - 2015-09-21 11:29 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-21 11:28 - 2015-09-21 11:28 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-09-21 11:28 - 2015-09-21 11:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-17 16:30 - 2015-09-17 16:37 - 21905071 _____ C:\Users\Diogo Vaille\Downloads\27sat.iMobie.AnyTrans.4.4.1.Multilingual.MacOSX.rar
2015-09-17 12:40 - 2015-09-17 12:40 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\vlc
2015-09-17 12:28 - 2015-09-17 12:45 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\SpotifyResolver
2015-09-17 12:27 - 2015-09-17 12:44 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\Tomahawk
2015-09-17 12:22 - 2015-09-17 12:22 - 00001021 _____ C:\Users\Diogo Vaille\Desktop\Tomahawk.lnk
2015-09-17 12:22 - 2015-09-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tomahawk
2015-09-17 12:21 - 2015-09-17 12:22 - 00000000 ____D C:\Program Files (x86)\Tomahawk
2015-09-17 12:19 - 2015-09-17 12:20 - 35828536 _____ C:\Users\Diogo Vaille\Downloads\tomahawk-0.8.4.exe
2015-09-16 15:30 - 2015-09-16 15:30 - 06849298 _____ C:\Users\Diogo Vaille\Downloads\iPhotoLibraryManager_421.zip
2015-09-09 09:39 - 2015-08-26 23:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 09:39 - 2015-08-26 15:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 09:39 - 2015-08-26 11:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 09:39 - 2015-08-26 11:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 09:39 - 2015-08-26 11:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 09:39 - 2015-08-26 11:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 09:38 - 2015-09-02 23:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 09:38 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 09:38 - 2015-09-02 15:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 09:38 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 09:38 - 2015-09-01 23:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 09:38 - 2015-09-01 23:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 09:38 - 2015-09-01 23:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 09:38 - 2015-09-01 23:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 09:38 - 2015-09-01 23:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 09:38 - 2015-08-22 15:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 09:38 - 2015-08-22 14:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 09:38 - 2015-08-22 14:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 09:38 - 2015-08-22 14:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 09:38 - 2015-08-22 14:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 09:38 - 2015-08-22 14:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 09:38 - 2015-08-22 13:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 09:38 - 2015-08-22 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 09:38 - 2015-08-22 13:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 09:38 - 2015-08-22 13:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 09:38 - 2015-08-22 13:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 09:38 - 2015-08-22 13:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 09:38 - 2015-08-22 13:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 09:38 - 2015-08-22 13:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 09:38 - 2015-08-22 13:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 09:38 - 2015-08-22 13:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 09:38 - 2015-08-22 13:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 09:38 - 2015-08-22 13:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 09:38 - 2015-08-22 13:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 09:38 - 2015-08-22 13:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 09:38 - 2015-08-22 13:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 09:38 - 2015-08-22 13:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 09:38 - 2015-08-22 13:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 09:38 - 2015-08-22 13:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 09:38 - 2015-08-22 12:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 09:38 - 2015-08-22 12:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 09:38 - 2015-08-03 18:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 09:38 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 09:38 - 2015-08-01 11:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 09:38 - 2015-08-01 00:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 09:38 - 2015-08-01 00:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 09:38 - 2015-08-01 00:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 09:38 - 2015-08-01 00:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 09:38 - 2015-08-01 00:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 09:38 - 2015-07-30 14:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 09:38 - 2015-07-30 13:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 09:38 - 2015-07-22 11:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 09:38 - 2015-07-22 11:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 09:38 - 2015-07-22 11:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 09:38 - 2015-07-22 11:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 09:38 - 2015-07-22 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 09:38 - 2015-07-22 10:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 09:38 - 2015-07-18 15:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 09:38 - 2015-07-18 15:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 09:38 - 2015-07-18 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 09:38 - 2015-07-18 15:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 09:38 - 2015-07-17 11:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 09:38 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 09:38 - 2015-07-14 00:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-09 09:38 - 2015-07-13 16:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 09:38 - 2015-07-09 13:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-09 09:38 - 2015-07-03 18:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 09:38 - 2015-07-03 11:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-09 09:38 - 2015-06-27 08:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 09:38 - 2015-06-19 14:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-09 09:37 - 2015-07-10 16:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 11:23 - 2015-08-04 12:00 - 00000000 ____D C:\FRST
2015-10-01 11:23 - 2015-03-18 10:13 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-01 11:17 - 2014-09-18 17:41 - 01529729 _____ C:\Windows\WindowsUpdate.log
2015-10-01 11:14 - 2015-07-15 19:58 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42.job
2015-10-01 11:10 - 2014-09-20 18:33 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0CDF39D-1E29-4293-ADD0-54C3E4C7AE5D}
2015-10-01 11:04 - 2015-06-18 11:54 - 00001086 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA.job
2015-10-01 11:00 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-01 10:45 - 2014-12-15 13:53 - 00000000 ___RD C:\Users\Diogo Vaille\Dropbox
2015-10-01 10:07 - 2014-12-11 09:11 - 00000000 ____D C:\Users\Diogo Vaille\advfn
2015-10-01 09:34 - 2014-09-20 18:32 - 00000094 _____ C:\Users\Diogo Vaille\AppData\Roaming\sp_data.sys
2015-09-30 21:50 - 2014-12-15 13:49 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Dropbox
2015-09-30 21:50 - 2014-12-06 00:40 - 00000000 ____D C:\Users\Diogo Vaille\OneDrive
2015-09-30 21:49 - 2015-07-15 19:58 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814.job
2015-09-30 21:49 - 2015-03-18 10:13 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-30 21:48 - 2015-03-23 20:42 - 00002347 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-09-30 21:47 - 2013-08-22 11:46 - 00225248 _____ C:\Windows\setupact.log
2015-09-30 21:47 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 21:46 - 2014-03-18 06:54 - 00752540 _____ C:\Windows\PFRO.log
2015-09-30 21:46 - 2013-08-22 10:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-30 21:45 - 2015-03-23 19:13 - 00000000 ____D C:\AdwCleaner
2015-09-30 20:29 - 2014-09-20 18:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2305498699-3212122031-866692255-1001
2015-09-30 12:29 - 2014-03-18 07:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-30 12:01 - 2015-05-11 10:49 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-09-30 12:01 - 2015-05-11 10:49 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-09-30 11:17 - 2015-03-18 16:16 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\CrashDumps
2015-09-30 10:57 - 2014-12-09 10:05 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent
2015-09-30 10:03 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-29 20:04 - 2015-06-18 11:54 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core.job
2015-09-23 10:01 - 2015-01-29 12:46 - 00000000 ____D C:\ProgramData\KMSAutoS
2015-09-22 10:04 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-21 11:32 - 2014-12-23 08:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-21 11:28 - 2014-12-15 11:26 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-21 09:46 - 2015-03-18 10:13 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\Google
2015-09-17 12:27 - 2014-09-20 18:29 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\VirtualStore
2015-09-16 12:09 - 2015-07-15 19:58 - 00004076 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42
2015-09-16 12:09 - 2015-07-15 19:58 - 00003840 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814
2015-09-15 12:13 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2015-09-15 10:00 - 2014-12-23 11:59 - 00633856 ___SH C:\Users\Diogo Vaille\Downloads\Thumbs.db
2015-09-14 22:18 - 2015-03-17 10:06 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 22:18 - 2015-03-17 10:06 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 12:50 - 2013-08-22 11:44 - 00482456 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 12:47 - 2014-03-18 06:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-12 12:47 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 11:14 - 2014-09-20 20:02 - 00000000 ____D C:\Windows\system32\MRT
2015-09-03 11:10 - 2015-08-28 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-03 11:10 - 2014-09-20 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-09-20 18:32 - 2015-10-01 09:34 - 0000094 _____ () C:\Users\Diogo Vaille\AppData\Roaming\sp_data.sys
2015-03-23 18:45 - 2015-03-23 18:48 - 0011838 _____ () C:\Users\Diogo Vaille\AppData\Local\Temp-log.txt
2014-09-18 17:50 - 2014-09-18 17:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-18 18:09 - 2014-03-25 22:11 - 0000137 _____ () C:\ProgramData\RefreshReg.vbs
2014-05-16 17:02 - 2014-03-26 17:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-05-16 17:02 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-16 17:02 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\RefreshReg.vbs
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Diogo Vaille\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwdywnw.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-22 11:57

==================== End of FRST.txt ============================

 

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Diogo Vaille (2015-10-01 11:25:07)
Running from C:\Users\Diogo Vaille\Desktop
Windows 8.1 (X64) (2014-09-20 21:28:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2305498699-3212122031-866692255-500 - Administrator - Disabled)
Diogo Vaille (S-1-5-21-2305498699-3212122031-866692255-1001 - Administrator - Enabled) => C:\Users\Diogo Vaille
Guest (S-1-5-21-2305498699-3212122031-866692255-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2305498699-3212122031-866692255-1003 - Limited - Enabled)
Usuário (S-1-5-21-2305498699-3212122031-866692255-1004 - Limited - Enabled) => C:\Users\Usuário

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
BitTorrent (HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Dropbox) (Version: 3.10.6 - Dropbox, Inc.)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoPro App (x32 Version: 5.6.509 - GoPro, Inc.) Hidden
GoPro Studio 2.5.6 (HKLM-x32\...\{8850d4d9-a0fc-453f-ba03-ec084375d0c2}) (Version: 2.5.6.509 - GoPro, Inc.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Malwarebytes Anti-Malware versão 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mediatek Bluetooth (HKLM\...\{F10FA818-DF9D-B070-DD53-94B07238F5DA}) (Version: 11.0.753.0 - Mediatek)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21255 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
rekordbox 3.2.0 (HKLM-x32\...\Pioneer rekordbox 3.2.0) (Version: 3.2.0.3059 - Pioneer)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SoundTouch (HKLM-x32\...\{9BA4ED09-6482-46F2-AC75-23EDC31B4BDD}) (Version: 7.2.21.8752 - BOSE)
SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Tomahawk (HKLM-x32\...\Tomahawk) (Version: 0.8.4 - Tomahawk-player.org)
Touro Cloud Backup 2.0.5 (HKLM\...\Touro Cloud Backup) (Version: 2.0.5 - Touro Cloud Backup)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

10-09-2015 10:58:37 Windows Update
22-09-2015 10:01:45 Windows Update
30-09-2015 11:01:40 Installed SpyHunter
30-09-2015 21:24:30 Restore Point Created by FRST
30-09-2015 21:31:19 Restore Point Created by FRST

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-03-23 18:11 - 2015-09-30 11:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08418538-2270-499A-B6ED-8266978A78DB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {0AB29AFF-A61D-4000-9917-D5A2EA471489} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {0FDCDE5B-73B3-4B4F-8DDC-4E4DD76E24CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {269AF05C-68B1-4FE3-A1E4-E7137914BC36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2D650E32-82F3-429A-834C-E29AEB96A3C3} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-01-29] (MSfree Inc.)
Task: {32EEBFD3-8231-40A2-8162-7DA9ECD163AC} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {49EF5685-0586-40E4-BDF7-AA68BE1F0FF1} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {5653C609-1CA5-40EF-A9D3-F5706F5DDF03} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5E0E4D21-AD9E-46B4-A775-8E6C1F82D2C8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {7ABB773F-E1BB-400A-8423-AA3EC404503F} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe
Task: {8774C136-C6A5-48F5-B210-6A6E32035ABB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {87A32F1E-6F38-4FB0-9DA1-63659017BC1D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {87DD05A9-4E9D-41F9-BEC0-0CDF6910DDB1} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {8EF29395-6D16-4F45-BC54-81990D27B9C7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A381FCBC-DB7B-4452-9F2A-77B366757047} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {AE28EA9E-7B25-4FCA-972A-E433782275CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {B4CDEB8C-3226-4663-BD7F-70F462FBD43E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C74C411B-18DF-4278-A2AA-9B262BDF2EB4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {CE9BFBA5-C556-40D7-9CB7-81CCF87CC49C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-04] (ASUS)
Task: {CEA14622-4535-44B4-B7CB-7D09EDCAE74A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {DDBFC967-B82F-4DD3-81B6-34081F18C315} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {E2043940-71AB-4CD2-8C97-1E57D1CDC7F7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E3BC87A3-D570-41E4-A651-09F9804F7620} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E9A8665E-208B-4404-B1EF-47EFC7EC2793} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {FCC23DB8-BBCF-404E-AA9B-1830B5F419EB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core.job => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA.job => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-02 18:38 - 2014-07-02 18:38 - 00016896 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-03-23 20:42 - 2015-01-06 12:47 - 00156936 _____ () C:\Windows\SYSTEM32\bdfwcore.dll
2015-03-23 20:56 - 2015-08-17 19:11 - 00875864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2015-03-23 20:55 - 2015-08-17 19:11 - 00741952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2015-03-23 20:56 - 2015-08-17 19:11 - 02801464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2015-03-23 20:56 - 2015-08-17 19:11 - 01412512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2012-10-18 14:44 - 2012-10-18 14:44 - 03671176 _____ () C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe
2014-01-23 07:05 - 2014-01-23 07:05 - 08878248 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-10-18 14:43 - 2012-10-18 14:43 - 01486848 _____ () C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2012-10-18 14:41 - 2012-10-18 14:41 - 01324544 _____ () C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe
2014-07-02 18:38 - 2014-07-02 18:38 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2012-10-11 10:13 - 2012-10-11 10:13 - 00897536 _____ () C:\Program Files\Touro Cloud Backup\NativeControls7.dll
2012-10-18 14:41 - 2012-10-18 14:41 - 01484288 _____ () C:\Program Files\Touro Cloud Backup\OnlineBackupFacade.dll
2015-07-02 23:31 - 2015-07-02 23:31 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll
2015-09-30 21:49 - 2015-09-30 21:49 - 00071168 _____ () c:\Users\Diogo Vaille\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwdywnw.dll
2015-07-22 23:13 - 2015-09-02 20:03 - 00012800 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 18:45 - 2015-09-02 20:03 - 00779776 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:06 - 2015-09-02 20:03 - 00056320 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-22 23:13 - 2015-09-02 20:03 - 00012288 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-09-25 10:15 - 2015-09-23 23:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 10:15 - 2015-09-23 23:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-08-04 13:22 - 2015-08-04 13:22 - 00019040 _____ () C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2native.dll
2014-09-18 17:49 - 2013-10-23 17:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\Users\Diogo Vaille\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2534E512-2018-4D81-8AB6-CA12CF531985}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2754B754-6575-4789-B7EA-109001A16E70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F0CE20AF-79AD-4B3F-815D-789E67DFBD8C}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{0D848C3A-785D-473A-BF7B-C4F8AB5B019E}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A9AD8E44-4A65-4575-AA3D-BA46D69AA32F}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E79F9349-750C-4E8D-8F5F-91436AA9E469}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{71DBAF2F-3707-4474-A7FC-3B3BDF83F5CC}C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{42786EB0-60A9-43B0-90E6-FB0A37227F02}C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{6AE5837E-D556-41B5-8C19-5B45CE77499B}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{295801E1-585D-41C7-B7C0-74DFBEBB02A8}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{31CF5693-D9BB-47AD-8C7D-CF7A3AD3A43B}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{1A13D062-9A36-4EFE-817F-ADAB4CB99FD0}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{C10BF569-E17E-4D14-A8E1-CE71B31B56FC}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{D1ED842C-8B85-4D46-8F4E-F7502F20C0F1}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [{2C01F481-891E-49B6-9642-1C06E1F42742}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9FFB4D1-2B78-400D-9A1A-92ED69C95DED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC2CC42A-2C0E-4CCA-8F32-83B5B76E8B86}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{852CC7DB-AECA-416C-B538-D59B8354AF2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2DAFF880-FC70-4BD7-AFF5-3C1EA23E30F9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AB5753A2-8A79-4DE6-B73A-2A9F3C46D354}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D60EEA1-630B-4DD9-93B6-4C97AF3F2EAF}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{FF917041-80CB-4624-B145-0F8A36299C0D}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{198B0935-F434-4B16-A596-FF404D33929B}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{DD6C13E5-187C-48C7-972F-38DC15DE32F6}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{8728DC3B-9C61-46FA-BA3C-6D0A7EC456FF}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{DA1467F0-1C04-409E-973D-FCD978F8AB08}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{7FB59E13-39A3-4B3B-9B86-2705591A94E1}C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe
FirewallRules: [UDP Query User{B836B47F-3333-4511-9511-613D9F943C72}C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe
FirewallRules: [TCP Query User{D69895DE-FE5D-4BA3-820B-53C3B11AC323}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe
FirewallRules: [UDP Query User{2B7C93C8-1112-4A34-9363-0690D8A13D7A}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe
FirewallRules: [TCP Query User{A9016F06-A0D1-4870-BFD9-7CD010D3E004}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{5DDF0D02-90C6-4D2F-9708-DDF01FE6C328}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{6B6A06F2-4EE2-4BCA-8E47-238D39C46ACA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BE9157C4-55FE-49C4-BB4A-92C1FF6339B0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{80842492-E118-4885-8B62-756ABAB22886}] => (Allow) C:\Program Files (x86)\SoundTouch\SoundTouch.exe
FirewallRules: [{CA547C55-63B3-47C7-B144-82E05B1D3D30}] => (Allow) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe
FirewallRules: [TCP Query User{C62E3A54-F6E4-4471-AC67-561A3343D1F6}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{05915DC9-1E63-4424-AD94-FCDB59B261EC}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{DB40BD00-06D0-4F7B-82E7-3BB0D2DB2060}C:\program files (x86)\mozilla firefox\firefoxx.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefoxx.exe
FirewallRules: [UDP Query User{1756CD74-863A-4935-B03E-76E757B64AC7}C:\program files (x86)\mozilla firefox\firefoxx.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefoxx.exe
FirewallRules: [{DB0A4B30-E1E2-4617-9432-8351FD4B4AB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8DB2544A-92B3-4635-A62F-748B8D76FA62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF6EF969-58D6-4ADE-9D2E-E56F8CDF0B4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B753FE14-69DD-409A-B92B-77FA94321982}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66EC1D79-12FC-43E1-A5D4-7B458411A7F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{143A5902-6A51-4039-97C3-3B3D4EBE6EA3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2015 09:00:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10765

Error: (10/01/2015 09:00:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10765

Error: (10/01/2015 09:00:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2015 09:00:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9515

Error: (10/01/2015 09:00:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9515

Error: (10/01/2015 09:00:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2015 09:00:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8297

Error: (10/01/2015 09:00:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8297

Error: (10/01/2015 09:00:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2015 09:00:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7093


System errors:
=============
Error: (09/30/2015 09:46:03 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (09/30/2015 09:45:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Touro Cloud Backup Crawler service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueStacks Updater Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/30/2015 09:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueStacks Log Rotator Service service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2015-03-18 18:27:35.815
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 33%
Total physical RAM: 8075.53 MB
Available physical RAM: 5403.38 MB
Total Virtual: 9419.53 MB
Available Virtual: 6405.57 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:60.17 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:256.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6CD53F35)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

#6
Essexboy
Posted 01 October 2015 - 09:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Your Java is out of date so the update notice is legitimate :)

When you say that you need to speed the system up is this for boot or during normal usage ?
  • 0

#7
weile
Posted 02 October 2015 - 05:40 AM

weile

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Your Java is out of date so the update notice is legitimate :)

When you say that you need to speed the system up is this for boot or during normal usage ?

It's just durting web browser navegation....when change tabs, when pass over a button on facebook to open that little temporary windows while the mouse is over something.....it looks like chrome its pretty faster than firefox


  • 0

#8
Essexboy
Posted 02 October 2015 - 05:49 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets reset the network data and see if that helps any
Let me know how it is after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#9
weile
Posted 02 October 2015 - 08:43 AM

weile

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Great thanks.....I will browse a little bit over the web to check how it flows than I post here how is going on ;) but thanks anyway

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Diogo Vaille (2015-10-02 11:35:41) Run:3
Running from C:\Users\Diogo Vaille\Desktop
Loaded Profiles: Diogo Vaille (Available Profiles: Diogo Vaille & Usuário)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.

=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=========  netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========  netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Route, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  ipconfig /release =========


Windows IP Configuration

No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::3d14:9891:386a:27b6%3
   Default Gateway . . . . . . . . . :

========= End of CMD: =========


=========  ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.
No operation can be performed on Ethernet while it has its media disconnected.

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : Home
   Link-local IPv6 Address . . . . . : fe80::3d14:9891:386a:27b6%3
   IPv4 Address. . . . . . . . . . . : 192.168.1.3
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

========= End of CMD: =========


=========  netsh int ipv4 reset =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.


========= End of CMD: =========


=========  netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{E0F5EA00-9736-4DAC-8769-ECF6311DF367} canceled.
{5DD0B42C-4EF6-49B6-BECC-FB234D6A5395} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========
 


  • 0

#10
Essexboy
Posted 02 October 2015 - 08:49 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
:)
  • 0

#11
weile
Posted 05 October 2015 - 06:43 AM

weile

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Its seems pretty stable and fast.....thanks A LOT Essexboy and GeektoGo...you guys rocks.....keep this good work!!!


  • 0

#12
Essexboy
Posted 05 October 2015 - 08:04 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#13
Essexboy
Posted 09 October 2015 - 12:29 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: malware, java, firefox, not responding, new tab

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP