Can you run a new FRST scan with Addition checked?
We are going to Orlando today. Back late.
Very sluggish computer. Suspecting malware.
Started by
Andre Silva
, Feb 02 2016 11:15 PM
#32
Posted 14 February 2016 - 07:50 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
On our way out the door.
Look through autoruns and see if there is anything else by GAS that you can uncheck.
Also try a new download of Avast. Perhaps without the reboot you will still own the file.
#33
Posted 14 February 2016 - 12:39 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
Hey RKinner! I'm in Orlando too. Wish I knew you were coming. Would have definitely bought you a cup o' joe 
I ran FRST. Here are the logs. I'm also going to look through autoruns and download a new file for Avast next.
Thank you!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Izilda (administrator) on IZILDA-HP (14-02-2016 13:02:27)
Running from C:\Users\Izilda\Desktop
Loaded Profiles: Izilda (Available Profiles: Izilda & Deco)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
(Dropbox, Inc.) C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
(Dropbox, Inc.) C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2012-02-07] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Run: [Google Update] => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Run: [Dropbox Update] => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\MountPoints2: {520b7578-3f36-11e1-9d4c-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2014-05-30]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2 192.168.1.1
Tcpip\..\Interfaces\{0211F5D2-0B48-4A83-8097-2D3C20677B0B}: [DhcpNameServer] 65.32.5.111 65.32.5.112 192.168.1.1
Tcpip\..\Interfaces\{894FB0E4-5432-4A2A-B791-AB7238B6F4E2}: [DhcpNameServer] 200.142.132.32 200.220.227.57
Tcpip\..\Interfaces\{E66EA923-D0B8-4739-A6C2-1045AE207BFE}: [DhcpNameServer] 75.114.81.1 75.114.81.2 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-27] (Hewlett-Packard)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-27] (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll [2011-09-07] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-31] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-31] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-03-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-06-02] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-28] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @talk.google.com/O1DPlugin -> C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/bb -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-06-10] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/cef -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2015-01-17] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/uni -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-01-15] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Izilda\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Izilda\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777\searchplugins\yahoo-avast.xml [2014-06-13]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2016-02-12] [not signed]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-01-17] [not signed]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF Extension: GBBD Guardião - Itaú 30 horas - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-03-24] [not signed]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-05-04] [not signed]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2015-09-15]
CHR HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-06-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-13] (WildTangent)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-01-12] (Nitro PDF Software)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
S4 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30352 2015-05-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S4 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-02-13] (GAS Tecnologia)
S4 gbpddfac; C:\Windows\SysWOW64\drivers\gbpddfac64.sys [28888 2015-08-26] (GAS Tecnologia)
S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
S4 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-01-12] (GAS Tecnologia)
S4 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S4 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-14 13:02 - 2016-02-14 13:02 - 00029259 _____ C:\Users\Izilda\Desktop\FRST.txt
2016-02-14 00:05 - 2016-02-01 02:10 - 00616616 ____N (Sysinternals - www.sysinternals.com) C:\Users\Izilda\Downloads\autorunsc.exe
2016-02-14 00:05 - 2016-02-01 02:08 - 00704672 ____N (Sysinternals - www.sysinternals.com) C:\Users\Izilda\Downloads\Autoruns.exe
2016-02-14 00:05 - 2016-02-01 02:05 - 00050512 ____N C:\Users\Izilda\Downloads\autoruns.chm
2016-02-14 00:05 - 2015-01-26 09:19 - 00002009 ____N C:\Users\Izilda\Downloads\Eula.txt
2016-02-14 00:04 - 2016-02-14 00:04 - 00615478 _____ C:\Users\Izilda\Downloads\Autoruns.zip
2016-02-13 22:55 - 2016-02-13 22:57 - 00002184 _____ C:\VEW.txt
2016-02-13 18:25 - 2016-02-13 18:25 - 00061440 _____ ( ) C:\Users\Izilda\Desktop\VEW.exe
2016-02-13 11:09 - 2016-02-13 11:19 - 00002546 _____ C:\Users\Izilda\Desktop\Search.txt
2016-02-13 11:08 - 2016-02-13 11:08 - 02370560 _____ (Farbar) C:\Users\Izilda\Desktop\FRST64.exe
2016-02-13 10:24 - 2016-02-13 10:24 - 05207096 _____ (AVAST Software) C:\Users\Izilda\Downloads\avast_free_antivirus_setup_online.exe
2016-02-13 00:19 - 2016-02-13 00:19 - 02612608 _____ (Banco do Brasil SA) C:\Users\Deco\Downloads\DiagnosticoBB.exe
2016-02-13 00:18 - 2016-02-13 00:18 - 00000000 ____D C:\Users\Deco\AppData\Local\Macromedia
2016-02-13 00:17 - 2016-02-13 00:17 - 00000000 ____D C:\Users\Deco\AppData\Local\GWX
2016-02-13 00:16 - 2016-02-13 00:16 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Mozilla
2016-02-13 00:16 - 2016-02-13 00:16 - 00000000 ____D C:\Users\Deco\AppData\Local\Mozilla
2016-02-12 20:13 - 2016-02-12 20:13 - 00125744 _____ C:\Users\Deco\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-12 20:13 - 2016-02-12 20:13 - 00000000 ____D C:\Users\Deco\AppData\Roaming\ATI
2016-02-12 20:13 - 2016-02-12 20:13 - 00000000 ____D C:\Users\Deco\AppData\Local\ATI
2016-02-12 20:13 - 2016-02-12 20:13 - 00000000 ____D C:\Users\Deco\AppData\Local\AMD
2016-02-12 20:12 - 2016-02-12 20:12 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FE43D1CD-704E-4B71-9B67-9370A8200CB2}
2016-02-12 20:12 - 2016-02-12 20:12 - 00001373 _____ C:\Users\Deco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-12 20:12 - 2016-02-12 20:12 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Synaptics
2016-02-12 20:12 - 2016-02-12 20:12 - 00000000 ____D C:\Users\Deco\AppData\Roaming\hpqLog
2016-02-12 20:12 - 2016-02-12 20:12 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Adobe
2016-02-12 20:11 - 2016-02-13 10:56 - 00000000 ____D C:\Users\Deco\AppData\LocalLow\AuthenTec
2016-02-12 20:11 - 2016-02-12 20:12 - 00000000 ____D C:\Users\Deco\AppData\Local\Google
2016-02-12 20:11 - 2016-02-12 20:12 - 00000000 ____D C:\Users\Deco
2016-02-12 20:11 - 2016-02-12 20:11 - 00000020 ___SH C:\Users\Deco\ntuser.ini
2016-02-12 20:11 - 2016-02-12 20:11 - 00000000 _SHDL C:\Users\Deco\My Documents
2016-02-12 20:11 - 2016-02-12 20:11 - 00000000 _SHDL C:\Users\Deco\Documents\My Videos
2016-02-12 20:11 - 2016-02-12 20:11 - 00000000 _SHDL C:\Users\Deco\Documents\My Pictures
2016-02-12 20:11 - 2016-02-12 20:11 - 00000000 _SHDL C:\Users\Deco\Documents\My Music
2016-02-12 20:11 - 2016-02-12 20:11 - 00000000 ____D C:\Users\Deco\AppData\Local\VirtualStore
2016-02-12 20:11 - 2015-01-17 11:16 - 00000000 ____D C:\Users\Deco\AppData\Local\Trusteer
2016-02-12 20:11 - 2013-02-01 06:02 - 00000000 ____D C:\Users\Deco\AppData\Roaming\TuneUp Software
2016-02-12 20:11 - 2012-09-20 00:25 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Macromedia
2016-02-12 20:11 - 2012-01-15 22:03 - 00000000 ____D C:\Users\Deco\AppData\Local\Microsoft Help
2016-02-12 20:11 - 2011-10-06 12:58 - 00000000 ____D C:\Users\Deco\AppData\Roaming\Media Center Programs
2016-02-12 19:32 - 2016-02-12 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-12 19:10 - 2016-02-12 19:10 - 00000207 _____ C:\Windows\tweaking.com-regbackup-IZILDA-HP-Windows-7-Home-Premium-(64-bit).dat
2016-02-12 19:10 - 2016-02-12 19:10 - 00000000 ____D C:\RegBackup
2016-02-12 19:04 - 2016-02-12 19:04 - 00003658 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-02-12 19:04 - 2016-02-12 19:04 - 00002119 _____ C:\Users\Izilda\Desktop\Tweaking.com - Windows Repair.lnk
2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-02-12 19:03 - 2016-02-12 19:04 - 00183488 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2016-02-12 19:03 - 2016-02-12 19:03 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-02-12 19:02 - 2016-02-12 19:02 - 21771104 _____ (Tweaking.com) C:\Users\Izilda\Downloads\tweaking.com_windows_repair_aio_setup.exe
2016-02-12 00:28 - 2016-02-12 00:28 - 02612608 _____ (Banco do Brasil SA) C:\Users\Izilda\Downloads\DiagnosticoBB(1).exe
2016-02-12 00:20 - 2016-02-12 00:20 - 02612608 _____ (Banco do Brasil SA) C:\Users\Izilda\Downloads\DiagnosticoBB.exe
2016-02-12 00:17 - 2016-02-12 00:17 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-12 00:17 - 2016-02-12 00:17 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-11 22:02 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-02-11 22:02 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-02-11 22:02 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-02-11 22:02 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-02-11 22:02 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-02-11 22:02 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-02-11 22:01 - 2016-01-06 14:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-11 22:01 - 2016-01-06 13:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-11 22:01 - 2015-12-08 16:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-11 22:01 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-02-11 22:01 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-11 22:01 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-02-11 22:01 - 2015-12-08 16:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-02-11 22:01 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-02-11 22:01 - 2015-12-08 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-11 22:01 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-02-11 22:01 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-11 22:01 - 2015-12-08 14:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-11 22:01 - 2015-12-08 14:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-11 22:01 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-02-11 22:01 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-11 22:01 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-02-11 22:01 - 2015-11-16 15:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-11 22:00 - 2016-02-06 05:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-11 22:00 - 2016-02-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-11 22:00 - 2016-02-06 05:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-11 22:00 - 2016-02-06 05:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-11 22:00 - 2016-02-06 05:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-11 22:00 - 2016-02-06 05:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-11 22:00 - 2016-02-06 04:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-11 22:00 - 2016-02-06 04:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-11 22:00 - 2016-02-06 04:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-11 22:00 - 2016-02-06 04:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-11 22:00 - 2016-02-06 04:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-11 22:00 - 2016-02-06 04:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-11 22:00 - 2016-02-06 04:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-11 22:00 - 2016-02-06 03:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-11 22:00 - 2016-01-16 14:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-11 22:00 - 2016-01-16 13:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-11 21:59 - 2016-01-22 15:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-11 21:59 - 2016-01-22 15:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-11 21:59 - 2016-01-22 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-11 21:59 - 2016-01-22 01:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-11 21:59 - 2016-01-22 01:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-11 21:59 - 2016-01-22 01:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-11 21:59 - 2016-01-22 01:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-11 21:59 - 2016-01-22 01:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-11 21:59 - 2016-01-22 01:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-11 21:59 - 2016-01-22 01:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-11 21:59 - 2016-01-22 01:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-11 21:59 - 2016-01-22 01:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-11 21:59 - 2016-01-22 01:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-11 21:59 - 2016-01-22 01:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-11 21:59 - 2016-01-22 01:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-11 21:59 - 2016-01-22 00:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-11 21:59 - 2016-01-22 00:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-11 21:59 - 2016-01-22 00:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-11 21:59 - 2016-01-22 00:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-11 21:59 - 2016-01-22 00:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-11 21:59 - 2016-01-22 00:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-11 21:59 - 2016-01-22 00:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-11 21:59 - 2016-01-22 00:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-11 21:59 - 2016-01-22 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-11 21:59 - 2016-01-22 00:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-11 21:59 - 2016-01-22 00:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-11 21:59 - 2016-01-22 00:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-11 21:59 - 2016-01-22 00:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-11 21:59 - 2016-01-22 00:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-11 21:59 - 2016-01-22 00:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-11 21:59 - 2016-01-22 00:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-11 21:59 - 2016-01-22 00:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-11 21:58 - 2016-01-22 01:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-11 21:58 - 2016-01-22 01:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-11 21:58 - 2016-01-22 01:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-11 21:58 - 2016-01-22 01:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-11 21:58 - 2016-01-22 01:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-11 21:58 - 2016-01-22 01:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-11 21:58 - 2016-01-22 01:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-11 21:58 - 2016-01-22 01:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-11 21:58 - 2016-01-22 01:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-11 21:58 - 2016-01-22 01:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-11 21:58 - 2016-01-22 01:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-11 21:58 - 2016-01-22 01:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-11 21:58 - 2016-01-22 00:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-11 21:58 - 2016-01-22 00:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-11 21:58 - 2016-01-22 00:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-11 21:58 - 2016-01-22 00:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-11 21:58 - 2016-01-22 00:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-11 21:58 - 2016-01-22 00:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-11 21:58 - 2016-01-22 00:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-11 21:58 - 2016-01-22 00:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-11 21:57 - 2016-01-11 14:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-11 21:57 - 2016-01-11 14:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-11 21:57 - 2016-01-11 14:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-11 21:57 - 2016-01-11 13:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-11 21:57 - 2016-01-11 13:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-11 21:57 - 2016-01-11 13:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-11 21:57 - 2016-01-11 13:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-11 21:57 - 2016-01-11 13:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-11 21:57 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-11 21:57 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-11 21:57 - 2016-01-11 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-11 21:57 - 2016-01-11 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-11 21:57 - 2016-01-11 13:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-11 21:57 - 2016-01-11 13:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-11 21:57 - 2016-01-11 13:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-11 21:57 - 2016-01-11 13:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-11 21:57 - 2016-01-07 12:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 21:57 - 2015-12-20 13:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-11 21:57 - 2015-12-20 13:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-11 21:57 - 2015-12-20 09:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-11 21:56 - 2016-01-07 12:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 21:55 - 2016-01-16 14:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-11 21:54 - 2016-01-22 01:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 21:54 - 2016-01-22 01:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-11 21:54 - 2016-01-22 01:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-11 21:54 - 2016-01-22 01:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-11 21:54 - 2016-01-22 01:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 21:54 - 2016-01-22 01:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-11 21:54 - 2016-01-22 01:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-11 21:54 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-11 21:54 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 21:54 - 2016-01-22 01:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-11 21:54 - 2016-01-22 01:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-11 21:54 - 2016-01-22 01:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-11 21:54 - 2016-01-22 01:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 21:54 - 2016-01-22 01:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-11 21:54 - 2016-01-22 01:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 21:54 - 2016-01-22 01:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 21:54 - 2016-01-22 01:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-11 21:54 - 2016-01-22 01:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-11 21:54 - 2016-01-22 01:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-11 21:54 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 21:54 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-11 21:54 - 2016-01-22 01:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-11 21:54 - 2016-01-22 01:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-11 21:54 - 2016-01-22 01:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-11 21:54 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-11 21:54 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-11 21:54 - 2016-01-22 00:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-11 21:54 - 2016-01-22 00:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-11 21:54 - 2016-01-22 00:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-11 21:54 - 2016-01-21 23:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-11 21:54 - 2016-01-21 23:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-11 21:54 - 2016-01-21 23:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-11 21:54 - 2016-01-21 23:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-11 21:54 - 2016-01-21 23:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-11 21:54 - 2016-01-21 23:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-11 21:54 - 2016-01-21 23:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-11 21:54 - 2016-01-21 23:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-11 21:54 - 2016-01-21 23:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-11 21:54 - 2016-01-21 23:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-11 21:54 - 2016-01-16 13:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-11 21:53 - 2016-01-22 01:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-11 21:53 - 2016-01-22 01:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-11 21:53 - 2016-01-22 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-11 21:53 - 2016-01-22 01:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-11 21:53 - 2016-01-22 01:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-11 21:53 - 2016-01-22 01:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-11 21:53 - 2016-01-22 01:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-11 21:53 - 2016-01-22 01:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-11 21:53 - 2016-01-22 01:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-11 21:53 - 2016-01-22 01:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-11 21:53 - 2016-01-22 00:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-11 21:53 - 2016-01-22 00:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-11 21:53 - 2016-01-22 00:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-11 21:53 - 2016-01-22 00:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-11 21:53 - 2015-12-08 16:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-02-11 21:53 - 2015-12-08 14:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-11 20:49 - 2015-11-08 16:20 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFDAC.tmp
2016-02-11 20:49 - 2015-11-08 16:20 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA8C.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswACC.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswB2A.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw26E.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw54D.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\asw628.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw30B.tmp
2016-02-06 23:50 - 2016-02-07 01:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-03 23:23 - 2016-02-03 23:23 - 00000000 ____D C:\ProgramData\BlueStacks
2016-02-03 20:34 - 2016-02-03 20:34 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\IDT
2016-02-03 00:08 - 2016-02-14 13:02 - 00000000 ____D C:\FRST
2016-01-25 23:08 - 2016-01-25 23:08 - 00001495 _____ C:\Users\Izilda\Downloads\documento (10).pdf
2016-01-25 23:05 - 2016-01-25 23:05 - 00001503 _____ C:\Users\Izilda\Downloads\documento (9).pdf
2016-01-21 23:08 - 2016-01-21 23:08 - 00196361 _____ C:\Users\Izilda\Downloads\Apresentacao SEO - 2016.pdf
2016-01-19 02:47 - 2016-01-19 02:47 - 00004136 _____ C:\Users\Izilda\Downloads\extrato-outubro-2015.pdf
2016-01-19 02:46 - 2016-01-19 02:47 - 00007169 _____ C:\Users\Izilda\Downloads\extrato-outubro-2015.ofx
2016-01-19 02:46 - 2016-01-19 02:46 - 00009221 _____ C:\Users\Izilda\Downloads\extrato-novembro2015.ofx
2016-01-19 02:46 - 2016-01-19 02:46 - 00004720 _____ C:\Users\Izilda\Downloads\extrato-novembro-2015.pdf
2016-01-19 02:45 - 2016-01-19 02:45 - 00007231 _____ C:\Users\Izilda\Downloads\extrato-dezembro2015.ofx
2016-01-19 02:45 - 2016-01-19 02:45 - 00004249 _____ C:\Users\Izilda\Downloads\extrato-dezembro2015.pdf
2016-01-19 01:18 - 2016-01-19 01:18 - 00009795 _____ C:\Users\Izilda\Downloads\extrato.ofx
2016-01-19 01:08 - 2016-01-19 01:08 - 00005905 _____ C:\Users\Izilda\Downloads\extrato.pdf
2016-01-18 22:45 - 2016-01-18 22:45 - 00016554 _____ C:\Users\Izilda\Downloads\5393996031.html
2016-01-17 03:03 - 2016-01-17 03:03 - 00659254 _____ C:\Users\Izilda\Downloads\SecureMessage.pdf
2016-01-17 02:59 - 2016-01-17 02:59 - 00623810 _____ C:\Users\Izilda\Downloads\12-20-2015 (2).pdf
2016-01-17 02:30 - 2016-01-17 02:30 - 00623810 _____ C:\Users\Izilda\Downloads\12-20-2015 (1).pdf
2016-01-17 02:28 - 2016-01-17 02:28 - 00015182 _____ C:\Users\Izilda\Downloads\Document.pdf
2016-01-17 02:28 - 2016-01-17 02:28 - 00015182 _____ C:\Users\Izilda\Downloads\Document (1).pdf
2016-01-15 08:19 - 2016-01-15 08:19 - 00308224 _____ C:\Users\Izilda\Downloads\Briefing - Logomarca-1.xls
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-14 13:01 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-14 13:01 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-14 12:59 - 2013-01-07 20:02 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2016-02-14 12:59 - 2012-03-06 21:08 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-14 12:54 - 2013-11-17 23:08 - 00000000 ___RD C:\Users\Izilda\Dropbox
2016-02-14 12:53 - 2013-11-17 23:04 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\Dropbox
2016-02-14 12:52 - 2012-03-06 21:08 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 12:52 - 2012-01-14 17:24 - 00000000 ____D C:\Users\Izilda\AppData\LocalLow\AuthenTec
2016-02-14 12:51 - 2012-11-30 16:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-02-14 12:51 - 2012-01-15 18:42 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-02-14 12:51 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-14 00:15 - 2015-06-16 01:05 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2016-02-13 22:55 - 2013-05-25 23:50 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2016-02-13 20:58 - 2013-01-07 20:02 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2016-02-13 20:15 - 2015-06-16 01:05 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2016-02-13 18:21 - 2015-08-27 21:03 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-02-13 10:54 - 2013-10-06 11:36 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-13 01:55 - 2013-05-25 23:50 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2016-02-12 23:49 - 2012-11-26 14:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-12 22:55 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-02-12 20:08 - 2012-01-14 17:33 - 00125744 _____ C:\Users\Izilda\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-12 20:03 - 2012-11-10 13:04 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-12 20:02 - 2009-07-13 23:45 - 05096648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-12 19:06 - 2012-11-25 14:51 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIzilda
2016-02-12 19:06 - 2012-11-25 14:51 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForIzilda.job
2016-02-12 19:01 - 2009-07-14 00:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 19:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-02-12 18:30 - 2014-12-11 10:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-12 18:30 - 2014-05-06 08:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-12 18:24 - 2012-11-20 16:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-12 18:24 - 2011-08-29 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-12 04:51 - 2013-07-20 01:00 - 00000000 ____D C:\Windows\system32\MRT
2016-02-12 04:33 - 2012-01-29 12:01 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-12 04:29 - 2013-03-14 06:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-12 02:36 - 2015-12-03 18:28 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-12 02:36 - 2011-08-29 20:31 - 00000000 ____D C:\ProgramData\RoxioNow
2016-02-12 02:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-02-12 01:06 - 2012-12-03 10:26 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIZILDA-HP$
2016-02-12 01:06 - 2012-12-03 10:26 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForIZILDA-HP$.job
2016-02-12 00:27 - 2013-10-18 15:35 - 00000000 ____D C:\ProgramData\Oracle
2016-02-12 00:26 - 2014-12-09 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-12 00:26 - 2011-08-29 20:42 - 00000000 ____D C:\Program Files\Java
2016-02-12 00:24 - 2015-09-01 22:14 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-12 00:24 - 2015-09-01 22:14 - 00000000 ____D C:\Users\Izilda\.oracle_jre_usage
2016-02-12 00:17 - 2012-03-06 21:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-12 00:14 - 2014-12-04 14:07 - 00000000 __SHD C:\Users\Izilda\AppData\Local\EmieBrowserModeList
2016-02-12 00:14 - 2014-06-12 15:00 - 00000000 __SHD C:\Users\Izilda\AppData\Local\EmieUserList
2016-02-12 00:14 - 2014-06-12 15:00 - 00000000 __SHD C:\Users\Izilda\AppData\Local\EmieSiteList
2016-02-12 00:13 - 2012-01-14 18:57 - 00000000 ____D C:\Users\Izilda\AppData\Local\CrashDumps
2016-02-12 00:06 - 2012-01-14 22:08 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\Skype
2016-02-12 00:00 - 2012-09-19 01:45 - 00000000 ____D C:\Users\Izilda\Desktop\Andre
2016-02-11 23:54 - 2012-11-01 09:59 - 05225984 ___SH C:\Users\Izilda\Desktop\Thumbs.db
2016-02-11 23:43 - 2012-01-14 17:23 - 00000000 ____D C:\Users\Izilda
2016-02-11 23:26 - 2015-04-08 23:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-11 23:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-11 23:25 - 2012-09-19 00:22 - 00000000 ____D C:\Users\Izilda\Desktop\Doctor Virtual
2016-02-11 23:24 - 2012-01-14 17:26 - 00000000 ____D C:\Users\Izilda\AppData\Local\Hewlett-Packard
2016-02-11 23:23 - 2015-12-13 18:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-11 23:23 - 2015-05-04 13:34 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-02-11 23:23 - 2015-05-04 13:34 - 00000000 ____D C:\Program Files\Diebold
2016-02-11 23:23 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-11 23:07 - 2012-01-14 22:08 - 00000000 ____D C:\ProgramData\Skype
2016-02-11 21:20 - 2012-01-14 17:37 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E9E6BA8C-07EE-4923-A62A-9A3F663A7BF5}
2016-02-11 21:00 - 2012-11-30 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
2016-02-11 20:54 - 2013-01-07 20:02 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA
2016-02-11 20:54 - 2013-01-07 20:02 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core
2016-02-11 20:54 - 2012-03-06 21:08 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-11 20:54 - 2012-03-06 21:08 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-05 18:11 - 2012-04-10 18:32 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\Nitro PDF
2016-02-05 02:57 - 2013-08-15 12:33 - 00001456 _____ C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-02-04 08:41 - 2011-10-06 12:58 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-02-03 18:48 - 2012-01-15 18:42 - 00000000 ____D C:\ProgramData\GbPlugin
2016-02-03 01:11 - 2012-07-12 17:34 - 09390592 ___SH C:\Users\Izilda\Downloads\Thumbs.db
2016-01-27 12:20 - 2012-04-10 18:29 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\PrimoPDF
2016-01-25 21:45 - 2013-08-16 14:10 - 00000132 _____ C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-01-21 22:28 - 2012-11-23 00:31 - 00000000 ____D C:\Users\Izilda\Downloads\00-Fotos de Caetano
==================== Files in the root of some directories =======
2012-09-21 23:29 - 2013-02-26 23:36 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-09-26 14:32 - 2013-07-11 19:01 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-08-16 14:10 - 2016-01-25 21:45 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-10-15 22:54 - 2013-10-15 22:54 - 0009321 _____ () C:\Users\Izilda\AppData\Roaming\Comma Separated Values (DOS).EML
2013-05-07 22:04 - 2013-05-07 22:04 - 0009327 _____ () C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
2012-12-24 17:41 - 2014-12-03 15:34 - 0009316 _____ () C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
2013-06-19 13:30 - 2013-06-19 13:30 - 0012679 _____ () C:\Users\Izilda\AppData\Roaming\unins000.dat
2013-06-19 13:30 - 2013-06-19 13:30 - 0720594 _____ () C:\Users\Izilda\AppData\Roaming\unins000.exe
2015-05-04 13:32 - 2015-05-04 13:42 - 0035522 _____ () C:\Users\Izilda\AppData\Roaming\unins001.dat
2015-05-04 13:42 - 2015-05-04 13:41 - 0813729 _____ () C:\Users\Izilda\AppData\Roaming\unins001.exe
2014-03-24 11:11 - 2014-03-24 11:11 - 0016594 _____ () C:\Users\Izilda\AppData\Roaming\unins002.dat
2014-03-24 11:11 - 2014-03-24 11:11 - 0718497 _____ () C:\Users\Izilda\AppData\Roaming\unins002.exe
2014-01-02 17:26 - 2014-01-06 21:26 - 0000098 _____ () C:\Users\Izilda\AppData\Roaming\WB.CFG
2014-01-02 17:26 - 2014-01-06 21:26 - 0000005 _____ () C:\Users\Izilda\AppData\Roaming\WBPU-TTL.DAT
2012-09-23 22:32 - 2013-07-13 09:04 - 0001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-08-15 12:33 - 2016-02-05 02:57 - 0001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-01-22 12:10 - 2014-02-05 13:14 - 0004096 ____H () C:\Users\Izilda\AppData\Local\keyfile3.drm
2012-11-12 20:20 - 2012-11-12 20:20 - 0000892 _____ () C:\Users\Izilda\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Izilda\AppData\Local\Temp\2lj4u2du.dll
C:\Users\Izilda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp71xpte.dll
C:\Users\Izilda\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Izilda\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-08 00:41
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Izilda (2016-02-14 13:03:18)
Running from C:\Users\Izilda\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-14 22:23:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3190529940-644357419-2377663512-500 - Administrator - Disabled)
Deco (S-1-5-21-3190529940-644357419-2377663512-1017 - Administrator - Enabled) => C:\Users\Deco
Guest (S-1-5-21-3190529940-644357419-2377663512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3190529940-644357419-2377663512-1003 - Limited - Enabled)
Izilda (S-1-5-21-3190529940-644357419-2377663512-1001 - Administrator - Enabled) => C:\Users\Izilda
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.271 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.1 (HKLM-x32\...\Ashampoo Burning Studio 12_is1) (Version: 12.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 12 v.12.0.3 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.3 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{942836D4-5395-652B-F1E8-A7C5B039910C}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ColorMania 3.2 (HKLM-x32\...\ColorMania_is1) (Version: 3.2 - Blacksun Software)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Files Opened (HKLM-x32\...\Files Opened) (Version: 1.0 - )
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
GBBD Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.7.1.1 - )
Google Apps Migration For Microsoft Outlook® 4.0.27.0 (HKLM-x32\...\{8806AF1D-5161-489E-9E17-086CCC518931}) (Version: 4.0.27.0 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
IZArc 3.81 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LinkAssistant (HKLM-x32\...\seopowersuite) (Version: - )
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13291.0 - Linksys LLC)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Módulo Adicional de Segurança CAIXA (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: Módulo Adicional de Segurança CAIXA - )
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nitro PDF Professional (HKLM\...\{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}) (Version: 6.2.0.44 - Nitro PDF Software)
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
OmniPage SE 2.0 (HKLM-x32\...\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}) (Version: 2.00.0004 - ScanSoft, Inc.)
OpenSubtitlesPlayer V4.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version: - ALLCinema Ltd.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.5.33 - Intuit)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.02.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.01 - Serpro - Serviço Federal de Processamento de Dados)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38843 - TeamViewer)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.8.2 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VOIP Recorder (HKLM-x32\...\{68EAD428-8B16-4CE3-832B-6E63B11852C0}) (Version: 1.0.51 - PenBay Networks)
Warsaw 1.11.0.42826 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01349F0A-062F-4458-A4D5-C2CD2096CD52} - System32\Tasks\Google Updater and Installer => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {05E7E90B-C156-49C2-B80B-5A7B90F6B2D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {09EC1C04-6923-4186-8E0D-CC9C67862FC7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {0EE9EEF0-21B1-45E3-B7CF-F59434679A53} - System32\Tasks\{086040D7-8B51-4901-9C99-9A59D7D1A236} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain
Task: {109083C1-DC1D-41C0-9B37-5E48DBCCC782} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {162C6DBE-2A6F-4E34-983E-0228EF8D5CE0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {282DE240-CE05-41F1-A409-219F5E54A651} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-12-03] (HP Inc.)
Task: {2C7FFEAB-6D34-456B-BBC7-96D4D89DCE86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2016-02-03] (Microsoft)
Task: {33D9E3D2-3090-46CA-B65A-8F6D8252BC0B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {375C903F-EA55-443B-8DF2-2FF88F2810D0} - System32\Tasks\HPCeeScheduleForIZILDA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {39F4CE9A-491A-456E-81A3-466580B215D4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {51AC61DE-76C0-4818-84FF-F719085926E5} - System32\Tasks\HPCeeScheduleForIzilda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {52B00829-D5E0-4CFA-B215-1688F579EAF2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3190529940-644357419-2377663512-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5405D664-CF1F-4CB1-AEC3-ABA939175BDD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3190529940-644357419-2377663512-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5646EDF7-CD9A-429C-B416-447A718EC110} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)
Task: {5DF1F832-6C27-411F-B476-B842FBF900EB} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {68F197BB-6884-4036-99D3-9243F0151B8C} - System32\Tasks\Programa de atualização online DivX => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {72F3921D-97C4-40B3-818F-D1E2DA7D5CE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-12-03] (HP Inc.)
Task: {91714A50-1F70-4A57-8597-98231B2A9C68} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9ED8E65E-1A53-42FD-824D-7655CA8C29DF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A11333F8-35ED-40EE-93E9-F13E4CF02024} - System32\Tasks\{3B50766E-2CFC-4C09-8635-19261323916F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM
Task: {A36E4DB2-84F2-48BC-A73C-D51DF4508E26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BDB3F131-E378-40F8-BF88-5ACD639EFBAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BF7828A7-805C-4008-8F81-7813F60ED84A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-11] (AVAST Software)
Task: {CE8569CD-0C75-4E0B-A578-E79F5FABA946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E1316AB3-83BE-4B67-BFD0-3040FF666A86} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E36D2026-0BAC-493A-AE87-CCE85EE86C23} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {E806086C-1DEF-4DDD-8390-B3F6AADA642F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {F677F74D-9A50-466C-93BC-71F975AA0061} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-11-30] (Hewlett-Packard)
Task: {F901E352-4CCA-4A9B-B554-6813BD358146} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)
Task: {FD787783-8007-426F-9F75-11D693F3A23C} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIZILDA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIzilda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-04-07 22:20 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2012-04-10 18:28 - 2009-12-20 20:42 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2011-04-02 01:06 - 2011-04-02 01:06 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-06-02 10:18 - 2015-06-02 10:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-01-12 11:39 - 2011-01-12 11:39 - 00123712 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NPShellExtension64.dll
2011-04-02 01:06 - 2011-04-02 01:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-04 14:25 - 2011-03-04 14:25 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-02 00:57 - 2011-04-02 00:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-08 09:57 - 2011-04-08 09:57 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2012-11-28 11:13 - 2012-11-28 11:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 11:13 - 2012-11-28 11:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-13 01:33 - 2015-10-30 19:59 - 00034768 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00019408 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00022848 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00023352 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00042296 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00116688 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 01:33 - 2015-10-30 19:59 - 00093640 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00018376 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00019760 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00105928 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00392144 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-13 01:33 - 2015-12-08 16:36 - 00381752 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00692688 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00020816 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00109520 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 01737032 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00020808 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00020800 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00021840 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00038696 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00024528 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00020936 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00114640 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00021320 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00124880 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00030160 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00043472 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00175560 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00028616 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00024016 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00048592 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00024392 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00036296 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-13 01:33 - 2015-10-30 20:00 - 00024016 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00117056 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00023376 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00134608 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00134088 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00240584 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00020280 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00052024 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00021304 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00350152 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00084792 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-13 01:33 - 2015-12-08 16:36 - 01826608 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00083912 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 03891504 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 01950000 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00519984 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00133936 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00225080 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00207672 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00024904 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00486704 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00357680 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 16:45 - 2015-10-30 20:01 - 00019920 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 16:45 - 2015-10-30 20:00 - 00786904 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 22:58 - 2015-10-30 20:00 - 00063448 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 16:45 - 2015-10-30 20:00 - 00019408 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2011-04-08 09:57 - 2011-04-08 09:57 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:5B1620CE_Bb.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2016-02-12 00:33 - 00000004 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.114.81.1 - 75.114.81.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{65744CAD-129D-47B9-95E8-C8FB8FE23DA1}C:\users\izilda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\izilda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BB3A7506-3EF3-478D-AD7C-47A82F222CE1}C:\users\izilda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\izilda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4DE35125-ECDA-4A50-BE10-4934E30ECCC0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{03757B5A-B849-494C-85EB-8B6BFB16256E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2FFBE398-304F-4BB0-97D8-6FA7F5CE3172}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{26B19BCB-C411-415B-A17C-643D4F2D5D33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{22B7D6B7-41EF-4D3B-A595-1345EFF42D8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6EED024B-5CA2-4F03-8BEC-0E38C2321113}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{499108A3-3DF5-4A85-AACA-C415AD34014E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{99BBD254-67CB-45E4-A01F-AEA1EDD035E9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C24E6D9A-1232-4756-AB14-8B665DB299D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Vono\Vono\Vono.exe] => Enabled:%applicationname%
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Vono\Vono\Vono.exe] => Enabled:%applicationname%
==================== Restore Points =========================
25-09-2015 11:49:43 Windows Update
29-09-2015 21:10:26 Windows Update
04-10-2015 00:48:10 Windows Update
07-10-2015 22:58:13 Windows Update
08-10-2015 21:37:37 avast! antivirus system restore point
13-10-2015 18:09:58 Windows Update
14-10-2015 02:01:51 Windows Update
15-10-2015 02:00:28 Windows Update
20-10-2015 21:31:57 Windows Update
01-11-2015 01:13:41 Windows Update
06-11-2015 03:50:58 Windows Update
10-11-2015 22:57:13 Windows Update
11-11-2015 03:02:06 Windows Update
13-11-2015 03:00:35 Windows Update
18-11-2015 19:04:12 Windows Update
24-11-2015 23:29:35 Windows Update
28-11-2015 01:13:43 Windows Update
03-12-2015 00:40:17 Windows Update
07-12-2015 00:23:31 Windows Update
09-12-2015 00:10:49 Windows Update
13-12-2015 17:49:35 Windows Update
19-12-2015 00:36:51 Windows Update
19-12-2015 03:00:11 Windows Update
22-12-2015 22:09:44 Windows Update
26-12-2015 02:08:58 Windows Update
31-12-2015 01:27:49 Windows Update
05-01-2016 21:40:25 Windows Update
09-01-2016 22:14:45 Windows Update
13-01-2016 03:02:34 Windows Update
21-01-2016 22:03:12 Windows Update
27-01-2016 12:23:26 Windows Update
30-01-2016 19:27:48 Windows Update
04-02-2016 00:39:24 Windows Update
04-02-2016 08:24:34 Restore Operation
04-02-2016 18:47:37 Windows Update
04-02-2016 22:37:03 Restore Operation
09-02-2016 21:56:13 Windows Update
10-02-2016 20:35:42 Windows Update
11-02-2016 20:44:14 avast! antivirus system restore point
11-02-2016 21:53:28 Windows Update
12-02-2016 00:57:38 Windows Update
13-02-2016 10:25:51 avast! antivirus system restore point
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/14/2016 12:52:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/14/2016 12:12:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/13/2016 06:21:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/13/2016 04:47:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/13/2016 11:56:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/13/2016 06:21:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Gbpddreg svc service failed to start due to the following error:
%%2
Error: (02/13/2016 06:21:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Gbpddreg svc service failed to start due to the following error:
%%2
Error: (02/13/2016 06:21:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
gbpddreg
wsddfac
Error: (02/13/2016 06:21:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Warsaw Technology service failed to start due to the following error:
%%1053
Error: (02/13/2016 06:21:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Warsaw Technology service to connect.
Error: (02/13/2016 05:40:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Gbpddreg svc service failed to start due to the following error:
%%2
Error: (02/13/2016 04:47:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Gbpddreg svc service failed to start due to the following error:
%%2
Error: (02/13/2016 04:46:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
gbpddreg
wsddfac
Error: (02/13/2016 04:46:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Warsaw Technology service failed to start due to the following error:
%%1053
Error: (02/13/2016 04:46:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Warsaw Technology service to connect.
CodeIntegrity:
===================================
Date: 2013-09-30 17:32:16.406
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-30 17:32:16.403
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-30 17:32:16.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-25 11:52:48.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-25 11:52:48.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-25 11:52:48.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-15 15:36:40.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-15 15:36:40.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-15 15:36:40.778
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-10 23:35:24.408
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A8-3500M APU with Radeon™ HD Graphics
Percentage of memory in use: 28%
Total physical RAM: 7658.9 MB
Available physical RAM: 5473.86 MB
Total Virtual: 15316.01 MB
Available Virtual: 12895.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:578.92 GB) (Free:44.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.96 GB) (Free:1.86 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Setup) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: (ANDRE) (Removable) (Total:1.89 GB) (Free:0.81 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1813033F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=578.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
==================== End of Addition.txt ============================
#34
Posted 14 February 2016 - 12:45 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
No luck with the newly downloaded Avast file. Still getting the same error.
I have unchecked all GAS applications in autoruns.
Ready for your next instructions please. Thanks!!!
Attached Thumbnails
#35
Posted 14 February 2016 - 04:44 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
You are not getting the correct Avast. You are getting it from somewhere else other than the avast.com site. Try again:
https://www.avast.com/index and click on Download.
#36
Posted 14 February 2016 - 06:07 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
It worked! I was able to install Avast. What's next, please?
#37
Posted 14 February 2016 - 08:23 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Let's let Avast run a boot time scan tonight while you sleep.
Click on the Orange Avast ball in the system tray. Then on Scan. then on Scan for Viruses, Change the center box to say Boot-Time Scan. Click on Scan Settings.
Check both boxes and click on the gray box to the right of the orange boxes where it says Heuristics Sensitivity so that it turns orange too. Change When a threat is found box to say Move to Chest. OK. Start. It will ask you if you want to restart now or later. Tell it later and close the Avast window.
Mute the speakers so Windows doesn't wake you up when it starts.
Go into Control Panel (change View By: Categories to Large Icons) and select Folder Options. Click on the View tab.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files. OK. Close Control Panel. We do this so we can see the log that Avast creates.
Once it is done it will be at C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt I want you to copy and paste the contents (if it finds anything)
Before you go to bed, reboot. It will start the scan which may take 6 hours which is why we do this while we sleep.
#38
Posted 15 February 2016 - 09:43 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
Hey RKinner,
Here is the log. Ready for your next instructions. Thank you!!!
02/15/2016 03:59
Scan of C:
Scan of *STARTUP
File C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000df|>uk.kml Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000e1|>ro.kml Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000e9|>ro.kml Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000f1|>id.kml Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Andre\Applications\Applications\Rank Tracker\ranktracker6.5.1\ranktracker.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Andre\Applications\Applications\SEO Power Suite\websiteauditor.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Andre\Applications\Rank Tracker\ranktracker6.5.1.zip|>ranktracker.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Andre\Applications\SEO Power Suite\websiteauditor3.11.21-jre.zip|>websiteauditor.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Clientes\Rafael Nagayasu\Convatec\Technical_Folder_aberto.cdr|>content\riffData.cdr Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Clientes\Tarcisio Encinas\backup\novo\2013\11\antigo.zip|>antigo\fotos_alta_resolucao\entrada da clínica da Avenida Brasil.jpg Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Clientes\Doctor Virtual\Doctor Virtual\OTIMIZACAO SEO\powersuite\seopowersuite-jre(1).zip|>seopowersuite.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Clientes\Doctor Virtual\Doctor Virtual\OTIMIZACAO SEO\powersuite\spyglass\seospyglass5.10.1-jre.zip|>seospyglass.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Doctor Virtual\OTIMIZACAO SEO\powersuite\seopowersuite.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Desktop\Doctor Virtual\OTIMIZACAO SEO\powersuite\spyglass\seospyglass.exe|>$_OUTDIR\libs\jna.jar|>com\sun\jna\win32-x86\jnidispatch.dll Error 42125 {ZIP archive is corrupted.}
File C:\Users\Izilda\Dropbox\Doctor Virtual\Clientes\Julio Yoshimura\cgi-bin.zip|>swf\player.html is infected by HTML:Iframe-BAW [Trj], Moved to chest
File C:\Users\Izilda\Dropbox\Doctor Virtual\Clientes\Julio Yoshimura\cgi-bin.zip|>indexHIDDEN.html is infected by HTML:Iframe-BAW [Trj], Moved to chest
File C:\Users\Izilda\Downloads\Thumbs.db|>256_1c15e5c5b70d2de0 Error 42144 {OLE archive is corrupted.}
File C:\Program Files (x86)\HP Games\Plants vs. Zombies - Game of the Year\plantsvszombies-WT.exe is infected by Win32:Malware-gen, Moved to chest
File C:\ProgramData\WildTangent\5ae0d760-ddcf-4247-85df-eacefd518e86-extr.exe|>$INSTDIR\plantsvszombies-WT.exe is infected by Win32:Malware-gen, Move to chest: Error 0xC000007F {An operation failed because the disk was full.}
Number of searched folders: 57933
Number of tested files: 1847017
Number of infected files: 4
#39
Posted 15 February 2016 - 10:19 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Download the attached fixlist.txt to the same location as FRST
Run FRST (Right click and Run As Admin) and press Fix
A fix log will be generated please post that.
Reboot after the fix and then run Process Explorer again and create a log as before.
#40
Posted 15 February 2016 - 10:38 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
RKinner, here it goes.
Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Izilda (2016-02-15 23:28:07) Run:3
Running from C:\Users\Izilda\Desktop
Loaded Profiles: Izilda (Available Profiles: Izilda & Deco)
Boot Mode: Normal
==============================================
fixlist content:
*****************
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000df
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000e
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000e9
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000f1
C:\Users\Izilda\Desktop\Andre\Applications\Applications\Rank Tracker\ranktracker6.5.1\ranktracker.exe
C:\Users\Izilda\Desktop\Andre\Applications\Applications\SEO Power Suite\websiteauditor.exe
C:\Users\Izilda\Desktop\Andre\Applications\Rank Tracker\ranktracker6.5.1.zip|>ranktracker.exe|>$_OUTDIR\libs\jna.jar
C:\Users\Izilda\Desktop\Andre\Applications\SEO Power Suite\websiteauditor3.11.21-jre.zip|>websiteauditor.exe
C:\Users\Izilda\Desktop\Clientes\Rafael Nagayasu\Convatec\Technical_Folder_aberto.cdr
C:\Users\Izilda\Desktop\Clientes\Tarcisio Encinas\backup\novo\2013\11\antigo.zip
C:\Users\Izilda\Desktop\Clientes\Doctor Virtual\Doctor Virtual\OTIMIZACAO SEO\powersuite\seopowersuite-jre(1).zip
C:\Users\Izilda\Desktop\Clientes\Doctor Virtual\Doctor Virtual\OTIMIZACAO SEO\powersuite\spyglass\seospyglass5.10.1-jre.zip
C:\Users\Izilda\Desktop\Doctor Virtual\OTIMIZACAO SEO\powersuite\seopowersuite.exe
C:\Users\Izilda\Desktop\Doctor Virtual\OTIMIZACAO SEO\powersuite\spyglass\seospyglass.exe
C:\Users\Izilda\Downloads\Thumbs.db
C:\Program Files (x86)\HP Games\Plants vs. Zombies - Game of the Year\plantsvszombies-WT.exe
C:\ProgramData\WildTangent\5ae0d760-ddcf-4247-85df-eacefd518e86-extr.exe
*****************
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000df => moved successfully
"C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000e" => not found.
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000e9 => moved successfully
C:\Users\Izilda\AppData\LocalLow\Google\GoogleEarth\webdata\f_0000f1 => moved successfully
C:\Users\Izilda\Desktop\Andre\Applications\Applications\Rank Tracker\ranktracker6.5.1\ranktracker.exe => moved successfully
C:\Users\Izilda\Desktop\Andre\Applications\Applications\SEO Power Suite\websiteauditor.exe => moved successfully
"C:\Users\Izilda\Desktop\Andre\Applications\Rank Tracker\ranktracker6.5.1.zip|>ranktracker.exe|>$_OUTDIR\libs\jna.jar" => not found.
"C:\Users\Izilda\Desktop\Andre\Applications\SEO Power Suite\websiteauditor3.11.21-jre.zip|>websiteauditor.exe" => not found.
C:\Users\Izilda\Desktop\Clientes\Rafael Nagayasu\Convatec\Technical_Folder_aberto.cdr => moved successfully
C:\Users\Izilda\Desktop\Clientes\Tarcisio Encinas\backup\novo\2013\11\antigo.zip => moved successfully
C:\Users\Izilda\Desktop\Clientes\Doctor Virtual\Doctor Virtual\OTIMIZACAO SEO\powersuite\seopowersuite-jre(1).zip => moved successfully
C:\Users\Izilda\Desktop\Clientes\Doctor Virtual\Doctor Virtual\OTIMIZACAO SEO\powersuite\spyglass\seospyglass5.10.1-jre.zip => moved successfully
C:\Users\Izilda\Desktop\Doctor Virtual\OTIMIZACAO SEO\powersuite\seopowersuite.exe => moved successfully
C:\Users\Izilda\Desktop\Doctor Virtual\OTIMIZACAO SEO\powersuite\spyglass\seospyglass.exe => moved successfully
C:\Users\Izilda\Downloads\Thumbs.db => moved successfully
"C:\Program Files (x86)\HP Games\Plants vs. Zombies - Game of the Year\plantsvszombies-WT.exe" => not found.
C:\ProgramData\WildTangent\5ae0d760-ddcf-4247-85df-eacefd518e86-extr.exe => moved successfully
==== End of Fixlog 23:28:18 ====
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 86.69 0 K 24 K 0
svchost.exe 7.43 149,652 K 159,156 K 576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 1.88 30,908 K 52,584 K 4444 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
firefox.exe 1.07 186,164 K 208,320 K 5444 Firefox Mozilla Corporation (Verified) Mozilla Corporation
Interrupts 0.89 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.76 33,628 K 30,616 K 3120 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 0.37 356 K 3,976 K 4
SynTPEnh.exe 0.36 9,396 K 13,560 K 4352 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
csrss.exe 0.22 3,152 K 7,944 K 572 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.06 43,956 K 53,328 K 1088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
RNowSvc.exe 0.05 1,824 K 4,676 K 2732 Windows Service App Roxio (Verified) Sonic Solutions
gbpsv.exe 0.04 31,856 K 36,316 K 876 G-Buster Browser Defense - Service GAS Tecnologia (Verified) GAS INFORMATICA LTDA
WmiPrvSE.exe 0.03 3,524 K 7,520 K 3356 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 0.02 89,692 K 41,484 K 1804 avast! Service AVAST Software (Verified) AVAST Software a.s.
explorer.exe 0.02 45,064 K 56,828 K 3432 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
CCC.exe 0.02 103,740 K 22,400 K 888 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
MOM.exe 0.01 39,172 K 5,164 K 5836 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
svchost.exe 0.01 9,628 K 15,000 K 1056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 5,116 K 10,272 K 744 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 3,104 K 9,484 K 2104 MobileDeviceService Apple Inc. (Verified) Apple Inc.
lsm.exe < 0.01 2,864 K 4,704 K 632 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 38,736 K 15,352 K 4968 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe < 0.01 11,868 K 17,584 K 3928 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
avastui.exe < 0.01 17,756 K 19,712 K 4672 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
WLIDSVC.EXE < 0.01 7,796 K 15,460 K 2968 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
ezSharedSvcHost.exe < 0.01 1,568 K 5,556 K 2300 Shared EasyBits services for Windows EasyBits Software AS (Verified) EasyBits Software AS
svchost.exe < 0.01 3,840 K 6,940 K 4568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
YCMMirage.exe < 0.01 1,740 K 1,984 K 4660 YouCam Mirage CyberLink (Verified) CyberLink
TeamViewer_Service.exe < 0.01 5,480 K 13,780 K 2932 TeamViewer 10 TeamViewer GmbH (Verified) TeamViewer
svchost.exe < 0.01 16,240 K 17,452 K 1668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPConnectionManager.exe < 0.01 80,820 K 91,212 K 1068 HPConnectionManager Hewlett-Packard Development Company L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company L.P.
svchost.exe < 0.01 53,956 K 67,496 K 708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 4,072 K 1,920 K 3196 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe < 0.01 7,648 K 7,684 K 1536 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
stacsv64.exe < 0.01 12,756 K 8,672 K 1128 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
RIconMan.exe < 0.01 2,508 K 6,124 K 2424 Realtek Card Reader Icon Tool. Realsil Microelectronics Inc. (No signature was present in the subject) Realsil Microelectronics Inc.
svchost.exe < 0.01 14,924 K 16,804 K 1764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,608 K 5,108 K 464 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 1,948 K 5,080 K 1460 HpService Hewlett-Packard Company (Verified) Microsoft Windows Hardware Compatibility Publisher
WUDFHost.exe 2,124 K 6,244 K 3516 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WR_Tray_Icon.exe 2,032 K 5,024 K 1080 Tweaking.com - Windows Repair Tray Icon Tweaking.com (Verified) Tweaking LLC
WmiPrvSE.exe 7,168 K 13,048 K 3592 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,704 K 6,332 K 5744 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,540 K 3,656 K 3208 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 3,140 K 7,652 K 916 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,720 K 4,748 K 540 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,144 K 5,732 K 4712 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,172 K 5,980 K 5268 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
TrueSuiteService.exe 1,736 K 5,464 K 832 HP Service HP (Verified) AuthenTec
TouchControl.exe 4,540 K 13,452 K 2804 TouchControl HP (Verified) AuthenTec
taskeng.exe 2,592 K 6,456 K 4732 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,396 K 6,220 K 3532 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,076 K 5,572 K 1896 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SZDrvSvc.exe 1,508 K 4,884 K 2892 SZDrvSvc Clarus, Inc. (No signature was present in the subject) Clarus, Inc.
SynTPHelper.exe 1,608 K 3,780 K 4960 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 23,648 K 20,668 K 360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,680 K 8,472 K 968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,044 K 7,020 K 1988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,704 K 5,944 K 1400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,276 K 5,956 K 2848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,760 K 11,196 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray64.exe 9,176 K 19,800 K 4528 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
sppsvc.exe 2,712 K 8,596 K 2552 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 9,028 K 15,092 K 1876 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 568 K 1,260 K 324 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 5,996 K 12,040 K 596 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 2,204 K 6,536 K 4120 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 2,452 K 7,732 K 2792 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 36,740 K 36,096 K 952 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
PMBDeviceInfoProvider.exe 1,440 K 4,772 K 2688 Device Information Provider Sony Corporation (Verified) Sony Corporation
NitroPDFReaderDriverService3x64.exe 1,656 K 4,016 K 2604 Nitro PDF Spool Service Nitro PDF Software (Verified) Nitro PDF Software
NitroPDFDriverServicex64.exe 1,616 K 4,000 K 2536 Solid Spool Service Nitro PDF Software (Verified) Nitro PDF Software
lsass.exe 5,004 K 12,464 K 624 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 2,532 K 5,680 K 4888 Java Update Scheduler Oracle Corporation (Verified) Oracle America
HPWMISVC.exe 1,488 K 5,132 K 2368 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
HPSA_Service.exe 24,728 K 17,140 K 4244 HP Support Assistant Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqWmiEx.exe 3,972 K 8,816 K 5528 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpCMSrv.exe 4,080 K 9,272 K 5376 HP Connection Manager Service Hewlett-Packard Development Company L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company L.P.
HPClientServices.exe 3,972 K 8,244 K 2344 HP Client Services Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
GWX.exe 4,156 K 3,856 K 4840 GWX Microsoft Corporation (Verified) Microsoft Windows
GoogleUpdate.exe 2,324 K 1,492 K 4624 Google Installer Google Inc. (Verified) Google Inc
gbpsv.exe 18,348 K 21,764 K 3964 G-Buster Browser Defense - Service GAS Tecnologia (Verified) GAS INFORMATICA LTDA
Fuel.Service.exe 4,832 K 10,224 K 2080 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
DropboxUpdate.exe 2,488 K 1,912 K 5116 Dropbox Update Dropbox, Inc. (Verified) Dropbox
Dropbox.exe 122,072 K 126,664 K 4108 Dropbox Dropbox, Inc. (Verified) Dropbox
BioMonitor.exe 1,564 K 5,176 K 4408 BioMonitor HP (Verified) AuthenTec
audiodg.exe 17,016 K 17,644 K 1224 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,752 K 4,612 K 260 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,640 K 6,800 K 1520 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe 1,236 K 4,072 K 1480 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AESTSr64.exe 1,356 K 3,064 K 2052 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
AdobeARM.exe 4,852 K 13,356 K 4828 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems
ABRTMon.exe 4,756 K 9,080 K 3864 ABRTMon Clarus, Inc. (No signature was present in the subject) Clarus, Inc.
#41
Posted 16 February 2016 - 07:08 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
You still have two GAS programs running:
gbpsv.exe 0.04 31,856 K 36,316 K 876 G-Buster Browser Defense - Service GAS Tecnologia (Verified) GAS INFORMATICA LTDA
gbpsv.exe 18,348 K 21,764 K 3964 G-Buster Browser Defense - Service GAS Tecnologia (Verified) GAS INFORMATICA LTDA
See if you can find them in Autoruns. Uncheck them and reboot then run Process Explorer again
If you still see:
svchost.exe 7.43 149,652 K 159,156 K 576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
as the second line, hover over it and it should tell you what services are riding on it. Usually it's the wuauserv which is Windows Updates which causes this.
Is it on the list this time?
#42
Posted 16 February 2016 - 10:11 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
RKinner,
Sorry for the delay. I was slammed with work today.
I have unchecked all GAS - Tecnologia boxes in autoruns. However, they are always back to checked once I rebook. Also, svchost.exe appears in my Process Explorer every time I have reboot the machine.
Any tips? Thanks!
#43
Posted 16 February 2016 - 10:15 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
OK let's do another FRST scan with Addition and see what we can do about it.
#44
Posted 16 February 2016 - 10:18 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
Got it. I'm on it now. Please stand by.
#45
Posted 16 February 2016 - 10:52 PM
Andre Silva
- Topic Starter
-
- Member
-
- 140 posts
Member
Here are the logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Izilda (administrator) on IZILDA-HP (16-02-2016 23:19:04)
Running from C:\Users\Izilda\Desktop
Loaded Profiles: Izilda (Available Profiles: Izilda)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
(Dropbox, Inc.) C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
(Dropbox, Inc.) C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2012-02-07] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-15] (AVAST Software)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Run: [Google Update] => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Run: [Dropbox Update] => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\MountPoints2: {520b7578-3f36-11e1-9d4c-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2014-05-30]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2 192.168.1.1
Tcpip\..\Interfaces\{0211F5D2-0B48-4A83-8097-2D3C20677B0B}: [DhcpNameServer] 65.32.5.111 65.32.5.112 192.168.1.1
Tcpip\..\Interfaces\{894FB0E4-5432-4A2A-B791-AB7238B6F4E2}: [DhcpNameServer] 200.142.132.32 200.220.227.57
Tcpip\..\Interfaces\{E66EA923-D0B8-4739-A6C2-1045AE207BFE}: [DhcpNameServer] 75.114.81.1 75.114.81.2 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-18] (HP)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-27] (Hewlett-Packard)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-18] (HP)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-27] (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll [2011-09-07] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-31] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-31] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-03-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-06-02] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-28] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @talk.google.com/O1DPlugin -> C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Izilda\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/bb -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-06-10] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/cef -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2015-01-17] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3190529940-644357419-2377663512-1001: gastecnologia.com.br/sf/uni -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-01-15] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Izilda\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Izilda\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\qb4mtwr7.default-1380586887777\searchplugins\yahoo-avast.xml [2014-06-13]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2016-02-12] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-01-17] [not signed]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF Extension: GBBD Guardião - Itaú 30 horas - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-03-24] [not signed]
FF HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-05-04] [not signed]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei [2015-09-15]
CHR HKU\S-1-5-21-3190529940-644357419-2377663512-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-06-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-14] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-13] (WildTangent)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-01-12] (Nitro PDF Software)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
S4 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-14] (AVAST Software)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30352 2015-05-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S4 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-02-13] (GAS Tecnologia)
S4 gbpddfac; C:\Windows\SysWOW64\drivers\gbpddfac64.sys [28888 2015-08-26] (GAS Tecnologia)
S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
S4 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
S4 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-01-12] (GAS Tecnologia)
S4 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S4 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-16 23:19 - 2016-02-16 23:19 - 00031418 _____ C:\Users\Izilda\Desktop\FRST.txt
2016-02-16 22:45 - 2016-02-16 22:45 - 00011326 _____ C:\Users\Izilda\Desktop\svchost.exe.txt
2016-02-15 23:37 - 2016-02-15 23:37 - 00011417 _____ C:\Users\Izilda\Desktop\System Idle Process.txt
2016-02-15 23:34 - 2016-02-15 23:34 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Izilda\Desktop\procexp.exe
2016-02-15 23:28 - 2016-02-15 23:28 - 00003735 _____ C:\Users\Izilda\Desktop\Fixlog.txt
2016-02-15 00:37 - 2016-02-15 00:37 - 00492519 _____ C:\Users\Izilda\Downloads\TrackTraceRx Assessment - dispensing locations.xlsx
2016-02-14 19:08 - 2016-02-14 19:08 - 02612608 _____ (Banco do Brasil SA) C:\Users\Izilda\Downloads\DiagnosticoBB.exe
2016-02-14 19:06 - 2016-02-14 19:04 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-14 19:05 - 2016-02-14 19:05 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\AVAST Software
2016-02-14 19:04 - 2016-02-14 19:07 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-14 19:04 - 2016-02-14 19:04 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-14 19:04 - 2016-02-14 19:04 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-14 19:04 - 2016-02-14 19:04 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-14 19:04 - 2016-02-14 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-14 19:02 - 2016-02-14 19:02 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-14 19:01 - 2016-02-14 19:01 - 05207096 _____ (AVAST Software) C:\Users\Izilda\Downloads\avast_free_antivirus_setup_online.exe
2016-02-14 13:43 - 2016-02-14 13:43 - 05066104 _____ (AVAST Software) C:\Users\Izilda\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2016-02-14 00:05 - 2016-02-01 02:10 - 00616616 ____N (Sysinternals - www.sysinternals.com) C:\Users\Izilda\Downloads\autorunsc.exe
2016-02-14 00:05 - 2016-02-01 02:08 - 00704672 ____N (Sysinternals - www.sysinternals.com) C:\Users\Izilda\Downloads\Autoruns.exe
2016-02-14 00:05 - 2016-02-01 02:05 - 00050512 ____N C:\Users\Izilda\Downloads\autoruns.chm
2016-02-14 00:05 - 2015-01-26 09:19 - 00002009 ____N C:\Users\Izilda\Downloads\Eula.txt
2016-02-14 00:04 - 2016-02-14 00:04 - 00615478 _____ C:\Users\Izilda\Downloads\Autoruns.zip
2016-02-13 22:55 - 2016-02-13 22:57 - 00002184 _____ C:\VEW.txt
2016-02-13 18:25 - 2016-02-13 18:25 - 00061440 _____ ( ) C:\Users\Izilda\Desktop\VEW.exe
2016-02-13 11:08 - 2016-02-13 11:08 - 02370560 _____ (Farbar) C:\Users\Izilda\Desktop\FRST64.exe
2016-02-12 20:12 - 2016-02-12 20:12 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FE43D1CD-704E-4B71-9B67-9370A8200CB2}
2016-02-12 19:32 - 2016-02-12 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-12 19:10 - 2016-02-12 19:10 - 00000207 _____ C:\Windows\tweaking.com-regbackup-IZILDA-HP-Windows-7-Home-Premium-(64-bit).dat
2016-02-12 19:10 - 2016-02-12 19:10 - 00000000 ____D C:\RegBackup
2016-02-12 19:04 - 2016-02-12 19:04 - 00003658 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-02-12 19:04 - 2016-02-12 19:04 - 00002119 _____ C:\Users\Izilda\Desktop\Tweaking.com - Windows Repair.lnk
2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-02-12 19:03 - 2016-02-12 19:04 - 00183488 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2016-02-12 19:03 - 2016-02-12 19:03 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-02-12 19:02 - 2016-02-12 19:02 - 21771104 _____ (Tweaking.com) C:\Users\Izilda\Downloads\tweaking.com_windows_repair_aio_setup.exe
2016-02-12 00:17 - 2016-02-12 00:17 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-12 00:17 - 2016-02-12 00:17 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-11 22:02 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-02-11 22:02 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-02-11 22:02 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-02-11 22:02 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-02-11 22:02 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-02-11 22:02 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-02-11 22:01 - 2016-01-06 14:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-11 22:01 - 2016-01-06 13:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-11 22:01 - 2015-12-08 16:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-11 22:01 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-02-11 22:01 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-11 22:01 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-11 22:01 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-11 22:01 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-11 22:01 - 2015-12-08 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-02-11 22:01 - 2015-12-08 16:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-02-11 22:01 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-02-11 22:01 - 2015-12-08 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-11 22:01 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-11 22:01 - 2015-12-08 14:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-11 22:01 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-02-11 22:01 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-11 22:01 - 2015-12-08 14:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-11 22:01 - 2015-12-08 14:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-11 22:01 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-02-11 22:01 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-11 22:01 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-02-11 22:01 - 2015-11-16 15:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-11 22:00 - 2016-02-06 05:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-11 22:00 - 2016-02-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-11 22:00 - 2016-02-06 05:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-11 22:00 - 2016-02-06 05:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-11 22:00 - 2016-02-06 05:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-11 22:00 - 2016-02-06 05:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-11 22:00 - 2016-02-06 04:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-11 22:00 - 2016-02-06 04:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-11 22:00 - 2016-02-06 04:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-11 22:00 - 2016-02-06 04:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-11 22:00 - 2016-02-06 04:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-11 22:00 - 2016-02-06 04:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-11 22:00 - 2016-02-06 04:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-11 22:00 - 2016-02-06 03:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-11 22:00 - 2016-01-16 14:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-11 22:00 - 2016-01-16 13:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-11 22:00 - 2016-01-11 09:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-11 21:59 - 2016-01-22 15:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-11 21:59 - 2016-01-22 15:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-11 21:59 - 2016-01-22 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-11 21:59 - 2016-01-22 01:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-11 21:59 - 2016-01-22 01:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-11 21:59 - 2016-01-22 01:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-11 21:59 - 2016-01-22 01:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-11 21:59 - 2016-01-22 01:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-11 21:59 - 2016-01-22 01:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-11 21:59 - 2016-01-22 01:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-11 21:59 - 2016-01-22 01:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-11 21:59 - 2016-01-22 01:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-11 21:59 - 2016-01-22 01:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-11 21:59 - 2016-01-22 01:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-11 21:59 - 2016-01-22 01:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-11 21:59 - 2016-01-22 00:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-11 21:59 - 2016-01-22 00:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-11 21:59 - 2016-01-22 00:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-11 21:59 - 2016-01-22 00:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-11 21:59 - 2016-01-22 00:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-11 21:59 - 2016-01-22 00:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-11 21:59 - 2016-01-22 00:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-11 21:59 - 2016-01-22 00:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-11 21:59 - 2016-01-22 00:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-11 21:59 - 2016-01-22 00:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-11 21:59 - 2016-01-22 00:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-11 21:59 - 2016-01-22 00:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-11 21:59 - 2016-01-22 00:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-11 21:59 - 2016-01-22 00:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-11 21:59 - 2016-01-22 00:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-11 21:59 - 2016-01-22 00:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-11 21:59 - 2016-01-22 00:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-11 21:58 - 2016-01-22 01:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-11 21:58 - 2016-01-22 01:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-11 21:58 - 2016-01-22 01:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-11 21:58 - 2016-01-22 01:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-11 21:58 - 2016-01-22 01:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-11 21:58 - 2016-01-22 01:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-11 21:58 - 2016-01-22 01:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-11 21:58 - 2016-01-22 01:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-11 21:58 - 2016-01-22 01:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-11 21:58 - 2016-01-22 01:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-11 21:58 - 2016-01-22 01:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-11 21:58 - 2016-01-22 01:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-11 21:58 - 2016-01-22 00:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-11 21:58 - 2016-01-22 00:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-11 21:58 - 2016-01-22 00:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-11 21:58 - 2016-01-22 00:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-11 21:58 - 2016-01-22 00:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-11 21:58 - 2016-01-22 00:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-11 21:58 - 2016-01-22 00:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-11 21:58 - 2016-01-22 00:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-11 21:57 - 2016-01-11 14:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-11 21:57 - 2016-01-11 14:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-11 21:57 - 2016-01-11 14:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-11 21:57 - 2016-01-11 13:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-11 21:57 - 2016-01-11 13:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-11 21:57 - 2016-01-11 13:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-11 21:57 - 2016-01-11 13:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-11 21:57 - 2016-01-11 13:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-11 21:57 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-11 21:57 - 2016-01-11 13:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-11 21:57 - 2016-01-11 13:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-11 21:57 - 2016-01-11 13:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-11 21:57 - 2016-01-11 13:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-11 21:57 - 2016-01-11 13:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-11 21:57 - 2016-01-11 13:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-11 21:57 - 2016-01-11 13:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-11 21:57 - 2016-01-07 12:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 21:57 - 2015-12-20 13:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-11 21:57 - 2015-12-20 13:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-11 21:57 - 2015-12-20 09:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-11 21:56 - 2016-01-07 12:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 21:55 - 2016-01-16 14:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-11 21:54 - 2016-01-22 01:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 21:54 - 2016-01-22 01:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-11 21:54 - 2016-01-22 01:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-11 21:54 - 2016-01-22 01:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-11 21:54 - 2016-01-22 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-11 21:54 - 2016-01-22 01:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 21:54 - 2016-01-22 01:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-11 21:54 - 2016-01-22 01:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-11 21:54 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-11 21:54 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 21:54 - 2016-01-22 01:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-11 21:54 - 2016-01-22 01:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-11 21:54 - 2016-01-22 01:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-11 21:54 - 2016-01-22 01:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 21:54 - 2016-01-22 01:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-11 21:54 - 2016-01-22 01:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 21:54 - 2016-01-22 01:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 21:54 - 2016-01-22 01:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-11 21:54 - 2016-01-22 01:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-11 21:54 - 2016-01-22 01:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-11 21:54 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 21:54 - 2016-01-22 01:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-11 21:54 - 2016-01-22 01:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 01:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-11 21:54 - 2016-01-22 01:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-11 21:54 - 2016-01-22 01:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-11 21:54 - 2016-01-22 01:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-11 21:54 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-11 21:54 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-11 21:54 - 2016-01-22 01:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-11 21:54 - 2016-01-22 00:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-11 21:54 - 2016-01-22 00:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-11 21:54 - 2016-01-22 00:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-11 21:54 - 2016-01-22 00:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-11 21:54 - 2016-01-21 23:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-11 21:54 - 2016-01-21 23:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-11 21:54 - 2016-01-21 23:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-11 21:54 - 2016-01-21 23:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-11 21:54 - 2016-01-21 23:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-11 21:54 - 2016-01-21 23:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-11 21:54 - 2016-01-21 23:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-11 21:54 - 2016-01-21 23:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-11 21:54 - 2016-01-21 23:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-11 21:54 - 2016-01-21 23:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 21:54 - 2016-01-21 23:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-11 21:54 - 2016-01-16 13:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-11 21:53 - 2016-01-22 01:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-11 21:53 - 2016-01-22 01:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-11 21:53 - 2016-01-22 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-11 21:53 - 2016-01-22 01:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-11 21:53 - 2016-01-22 01:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-11 21:53 - 2016-01-22 01:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-11 21:53 - 2016-01-22 01:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-11 21:53 - 2016-01-22 01:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-11 21:53 - 2016-01-22 01:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-11 21:53 - 2016-01-22 01:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-11 21:53 - 2016-01-22 00:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-11 21:53 - 2016-01-22 00:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-11 21:53 - 2016-01-22 00:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-11 21:53 - 2016-01-22 00:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-11 21:53 - 2015-12-08 16:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-02-11 21:53 - 2015-12-08 14:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-11 20:49 - 2015-11-08 16:20 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFDAC.tmp
2016-02-11 20:49 - 2015-11-08 16:20 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA8C.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswACC.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswB2A.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw26E.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw54D.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\asw628.tmp
2016-02-11 20:49 - 2015-10-08 21:42 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw30B.tmp
2016-02-06 23:50 - 2016-02-07 01:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-03 23:23 - 2016-02-03 23:23 - 00000000 ____D C:\ProgramData\BlueStacks
2016-02-03 20:34 - 2016-02-03 20:34 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\IDT
2016-02-03 00:08 - 2016-02-16 23:19 - 00000000 ____D C:\FRST
2016-01-25 23:08 - 2016-01-25 23:08 - 00001495 _____ C:\Users\Izilda\Downloads\documento (10).pdf
2016-01-25 23:05 - 2016-01-25 23:05 - 00001503 _____ C:\Users\Izilda\Downloads\documento (9).pdf
2016-01-21 23:08 - 2016-01-21 23:08 - 00196361 _____ C:\Users\Izilda\Downloads\Apresentacao SEO - 2016.pdf
2016-01-19 02:47 - 2016-01-19 02:47 - 00004136 _____ C:\Users\Izilda\Downloads\extrato-outubro-2015.pdf
2016-01-19 02:46 - 2016-01-19 02:47 - 00007169 _____ C:\Users\Izilda\Downloads\extrato-outubro-2015.ofx
2016-01-19 02:46 - 2016-01-19 02:46 - 00009221 _____ C:\Users\Izilda\Downloads\extrato-novembro2015.ofx
2016-01-19 02:46 - 2016-01-19 02:46 - 00004720 _____ C:\Users\Izilda\Downloads\extrato-novembro-2015.pdf
2016-01-19 02:45 - 2016-01-19 02:45 - 00007231 _____ C:\Users\Izilda\Downloads\extrato-dezembro2015.ofx
2016-01-19 02:45 - 2016-01-19 02:45 - 00004249 _____ C:\Users\Izilda\Downloads\extrato-dezembro2015.pdf
2016-01-19 01:18 - 2016-01-19 01:18 - 00009795 _____ C:\Users\Izilda\Downloads\extrato.ofx
2016-01-19 01:08 - 2016-01-19 01:08 - 00005905 _____ C:\Users\Izilda\Downloads\extrato.pdf
2016-01-18 22:45 - 2016-01-18 22:45 - 00016554 _____ C:\Users\Izilda\Downloads\5393996031.html
2016-01-17 03:03 - 2016-01-17 03:03 - 00659254 _____ C:\Users\Izilda\Downloads\SecureMessage.pdf
2016-01-17 02:59 - 2016-01-17 02:59 - 00623810 _____ C:\Users\Izilda\Downloads\12-20-2015 (2).pdf
2016-01-17 02:30 - 2016-01-17 02:30 - 00623810 _____ C:\Users\Izilda\Downloads\12-20-2015 (1).pdf
2016-01-17 02:28 - 2016-01-17 02:28 - 00015182 _____ C:\Users\Izilda\Downloads\Document.pdf
2016-01-17 02:28 - 2016-01-17 02:28 - 00015182 _____ C:\Users\Izilda\Downloads\Document (1).pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-16 23:15 - 2015-06-16 01:05 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2016-02-16 23:13 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-16 23:13 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-16 23:06 - 2013-11-17 23:08 - 00000000 ___RD C:\Users\Izilda\Dropbox
2016-02-16 23:05 - 2013-11-17 23:04 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\Dropbox
2016-02-16 23:03 - 2012-11-30 16:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-02-16 23:03 - 2012-03-06 21:08 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-16 23:03 - 2012-01-15 18:42 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-02-16 23:03 - 2012-01-14 17:24 - 00000000 ____D C:\Users\Izilda\AppData\LocalLow\AuthenTec
2016-02-16 23:03 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-16 22:59 - 2013-01-07 20:02 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2016-02-16 22:59 - 2012-03-06 21:08 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-16 22:55 - 2013-05-25 23:50 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
2016-02-16 01:55 - 2013-05-25 23:50 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2016-02-15 23:28 - 2011-08-29 20:19 - 00000000 ____D C:\ProgramData\WildTangent
2016-02-15 20:58 - 2013-01-07 20:02 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2016-02-15 20:15 - 2015-06-16 01:05 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
2016-02-15 08:52 - 2012-01-14 17:33 - 00125744 _____ C:\Users\Izilda\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-15 08:33 - 2009-07-13 23:45 - 05096648 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-15 03:53 - 2012-01-14 22:08 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\Skype
2016-02-15 01:20 - 2012-09-19 23:36 - 00000000 ____D C:\Users\Izilda\Desktop\Temporario
2016-02-15 00:47 - 2012-01-14 22:08 - 00000000 ____D C:\ProgramData\Skype
2016-02-14 19:01 - 2013-10-06 11:36 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-13 18:21 - 2015-08-27 21:03 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-02-12 23:49 - 2012-11-26 14:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-12 22:55 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-02-12 20:03 - 2012-11-10 13:04 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-12 19:06 - 2012-11-25 14:51 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIzilda
2016-02-12 19:06 - 2012-11-25 14:51 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForIzilda.job
2016-02-12 19:01 - 2009-07-14 00:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 19:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-02-12 18:30 - 2014-12-11 10:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-12 18:30 - 2014-05-06 08:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-12 18:24 - 2012-11-20 16:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-12 18:24 - 2011-08-29 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-12 04:51 - 2013-07-20 01:00 - 00000000 ____D C:\Windows\system32\MRT
2016-02-12 04:33 - 2012-01-29 12:01 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-12 04:29 - 2013-03-14 06:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-12 02:36 - 2015-12-03 18:28 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-12 02:36 - 2011-08-29 20:31 - 00000000 ____D C:\ProgramData\RoxioNow
2016-02-12 02:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-02-12 01:06 - 2012-12-03 10:26 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIZILDA-HP$
2016-02-12 01:06 - 2012-12-03 10:26 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForIZILDA-HP$.job
2016-02-12 00:27 - 2013-10-18 15:35 - 00000000 ____D C:\ProgramData\Oracle
2016-02-12 00:26 - 2014-12-09 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-12 00:26 - 2011-08-29 20:42 - 00000000 ____D C:\Program Files\Java
2016-02-12 00:24 - 2015-09-01 22:14 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-12 00:24 - 2015-09-01 22:14 - 00000000 ____D C:\Users\Izilda\.oracle_jre_usage
2016-02-12 00:17 - 2012-03-06 21:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-12 00:14 - 2014-12-04 14:07 - 00000000 __SHD C:\Users\Izilda\AppData\Local\EmieBrowserModeList
2016-02-12 00:14 - 2014-06-12 15:00 - 00000000 __SHD C:\Users\Izilda\AppData\Local\EmieUserList
2016-02-12 00:14 - 2014-06-12 15:00 - 00000000 __SHD C:\Users\Izilda\AppData\Local\EmieSiteList
2016-02-12 00:13 - 2012-01-14 18:57 - 00000000 ____D C:\Users\Izilda\AppData\Local\CrashDumps
2016-02-12 00:00 - 2012-09-19 01:45 - 00000000 ____D C:\Users\Izilda\Desktop\Andre
2016-02-11 23:54 - 2012-11-01 09:59 - 05225984 ___SH C:\Users\Izilda\Desktop\Thumbs.db
2016-02-11 23:43 - 2012-01-14 17:23 - 00000000 ____D C:\Users\Izilda
2016-02-11 23:26 - 2015-04-08 23:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-11 23:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-11 23:25 - 2012-09-19 00:22 - 00000000 ____D C:\Users\Izilda\Desktop\Doctor Virtual
2016-02-11 23:24 - 2012-01-14 17:26 - 00000000 ____D C:\Users\Izilda\AppData\Local\Hewlett-Packard
2016-02-11 23:23 - 2015-12-13 18:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-11 23:23 - 2015-05-04 13:34 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-02-11 23:23 - 2015-05-04 13:34 - 00000000 ____D C:\Program Files\Diebold
2016-02-11 23:23 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-11 21:20 - 2012-01-14 17:37 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E9E6BA8C-07EE-4923-A62A-9A3F663A7BF5}
2016-02-11 21:00 - 2012-11-30 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
2016-02-11 20:54 - 2013-01-07 20:02 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA
2016-02-11 20:54 - 2013-01-07 20:02 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core
2016-02-11 20:54 - 2012-03-06 21:08 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-11 20:54 - 2012-03-06 21:08 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-05 18:11 - 2012-04-10 18:32 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\Nitro PDF
2016-02-05 02:57 - 2013-08-15 12:33 - 00001456 _____ C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-02-04 08:41 - 2011-10-06 12:58 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-02-03 18:48 - 2012-01-15 18:42 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-27 12:20 - 2012-04-10 18:29 - 00000000 ____D C:\Users\Izilda\AppData\Roaming\PrimoPDF
2016-01-25 21:45 - 2013-08-16 14:10 - 00000132 _____ C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-01-21 22:28 - 2012-11-23 00:31 - 00000000 ____D C:\Users\Izilda\Downloads\00-Fotos de Caetano
==================== Files in the root of some directories =======
2012-09-21 23:29 - 2013-02-26 23:36 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-09-26 14:32 - 2013-07-11 19:01 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-08-16 14:10 - 2016-01-25 21:45 - 0000132 _____ () C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-10-15 22:54 - 2013-10-15 22:54 - 0009321 _____ () C:\Users\Izilda\AppData\Roaming\Comma Separated Values (DOS).EML
2013-05-07 22:04 - 2013-05-07 22:04 - 0009327 _____ () C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
2012-12-24 17:41 - 2014-12-03 15:34 - 0009316 _____ () C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
2013-06-19 13:30 - 2013-06-19 13:30 - 0012679 _____ () C:\Users\Izilda\AppData\Roaming\unins000.dat
2013-06-19 13:30 - 2013-06-19 13:30 - 0720594 _____ () C:\Users\Izilda\AppData\Roaming\unins000.exe
2015-05-04 13:32 - 2015-05-04 13:42 - 0035522 _____ () C:\Users\Izilda\AppData\Roaming\unins001.dat
2015-05-04 13:42 - 2015-05-04 13:41 - 0813729 _____ () C:\Users\Izilda\AppData\Roaming\unins001.exe
2014-03-24 11:11 - 2014-03-24 11:11 - 0016594 _____ () C:\Users\Izilda\AppData\Roaming\unins002.dat
2014-03-24 11:11 - 2014-03-24 11:11 - 0718497 _____ () C:\Users\Izilda\AppData\Roaming\unins002.exe
2014-01-02 17:26 - 2014-01-06 21:26 - 0000098 _____ () C:\Users\Izilda\AppData\Roaming\WB.CFG
2014-01-02 17:26 - 2014-01-06 21:26 - 0000005 _____ () C:\Users\Izilda\AppData\Roaming\WBPU-TTL.DAT
2012-09-23 22:32 - 2013-07-13 09:04 - 0001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-08-15 12:33 - 2016-02-05 02:57 - 0001456 _____ () C:\Users\Izilda\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-01-22 12:10 - 2014-02-05 13:14 - 0004096 ____H () C:\Users\Izilda\AppData\Local\keyfile3.drm
2012-11-12 20:20 - 2012-11-12 20:20 - 0000892 _____ () C:\Users\Izilda\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Izilda\AppData\Local\Temp\2lj4u2du.dll
C:\Users\Izilda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp71xpte.dll
C:\Users\Izilda\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Izilda\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-08 00:41
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Izilda (2016-02-16 23:20:08)
Running from C:\Users\Izilda\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-14 22:23:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3190529940-644357419-2377663512-500 - Administrator - Disabled)
Guest (S-1-5-21-3190529940-644357419-2377663512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3190529940-644357419-2377663512-1003 - Limited - Enabled)
Izilda (S-1-5-21-3190529940-644357419-2377663512-1001 - Administrator - Enabled) => C:\Users\Izilda
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.271 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD System Monitor (HKLM-x32\...\{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}) (Version: 1.0.5 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 12 v.12.0.1 (HKLM-x32\...\Ashampoo Burning Studio 12_is1) (Version: 12.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 12 v.12.0.3 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.3 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{942836D4-5395-652B-F1E8-A7C5B039910C}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ColorMania 3.2 (HKLM-x32\...\ColorMania_is1) (Version: 3.2 - Blacksun Software)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Files Opened (HKLM-x32\...\Files Opened) (Version: 1.0 - )
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
GBBD Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.7.1.1 - )
Google Apps Migration For Microsoft Outlook® 4.0.27.0 (HKLM-x32\...\{8806AF1D-5161-489E-9E17-086CCC518931}) (Version: 4.0.27.0 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
IZArc 3.81 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LinkAssistant (HKLM-x32\...\seopowersuite) (Version: - )
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13291.0 - Linksys LLC)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Módulo Adicional de Segurança CAIXA (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: Módulo Adicional de Segurança CAIXA - )
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nitro PDF Professional (HKLM\...\{EB8FF6C8-811B-4395-8584-EF4C7A0C8199}) (Version: 6.2.0.44 - Nitro PDF Software)
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
OmniPage SE 2.0 (HKLM-x32\...\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}) (Version: 2.00.0004 - ScanSoft, Inc.)
OpenSubtitlesPlayer V4.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version: - ALLCinema Ltd.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.5.33 - Intuit)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.02.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.01 - Serpro - Serviço Federal de Processamento de Dados)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38843 - TeamViewer)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.8.2 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VOIP Recorder (HKLM-x32\...\{68EAD428-8B16-4CE3-832B-6E63B11852C0}) (Version: 1.0.51 - PenBay Networks)
Warsaw 1.11.0.42826 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.11.0.42826 - GAS Tecnologia)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3190529940-644357419-2377663512-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Izilda\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01349F0A-062F-4458-A4D5-C2CD2096CD52} - System32\Tasks\Google Updater and Installer => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {05E7E90B-C156-49C2-B80B-5A7B90F6B2D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {09EC1C04-6923-4186-8E0D-CC9C67862FC7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {0EE9EEF0-21B1-45E3-B7CF-F59434679A53} - System32\Tasks\{086040D7-8B51-4901-9C99-9A59D7D1A236} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain
Task: {109083C1-DC1D-41C0-9B37-5E48DBCCC782} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {162C6DBE-2A6F-4E34-983E-0228EF8D5CE0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {282DE240-CE05-41F1-A409-219F5E54A651} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-12-03] (HP Inc.)
Task: {2C7FFEAB-6D34-456B-BBC7-96D4D89DCE86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2016-02-03] (Microsoft)
Task: {33D9E3D2-3090-46CA-B65A-8F6D8252BC0B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {37065E35-AD7D-4B83-9931-FF5ECE0A0596} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {375C903F-EA55-443B-8DF2-2FF88F2810D0} - System32\Tasks\HPCeeScheduleForIZILDA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {39F4CE9A-491A-456E-81A3-466580B215D4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {51AC61DE-76C0-4818-84FF-F719085926E5} - System32\Tasks\HPCeeScheduleForIzilda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {52B00829-D5E0-4CFA-B215-1688F579EAF2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3190529940-644357419-2377663512-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5405D664-CF1F-4CB1-AEC3-ABA939175BDD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3190529940-644357419-2377663512-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5646EDF7-CD9A-429C-B416-447A718EC110} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)
Task: {5DF1F832-6C27-411F-B476-B842FBF900EB} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {68F197BB-6884-4036-99D3-9243F0151B8C} - System32\Tasks\Programa de atualização online DivX => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {72F3921D-97C4-40B3-818F-D1E2DA7D5CE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-12-03] (HP Inc.)
Task: {91714A50-1F70-4A57-8597-98231B2A9C68} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A11333F8-35ED-40EE-93E9-F13E4CF02024} - System32\Tasks\{3B50766E-2CFC-4C09-8635-19261323916F} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM
Task: {A36E4DB2-84F2-48BC-A73C-D51DF4508E26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BDB3F131-E378-40F8-BF88-5ACD639EFBAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BF7828A7-805C-4008-8F81-7813F60ED84A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-11] (AVAST Software)
Task: {CE8569CD-0C75-4E0B-A578-E79F5FABA946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E36D2026-0BAC-493A-AE87-CCE85EE86C23} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {E806086C-1DEF-4DDD-8390-B3F6AADA642F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E9546077-FAE8-4B67-A93C-05F7F81F0647} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {ED10A4E0-438B-4CF1-80ED-7E6A49DB4437} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-14] (AVAST Software)
Task: {F677F74D-9A50-466C-93BC-71F975AA0061} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-11-30] (Hewlett-Packard)
Task: {F901E352-4CCA-4A9B-B554-6813BD358146} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)
Task: {FD787783-8007-426F-9F75-11D693F3A23C} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job => C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIZILDA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIzilda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-04-07 22:20 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2012-04-10 18:28 - 2009-12-20 20:42 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2011-04-02 01:06 - 2011-04-02 01:06 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-06-02 10:18 - 2015-06-02 10:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-01-12 11:39 - 2011-01-12 11:39 - 00123712 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NPShellExtension64.dll
2011-04-02 01:06 - 2011-04-02 01:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-04 14:25 - 2011-03-04 14:25 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-02 00:57 - 2011-04-02 00:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-08 09:57 - 2011-04-08 09:57 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2016-02-14 19:04 - 2016-02-14 19:04 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-14 19:04 - 2016-02-14 19:04 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-16 21:25 - 2016-02-16 21:25 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16021603\algo.dll
2016-02-14 19:04 - 2016-02-14 19:04 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2012-11-28 11:13 - 2012-11-28 11:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 11:13 - 2012-11-28 11:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-13 01:33 - 2015-10-30 19:59 - 00034768 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00019408 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00022848 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00023352 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00042296 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00116688 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 01:33 - 2015-10-30 19:59 - 00093640 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00018376 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00019760 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00105928 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00392144 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-13 01:33 - 2015-12-08 16:36 - 00381752 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00692688 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00020816 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00109520 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 01737032 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00020808 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00020800 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00021840 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00038696 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00024528 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00020936 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00114640 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00021320 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00124880 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00030160 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00043472 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00175560 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00028616 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00024016 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00048592 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00024392 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00036296 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-13 01:33 - 2015-10-30 20:00 - 00024016 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00117056 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00023376 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00134608 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-13 01:33 - 2015-10-30 19:59 - 00134088 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-13 01:35 - 2015-10-30 20:00 - 00240584 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00020280 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00052024 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00021304 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00350152 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-13 01:35 - 2015-12-08 16:36 - 00084792 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-13 01:33 - 2015-12-08 16:36 - 01826608 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 01:33 - 2015-10-30 20:00 - 00083912 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 03891504 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 01950000 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00519984 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00133936 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00225080 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00207672 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00024904 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00486704 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-13 01:33 - 2015-12-08 16:36 - 00357680 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 16:45 - 2015-10-30 20:01 - 00019920 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 16:45 - 2015-10-30 20:00 - 00786904 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-01 22:58 - 2015-10-30 20:00 - 00063448 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 16:45 - 2015-10-30 20:00 - 00019408 _____ () C:\Users\Izilda\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2016-02-14 19:04 - 2016-02-14 19:04 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-04-08 09:57 - 2011-04-08 09:57 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Windows\System32:5B1620CE_Bb.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\bb.com.br -> hxxps://seg.bb.com.br
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3190529940-644357419-2377663512-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2016-02-12 00:33 - 00000004 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3190529940-644357419-2377663512-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.114.81.1 - 75.114.81.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Izilda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{65744CAD-129D-47B9-95E8-C8FB8FE23DA1}C:\users\izilda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\izilda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BB3A7506-3EF3-478D-AD7C-47A82F222CE1}C:\users\izilda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\izilda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4DE35125-ECDA-4A50-BE10-4934E30ECCC0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{03757B5A-B849-494C-85EB-8B6BFB16256E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2FFBE398-304F-4BB0-97D8-6FA7F5CE3172}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{26B19BCB-C411-415B-A17C-643D4F2D5D33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{22B7D6B7-41EF-4D3B-A595-1345EFF42D8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6EED024B-5CA2-4F03-8BEC-0E38C2321113}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{499108A3-3DF5-4A85-AACA-C415AD34014E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C24E6D9A-1232-4756-AB14-8B665DB299D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D3E4083F-B647-4D68-9FB0-3EE24180B7C3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Vono\Vono\Vono.exe] => Enabled:%applicationname%
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Vono\Vono\Vono.exe] => Enabled:%applicationname%
==================== Restore Points =========================
29-09-2015 21:10:26 Windows Update
04-10-2015 00:48:10 Windows Update
07-10-2015 22:58:13 Windows Update
08-10-2015 21:37:37 avast! antivirus system restore point
13-10-2015 18:09:58 Windows Update
14-10-2015 02:01:51 Windows Update
15-10-2015 02:00:28 Windows Update
20-10-2015 21:31:57 Windows Update
01-11-2015 01:13:41 Windows Update
06-11-2015 03:50:58 Windows Update
10-11-2015 22:57:13 Windows Update
11-11-2015 03:02:06 Windows Update
13-11-2015 03:00:35 Windows Update
18-11-2015 19:04:12 Windows Update
24-11-2015 23:29:35 Windows Update
28-11-2015 01:13:43 Windows Update
03-12-2015 00:40:17 Windows Update
07-12-2015 00:23:31 Windows Update
09-12-2015 00:10:49 Windows Update
13-12-2015 17:49:35 Windows Update
19-12-2015 00:36:51 Windows Update
19-12-2015 03:00:11 Windows Update
22-12-2015 22:09:44 Windows Update
26-12-2015 02:08:58 Windows Update
31-12-2015 01:27:49 Windows Update
05-01-2016 21:40:25 Windows Update
09-01-2016 22:14:45 Windows Update
13-01-2016 03:02:34 Windows Update
21-01-2016 22:03:12 Windows Update
27-01-2016 12:23:26 Windows Update
30-01-2016 19:27:48 Windows Update
04-02-2016 00:39:24 Windows Update
04-02-2016 08:24:34 Restore Operation
04-02-2016 18:47:37 Windows Update
04-02-2016 22:37:03 Restore Operation
09-02-2016 21:56:13 Windows Update
10-02-2016 20:35:42 Windows Update
11-02-2016 20:44:14 avast! antivirus system restore point
11-02-2016 21:53:28 Windows Update
12-02-2016 00:57:38 Windows Update
13-02-2016 10:25:51 avast! antivirus system restore point
16-02-2016 02:40:08 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/16/2016 11:03:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/16/2016 10:53:00 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (4736) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
Error: (02/16/2016 10:53:00 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4736) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (02/16/2016 10:49:42 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (4736) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
Error: (02/16/2016 10:49:42 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4736) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (02/16/2016 10:49:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/16/2016 10:26:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/16/2016 09:23:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/15/2016 11:31:39 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (4968) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
Error: (02/15/2016 11:31:39 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4968) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
System errors:
=============
Error: (02/16/2016 08:24:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069
Error: (02/16/2016 08:24:47 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%1352
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (02/16/2016 08:24:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069
Error: (02/16/2016 08:24:47 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%1352
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (02/16/2016 08:24:47 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (02/13/2016 06:21:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Gbpddreg svc service failed to start due to the following error:
%%2
Error: (02/13/2016 06:21:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Gbpddreg svc service failed to start due to the following error:
%%2
Error: (02/13/2016 06:21:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
gbpddreg
wsddfac
Error: (02/13/2016 06:21:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Warsaw Technology service failed to start due to the following error:
%%1053
Error: (02/13/2016 06:21:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Warsaw Technology service to connect.
CodeIntegrity:
===================================
Date: 2013-09-30 17:32:16.406
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-30 17:32:16.403
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-30 17:32:16.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-25 11:52:48.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-25 11:52:48.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-25 11:52:48.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-15 15:36:40.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-15 15:36:40.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-15 15:36:40.778
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-09-10 23:35:24.408
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A8-3500M APU with Radeon™ HD Graphics
Percentage of memory in use: 30%
Total physical RAM: 7658.9 MB
Available physical RAM: 5295.92 MB
Total Virtual: 15316.01 MB
Available Virtual: 12703.33 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:578.92 GB) (Free:39.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.96 GB) (Free:1.86 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Setup) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: (ANDRE) (Removable) (Total:1.89 GB) (Free:0.81 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1813033F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=578.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
==================== End of Addition.txt ============================
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
