I dont remember exactly what I installed (maybe an add-on that I already removed, maybe a java/flash update installation, or maybe a software that asks to install yahoo search tool), but now everytime I open a new tab on firefox, it open on resource://jid1-g80ec8llebk5fq-at-jetpack/newtab/data/newtab.html
And my firefox is VERY slow, everytime keep stopping and saying "not responding" and after 5 seconds it gets back to normal slow navegation.
I've aready used: Spyhunter, AdwCleaner, Malwarebytes Anti-Malware
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Diogo Vaille (administrator) on ASUS-DIOGO-01 (30-09-2015 13:17:36)
Running from C:\Users\Diogo Vaille\Desktop
Loaded Profiles: Diogo Vaille (Available Profiles: Diogo Vaille & Usuário)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Baidu Inc.) C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
() C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2launcher.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Baidu PC Faster 5.1.0.0] => "C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [Touro Cloud Backup] => C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe [1324544 2012-10-18] ()
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [GoogleChromeAutoLaunch_D0B3ABAD4F9044A9098FE3F6D6EC93DC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Run: [Dropbox Update] => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.458\ASUSWSShellExt64.dll [2014-11-18] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => No File
ShellIconOverlayIdentifiers: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} => C:\Program Files\Touro Cloud Backup\ShellExtension\ShellExtension.dll [2012-10-18] ()
Startup: C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6FE72083-8DB1-456D-BA99-29CFE9B059FF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globo.com/
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2305498699-3212122031-866692255-1001 -> {854BE253-8917-40F5-8196-0EC9FEC1F2F6} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456
FF NewTab: resource://jid1-g80ec8llebk5fq-at-jetpack/newtab/data/newtab.html
FF Homepage: hxxp://g1.globo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-06] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-06] (Apple Inc.)
FF SearchPlugin: C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\searchplugins\soundcloud.xml [2015-03-23]
FF Extension: Fess Google Bookmark Extension - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\[email protected] [2015-06-23]
FF Extension: Wiktionary and Google Translate - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\[email protected] [2015-06-04]
FF Extension: Evernote Web Clipper - C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Profiles\orv1wg1n.default-1422983949456\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-09-17]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.netvibes.com/privatepage/1#Geral
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-09-16]
CHR Extension: (YouTube) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (TinyURL.com URL shortener (by Tiny-URL.info)) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpggaodbilneopgpjgbimgpaecdchfm [2015-03-24]
CHR Extension: (Cortex) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\decglnkhpfoocpafihfbeodhgofefaoc [2015-03-25]
CHR Extension: (Simple Google bookmarks) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2015-03-24]
CHR Extension: (RSS Subscription Extension Plus) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobjkkjbcmhohalobdalmmenogajjlaj [2015-03-24]
CHR Extension: (Pin It Button) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-07-06]
CHR Extension: (Clipular! Research, save & share screenshot) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjbgcjbgmcfgbgikmbdioggjlhjegpp [2015-03-25]
CHR Extension: (Shareaholic for Google Chrome™) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-25]
CHR Extension: (My Alerts) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkngaknldfkgfoeookhiheejgnbhpnak [2015-03-24]
CHR Extension: (feedly) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2015-03-25]
CHR Extension: (Save to Pocket) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-08-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Yahoo Web) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-08-04]
CHR Extension: (Evernote Web Clipper) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Diogo Vaille\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [7680 2014-07-02] (ASUS) [File not signed]
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1709552 2015-03-12] (Baidu Inc.) [File not signed]
R2 Touro Cloud Backup Crawler; C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe [3671176 2012-10-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2015-01-06] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2015-01-06] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2015-01-06] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 m76usb; C:\Windows\System32\drivers\m76usb.sys [539336 2014-04-09] (Ralink Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [502488 2014-05-08] (Realsil Semiconductor Corporation)
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 MpKsl8d151c0b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{77A941FF-8A20-4E00-8946-047C75409797}\MpKsl8d151c0b.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-30 13:17 - 2015-09-30 13:18 - 00027210 _____ C:\Users\Diogo Vaille\Desktop\FRST.txt
2015-09-30 13:15 - 2015-09-30 13:15 - 02192384 _____ (Farbar) C:\Users\Diogo Vaille\Desktop\FRST64.exe
2015-09-30 12:22 - 2015-09-30 12:22 - 00000191 _____ C:\spyhunter.fix
2015-09-30 11:03 - 2015-09-30 11:13 - 00002316 _____ C:\Users\Diogo Vaille\Desktop\SpyHunter.lnk
2015-09-30 11:03 - 2015-09-30 11:13 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-09-30 11:03 - 2015-09-30 11:03 - 00000000 ____D C:\sh4ldr
2015-09-30 11:03 - 2015-09-30 11:03 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-09-30 11:01 - 2015-09-30 11:12 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-09-30 10:54 - 2015-09-30 10:55 - 00000000 ____D C:\Users\Diogo Vaille\Downloads\SpyHunter 4.20.9.4533 Portable
2015-09-30 10:52 - 2015-09-30 10:54 - 14959010 _____ C:\Users\Diogo Vaille\Downloads\Spy Hunter PRO.rar
2015-09-30 10:39 - 2015-09-30 10:39 - 44409924 _____ C:\Users\Diogo Vaille\Downloads\SpyHunter 4.17.6.4336 (FULL + Patch).zip
2015-09-21 11:33 - 2015-09-21 11:33 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-21 11:33 - 2015-09-21 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-21 11:32 - 2015-09-21 11:33 - 00000000 ____D C:\Program Files\iTunes
2015-09-21 11:32 - 2015-09-21 11:32 - 00000000 ____D C:\Program Files\iPod
2015-09-21 11:32 - 2015-09-21 11:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-21 11:29 - 2015-09-21 11:29 - 00000000 ____D C:\Program Files\Bonjour
2015-09-21 11:29 - 2015-09-21 11:29 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-21 11:28 - 2015-09-21 11:28 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-09-21 11:28 - 2015-09-21 11:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-17 16:30 - 2015-09-17 16:37 - 21905071 _____ C:\Users\Diogo Vaille\Downloads\27sat.iMobie.AnyTrans.4.4.1.Multilingual.MacOSX.rar
2015-09-17 12:40 - 2015-09-17 12:40 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\vlc
2015-09-17 12:28 - 2015-09-17 12:45 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\SpotifyResolver
2015-09-17 12:27 - 2015-09-17 12:44 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\Tomahawk
2015-09-17 12:22 - 2015-09-17 12:22 - 00001021 _____ C:\Users\Diogo Vaille\Desktop\Tomahawk.lnk
2015-09-17 12:22 - 2015-09-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tomahawk
2015-09-17 12:21 - 2015-09-17 12:22 - 00000000 ____D C:\Program Files (x86)\Tomahawk
2015-09-17 12:19 - 2015-09-17 12:20 - 35828536 _____ C:\Users\Diogo Vaille\Downloads\tomahawk-0.8.4.exe
2015-09-16 15:30 - 2015-09-16 15:30 - 06849298 _____ C:\Users\Diogo Vaille\Downloads\iPhotoLibraryManager_421.zip
2015-09-09 09:39 - 2015-08-26 23:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 09:39 - 2015-08-26 15:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 09:39 - 2015-08-26 15:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 09:39 - 2015-08-26 11:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 09:39 - 2015-08-26 11:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 09:39 - 2015-08-26 11:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 09:39 - 2015-08-26 11:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 09:39 - 2015-08-26 11:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 09:38 - 2015-09-02 23:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 09:38 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 09:38 - 2015-09-02 15:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 09:38 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 09:38 - 2015-09-01 23:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 09:38 - 2015-09-01 23:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 09:38 - 2015-09-01 23:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 09:38 - 2015-09-01 23:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 09:38 - 2015-09-01 23:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 09:38 - 2015-08-22 15:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 09:38 - 2015-08-22 14:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 09:38 - 2015-08-22 14:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 09:38 - 2015-08-22 14:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 09:38 - 2015-08-22 14:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 09:38 - 2015-08-22 14:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 09:38 - 2015-08-22 13:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 09:38 - 2015-08-22 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 09:38 - 2015-08-22 13:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 09:38 - 2015-08-22 13:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 09:38 - 2015-08-22 13:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 09:38 - 2015-08-22 13:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 09:38 - 2015-08-22 13:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 09:38 - 2015-08-22 13:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 09:38 - 2015-08-22 13:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 09:38 - 2015-08-22 13:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 09:38 - 2015-08-22 13:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 09:38 - 2015-08-22 13:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 09:38 - 2015-08-22 13:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 09:38 - 2015-08-22 13:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 09:38 - 2015-08-22 13:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 09:38 - 2015-08-22 13:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 09:38 - 2015-08-22 13:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 09:38 - 2015-08-22 13:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 09:38 - 2015-08-22 13:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 09:38 - 2015-08-22 12:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 09:38 - 2015-08-22 12:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 09:38 - 2015-08-03 18:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 09:38 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 09:38 - 2015-08-01 11:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 09:38 - 2015-08-01 00:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 09:38 - 2015-08-01 00:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 09:38 - 2015-08-01 00:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 09:38 - 2015-08-01 00:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 09:38 - 2015-08-01 00:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 09:38 - 2015-07-30 14:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 09:38 - 2015-07-30 13:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 09:38 - 2015-07-22 11:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 09:38 - 2015-07-22 11:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 09:38 - 2015-07-22 11:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 09:38 - 2015-07-22 11:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 09:38 - 2015-07-22 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 09:38 - 2015-07-22 10:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 09:38 - 2015-07-18 15:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 09:38 - 2015-07-18 15:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 09:38 - 2015-07-18 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 09:38 - 2015-07-18 15:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 09:38 - 2015-07-17 11:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 09:38 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 09:38 - 2015-07-14 00:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-09-09 09:38 - 2015-07-13 16:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 09:38 - 2015-07-09 13:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-09 09:38 - 2015-07-03 18:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 09:38 - 2015-07-03 11:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-09 09:38 - 2015-06-27 08:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 09:38 - 2015-06-19 14:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-09 09:37 - 2015-07-10 16:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-04 15:52 - 2015-09-04 15:52 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-31 09:47 - 2015-08-31 09:47 - 00001859 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-31 09:47 - 2015-08-31 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-30 13:17 - 2015-08-04 12:00 - 00000000 ____D C:\FRST
2015-09-30 13:17 - 2014-12-08 23:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-30 13:14 - 2015-07-15 19:58 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42.job
2015-09-30 13:04 - 2015-06-18 11:54 - 00001086 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA.job
2015-09-30 13:00 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-30 12:52 - 2014-09-18 17:41 - 01391453 _____ C:\Windows\WindowsUpdate.log
2015-09-30 12:50 - 2014-12-11 09:11 - 00000000 ____D C:\Users\Diogo Vaille\advfn
2015-09-30 12:43 - 2014-12-15 13:53 - 00000000 ___RD C:\Users\Diogo Vaille\Dropbox
2015-09-30 12:41 - 2014-12-15 13:49 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\Dropbox
2015-09-30 12:41 - 2014-12-06 00:40 - 00000000 ___RD C:\Users\Diogo Vaille\OneDrive
2015-09-30 12:41 - 2014-09-20 18:32 - 00000094 _____ C:\Users\Diogo Vaille\AppData\Roaming\sp_data.sys
2015-09-30 12:40 - 2015-07-15 19:58 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814.job
2015-09-30 12:40 - 2015-03-18 10:13 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-30 12:29 - 2014-03-18 07:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-30 12:26 - 2015-03-23 20:42 - 00002347 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-09-30 12:25 - 2013-08-22 11:46 - 00224291 _____ C:\Windows\setupact.log
2015-09-30 12:25 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 12:23 - 2013-08-22 10:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-30 12:05 - 2014-09-20 18:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2305498699-3212122031-866692255-1001
2015-09-30 12:01 - 2015-05-11 10:49 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-09-30 12:01 - 2015-05-11 10:49 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-09-30 11:23 - 2015-03-18 10:13 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-30 11:17 - 2015-03-18 16:16 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\CrashDumps
2015-09-30 11:03 - 2015-01-26 18:28 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieBrowserModeList
2015-09-30 11:03 - 2014-09-20 19:47 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieUserList
2015-09-30 11:03 - 2014-09-20 19:47 - 00000000 __SHD C:\Users\Diogo Vaille\AppData\Local\EmieSiteList
2015-09-30 10:57 - 2014-12-09 10:05 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent
2015-09-30 10:05 - 2014-09-20 18:33 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0CDF39D-1E29-4293-ADD0-54C3E4C7AE5D}
2015-09-30 10:03 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-29 20:04 - 2015-06-18 11:54 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core.job
2015-09-23 10:01 - 2015-01-29 12:46 - 00000000 ____D C:\ProgramData\KMSAutoS
2015-09-22 11:17 - 2014-12-08 23:10 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-22 10:04 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-21 11:32 - 2014-12-23 08:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-21 11:28 - 2014-12-15 11:26 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-21 09:46 - 2015-03-18 10:13 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\Google
2015-09-17 12:27 - 2014-09-20 18:29 - 00000000 ____D C:\Users\Diogo Vaille\AppData\Local\VirtualStore
2015-09-16 12:09 - 2015-07-15 19:58 - 00004076 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42
2015-09-16 12:09 - 2015-07-15 19:58 - 00003840 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814
2015-09-15 12:13 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2015-09-15 10:00 - 2014-12-23 11:59 - 00633856 ___SH C:\Users\Diogo Vaille\Downloads\Thumbs.db
2015-09-14 22:18 - 2015-03-17 10:06 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 22:18 - 2015-03-17 10:06 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 12:50 - 2013-08-22 11:44 - 00482456 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 12:47 - 2014-03-18 06:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-12 12:47 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-10 11:14 - 2014-09-20 20:02 - 00000000 ____D C:\Windows\system32\MRT
2015-09-03 11:10 - 2015-08-28 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-03 11:10 - 2014-09-20 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-03 11:10 - 2014-03-18 06:54 - 00750946 _____ C:\Windows\PFRO.log
2015-08-31 09:47 - 2014-12-15 11:12 - 00000000 ____D C:\Program Files (x86)\QuickTime
==================== Files in the root of some directories =======
2014-09-20 18:32 - 2015-09-30 12:41 - 0000094 _____ () C:\Users\Diogo Vaille\AppData\Roaming\sp_data.sys
2015-03-23 18:45 - 2015-03-23 18:48 - 0011838 _____ () C:\Users\Diogo Vaille\AppData\Local\Temp-log.txt
2014-09-18 17:50 - 2014-09-18 17:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-18 18:09 - 2014-03-25 22:11 - 0000137 _____ () C:\ProgramData\RefreshReg.vbs
2014-05-16 17:02 - 2014-03-26 17:50 - 0000124 _____ () C:\ProgramData\SetStretch.cmd
2014-05-16 17:02 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-16 17:02 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Files to move or delete:
====================
C:\ProgramData\RefreshReg.vbs
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Diogo Vaille\AppData\Local\Temp\25C3ED7F-E5BD-C0C3-7BE7-86BE339D7A47.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\b6da719e-b2c5-4fa1-a318-660dd4c71990.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnu9lem.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\ose00000.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\Quarantine.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\SetupProPlusRetail.x86.en-US_ProPlusRetail_XRNFT-HG2FV-G74BP-7PVDC-JB29K_act_1_.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\SpOrder.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\sqlite3.dll
C:\Users\Diogo Vaille\AppData\Local\Temp\uninst.exe
C:\Users\Diogo Vaille\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-22 11:57
==================== End of FRST.txt ============================
ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Diogo Vaille (2015-09-30 13:19:19)
Running from C:\Users\Diogo Vaille\Desktop
Windows 8.1 (X64) (2014-09-20 21:28:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2305498699-3212122031-866692255-500 - Administrator - Disabled)
Diogo Vaille (S-1-5-21-2305498699-3212122031-866692255-1001 - Administrator - Enabled) => C:\Users\Diogo Vaille
Guest (S-1-5-21-2305498699-3212122031-866692255-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2305498699-3212122031-866692255-1003 - Limited - Enabled)
Usuário (S-1-5-21-2305498699-3212122031-866692255-1004 - Limited - Enabled) => C:\Users\Usuário
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
BitTorrent (HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-2305498699-3212122031-866692255-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoPro App (x32 Version: 5.6.509 - GoPro, Inc.) Hidden
GoPro Studio 2.5.6 (HKLM-x32\...\{8850d4d9-a0fc-453f-ba03-ec084375d0c2}) (Version: 2.5.6.509 - GoPro, Inc.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Malwarebytes Anti-Malware versão 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mediatek Bluetooth (HKLM\...\{F10FA818-DF9D-B070-DD53-94B07238F5DA}) (Version: 11.0.753.0 - Mediatek)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21255 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
rekordbox 3.2.0 (HKLM-x32\...\Pioneer rekordbox 3.2.0) (Version: 3.2.0.3059 - Pioneer)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SoundTouch (HKLM-x32\...\{9BA4ED09-6482-46F2-AC75-23EDC31B4BDD}) (Version: 7.2.21.8752 - BOSE)
SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Tomahawk (HKLM-x32\...\Tomahawk) (Version: 0.8.4 - Tomahawk-player.org)
Touro Cloud Backup 2.0.5 (HKLM\...\Touro Cloud Backup) (Version: 2.0.5 - Touro Cloud Backup)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.458 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305498699-3212122031-866692255-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Restore Points =========================
20-08-2015 09:28:57 Windows Update
10-09-2015 10:58:37 Windows Update
22-09-2015 10:01:45 Windows Update
30-09-2015 11:01:40 Installed SpyHunter
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-03-23 18:11 - 2015-09-30 11:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08418538-2270-499A-B6ED-8266978A78DB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {0AB29AFF-A61D-4000-9917-D5A2EA471489} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {0FDCDE5B-73B3-4B4F-8DDC-4E4DD76E24CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {269AF05C-68B1-4FE3-A1E4-E7137914BC36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2D650E32-82F3-429A-834C-E29AEB96A3C3} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-01-29] (MSfree Inc.)
Task: {32EEBFD3-8231-40A2-8162-7DA9ECD163AC} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {3AF1B7FA-4663-487A-B847-E48064B087F5} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {482CD76E-12D7-4D6B-9A59-2FBC77D123F9} - \248b10b1-a621-44f4-bebd-4c1b1cdfdcf6-10_user -> No File <==== ATTENTION
Task: {49EF5685-0586-40E4-BDF7-AA68BE1F0FF1} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {5653C609-1CA5-40EF-A9D3-F5706F5DDF03} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5E0E4D21-AD9E-46B4-A775-8E6C1F82D2C8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {6BFC942F-DC3F-444B-99B0-11825FBCF7FB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {7ABB773F-E1BB-400A-8423-AA3EC404503F} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe
Task: {8774C136-C6A5-48F5-B210-6A6E32035ABB} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {87A32F1E-6F38-4FB0-9DA1-63659017BC1D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {87DD05A9-4E9D-41F9-BEC0-0CDF6910DDB1} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {8EF29395-6D16-4F45-BC54-81990D27B9C7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9485DE53-A545-42AB-BA71-551EF997D4DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {A381FCBC-DB7B-4452-9F2A-77B366757047} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {AE28EA9E-7B25-4FCA-972A-E433782275CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {B4CDEB8C-3226-4663-BD7F-70F462FBD43E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {CE9BFBA5-C556-40D7-9CB7-81CCF87CC49C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-04] (ASUS)
Task: {CEA14622-4535-44B4-B7CB-7D09EDCAE74A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {DDBFC967-B82F-4DD3-81B6-34081F18C315} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {E2043940-71AB-4CD2-8C97-1E57D1CDC7F7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E3BC87A3-D570-41E4-A651-09F9804F7620} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E9A8665E-208B-4404-B1EF-47EFC7EC2793} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {FA3D6842-105B-4DD3-8EF3-EFAF11287AA7} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [2015-03-12] (Baidu Inc.)
Task: {FCC23DB8-BBCF-404E-AA9B-1830B5F419EB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001Core.job => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2305498699-3212122031-866692255-1001UA.job => C:\Users\Diogo Vaille\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf51c6fb0814.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf51c7fa7e42.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-02 18:38 - 2014-07-02 18:38 - 00016896 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-03-23 20:42 - 2015-01-06 12:47 - 00156936 _____ () C:\Windows\SYSTEM32\bdfwcore.dll
2015-03-23 20:56 - 2015-08-17 19:11 - 00875864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2015-03-23 20:55 - 2015-08-17 19:11 - 00741952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2015-03-23 20:56 - 2015-08-17 19:11 - 02801464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2015-03-23 20:56 - 2015-08-17 19:11 - 01412512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2012-10-18 14:44 - 2012-10-18 14:44 - 03671176 _____ () C:\Program Files\Touro Cloud Backup\Touro Cloud BackupCrawler.exe
2014-01-23 07:05 - 2014-01-23 07:05 - 08878248 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2012-10-18 14:43 - 2012-10-18 14:43 - 01486848 _____ () C:\Program Files\Touro Cloud Backup\ShellExtensionx64\ShellExtension.dll
2012-10-18 14:41 - 2012-10-18 14:41 - 01324544 _____ () C:\Program Files\Touro Cloud Backup\Touro Cloud Backup.exe
2014-07-02 18:38 - 2014-07-02 18:38 - 00009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2014-09-18 17:49 - 2013-10-23 17:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-04 00:01 - 2014-06-04 00:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2012-10-11 10:13 - 2012-10-11 10:13 - 00897536 _____ () C:\Program Files\Touro Cloud Backup\NativeControls7.dll
2012-10-18 14:41 - 2012-10-18 14:41 - 01484288 _____ () C:\Program Files\Touro Cloud Backup\OnlineBackupFacade.dll
2015-09-25 10:15 - 2015-09-23 23:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 10:15 - 2015-09-23 23:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-30 12:41 - 2015-09-30 12:41 - 00071168 _____ () c:\Users\Diogo Vaille\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnu9lem.dll
2015-07-22 23:13 - 2015-08-05 02:26 - 00012800 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 18:45 - 2015-08-05 02:26 - 00779776 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:06 - 2015-08-05 02:26 - 00056320 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-22 23:13 - 2015-08-05 02:26 - 00012288 _____ () C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-02 23:31 - 2015-07-02 23:31 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll
2015-08-04 13:22 - 2015-08-04 13:22 - 00019040 _____ () C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2native.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\Users\Diogo Vaille\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2305498699-3212122031-866692255-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Diogo Vaille\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2534E512-2018-4D81-8AB6-CA12CF531985}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2754B754-6575-4789-B7EA-109001A16E70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F0CE20AF-79AD-4B3F-815D-789E67DFBD8C}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{0D848C3A-785D-473A-BF7B-C4F8AB5B019E}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A9AD8E44-4A65-4575-AA3D-BA46D69AA32F}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E79F9349-750C-4E8D-8F5F-91436AA9E469}] => (Allow) C:\Users\Diogo Vaille\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{71DBAF2F-3707-4474-A7FC-3B3BDF83F5CC}C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{42786EB0-60A9-43B0-90E6-FB0A37227F02}C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\diogo vaille\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{6AE5837E-D556-41B5-8C19-5B45CE77499B}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{295801E1-585D-41C7-B7C0-74DFBEBB02A8}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{31CF5693-D9BB-47AD-8C7D-CF7A3AD3A43B}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{1A13D062-9A36-4EFE-817F-ADAB4CB99FD0}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{C10BF569-E17E-4D14-A8E1-CE71B31B56FC}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{D1ED842C-8B85-4D46-8F4E-F7502F20C0F1}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Block) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [{2C01F481-891E-49B6-9642-1C06E1F42742}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9FFB4D1-2B78-400D-9A1A-92ED69C95DED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC2CC42A-2C0E-4CCA-8F32-83B5B76E8B86}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{852CC7DB-AECA-416C-B538-D59B8354AF2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2DAFF880-FC70-4BD7-AFF5-3C1EA23E30F9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AB5753A2-8A79-4DE6-B73A-2A9F3C46D354}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D60EEA1-630B-4DD9-93B6-4C97AF3F2EAF}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [UDP Query User{FF917041-80CB-4624-B145-0F8A36299C0D}C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\rekordbox 3.exe
FirewallRules: [TCP Query User{198B0935-F434-4B16-A596-FF404D33929B}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [UDP Query User{DD6C13E5-187C-48C7-972F-38DC15DE32F6}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvnfsd.exe
FirewallRules: [TCP Query User{8728DC3B-9C61-46FA-BA3C-6D0A7EC456FF}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{DA1467F0-1C04-409E-973D-FCD978F8AB08}C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.1.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{7FB59E13-39A3-4B3B-9B86-2705591A94E1}C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe
FirewallRules: [UDP Query User{B836B47F-3333-4511-9511-613D9F943C72}C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\rekordbox 3.exe
FirewallRules: [TCP Query User{D69895DE-FE5D-4BA3-820B-53C3B11AC323}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe
FirewallRules: [UDP Query User{2B7C93C8-1112-4A34-9363-0690D8A13D7A}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvnfsd.exe
FirewallRules: [TCP Query User{A9016F06-A0D1-4870-BFD9-7CD010D3E004}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe
FirewallRules: [UDP Query User{5DDF0D02-90C6-4D2F-9708-DDF01FE6C328}C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe] => (Allow) C:\program files (x86)\pioneer\rekordbox 3.2.0\psvlinksysmgr.exe
FirewallRules: [TCP Query User{6B6A06F2-4EE2-4BCA-8E47-238D39C46ACA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BE9157C4-55FE-49C4-BB4A-92C1FF6339B0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{80842492-E118-4885-8B62-756ABAB22886}] => (Allow) C:\Program Files (x86)\SoundTouch\SoundTouch.exe
FirewallRules: [{CA547C55-63B3-47C7-B144-82E05B1D3D30}] => (Allow) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe
FirewallRules: [TCP Query User{C62E3A54-F6E4-4471-AC67-561A3343D1F6}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{05915DC9-1E63-4424-AD94-FCDB59B261EC}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{DB40BD00-06D0-4F7B-82E7-3BB0D2DB2060}C:\program files (x86)\mozilla firefox\firefoxx.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefoxx.exe
FirewallRules: [UDP Query User{1756CD74-863A-4935-B03E-76E757B64AC7}C:\program files (x86)\mozilla firefox\firefoxx.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefoxx.exe
FirewallRules: [{DB0A4B30-E1E2-4617-9432-8351FD4B4AB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8DB2544A-92B3-4635-A62F-748B8D76FA62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF6EF969-58D6-4ADE-9D2E-E56F8CDF0B4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B753FE14-69DD-409A-B92B-77FA94321982}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66EC1D79-12FC-43E1-A5D4-7B458411A7F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{143A5902-6A51-4039-97C3-3B3D4EBE6EA3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/30/2015 11:17:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 40.0.3.5716, time stamp: 0x55ddb213
Faulting module name: mozglue.dll, version: 40.0.3.5716, time stamp: 0x55dda062
Exception code: 0x80000003
Fault offset: 0x0000e250
Faulting process id: 0x10124
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5
Error: (09/30/2015 11:07:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpyHunter4.exe, version: 4.1.11.0, time stamp: 0x4bf29ca5
Faulting module name: ExecutionGuard.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0x121cc
Faulting application start time: 0xSpyHunter4.exe0
Faulting application path: SpyHunter4.exe1
Faulting module path: SpyHunter4.exe2
Report Id: SpyHunter4.exe3
Faulting package full name: SpyHunter4.exe4
Faulting package-relative application ID: SpyHunter4.exe5
Error: (09/30/2015 12:09:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3546
Error: (09/30/2015 12:09:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3546
Error: (09/30/2015 12:09:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/30/2015 12:09:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2390
Error: (09/30/2015 12:09:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2390
Error: (09/30/2015 12:09:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/30/2015 12:09:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156
Error: (09/30/2015 12:09:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156
System errors:
=============
Error: (09/29/2015 12:02:46 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MAURO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FE72083-8DB1-456D-BA99-29CFE9B059FF}.
The master browser is stopping or an election is being forced.
Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/24/2015 02:34:11 PM) (Source: DCOM) (EventID: 10010) (User: ASUS-DIOGO-01)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/22/2015 05:10:08 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MAURO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FE72083-8DB1-456D-BA99-29CFE9B059FF}.
The master browser is stopping or an election is being forced.
Error: (09/16/2015 09:50:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/11/2015 05:47:25 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer MAURO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{6FE72083-8DB1-456D-BA99-29CFE9B059FF}.
The master browser is stopping or an election is being forced.
Error: (09/10/2015 11:15:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
Error: (09/08/2015 04:48:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.14 did not allow the name to be claimed by
this computer.
CodeIntegrity:
===================================
Date: 2015-03-18 18:27:35.815
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 35%
Total physical RAM: 8075.53 MB
Available physical RAM: 5224.54 MB
Total Virtual: 9419.53 MB
Available Virtual: 6303 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:56.57 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:256.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6CD53F35)
Partition: GPT.
==================== End of Addition.txt ============================