Jump to content

HijackThis LOG


Recommended Posts

HI, 
Open a zip file and nothing was inside, I was scared and I think it was a trojan, spyware, or something like that. I used Loares Trojan Remover and found a list of things, then spent the Spybot-SD which found nothing, finally used the Hijack This and I'm sending the LOG so they can help me find something potentially dangerous to your PC. 
 
Thank you
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:07, on 2014-08-07
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16540)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Intel Audio Studio 2.7\IntelAudioStudio.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Windows\twain_32\TCE\S430\SCANER32.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\DANFEView\mon\danfemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\nandscape\Downloads\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~1\GbPlugin\gbiehUni.dll
O2 - BHO: G-Buster Browser Defense ISG - {C41A1C0E-EA6C-11D4-B1B8-444553540015} - C:\PROGRA~1\GbPlugin\gbiehIsg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio 2.7\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [DANFEViewMon] C:\DANFEView\danfemon.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKLM\..\Policies\Explorer\Run: []
O4 - Startup: TCE Scanner Utilities.lnk = C:\Windows\twain_32\TCE\S430\SCANER32.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.bancobrasil.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: http://www.caixa.gov.br
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: www.itau.com.br
O15 - Trusted Zone: http://www.itau.com.br
O15 - Trusted Zone: *.itau.com.br
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify:  GbPluginIsg - C:\PROGRA~1\GbPlugin\gbiehIsg.dll
O20 - Winlogon Notify:  GbPluginUni - C:\PROGRA~1\GbPlugin\gbiehUni.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Symantec Eraser Service (EraserSvc11210) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PS3 Media Server - Tanuki Software, Ltd. - C:\Program Files\PS3 Media Server\Versao_182\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files\Scpad\scpVista.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\STacSV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 
--
End of file - 11277 bytes
 

 

Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:
  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:8-08-2014
Ran by Marcelo Marins at 2014-08-08 00:19:26
Running from C:\Users\nandscape\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
"Nero SoundTrax Help (Version: 4.4.32.0 - Nero AG) Hidden
%DeviceDesc% (HKLM\...\indeoxp) (Version:  - )
µTorrent (HKCU\...\uTorrent) (Version: 1.7.5 - )
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
3GP Video Converter 3 (HKLM\...\3GP Video Converter 3) (Version: 3.1.9.0829b - Xilisoft)
AC3Filter (remove only) (HKLM\...\AC3Filter) (Version:  - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Active@ File Recovery 7.1 (HKLM\...\Active@ File Recovery 7.1) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (HKLM\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Color Common Settings (Version: 1.0.1 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.0) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.4 - IObit)
Advanced WindowsCare Personal (HKLM\...\Advanced WindowsCare V2 Personal_is1) (Version: 2.8.6 - IObit)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
Adware Spyware Scanner Deleter version 0.2 (HKLM\...\Adware Spyware Scanner Deleter_is1) (Version:  - )
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{EAB74CB6-760C-2136-FC77-9549721FB84A}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMR Converter Pro (HKLM\...\AMR Converter Pro) (Version:  - Mystik Media)
AMR Converter Pro (Version: 2.0 - Mystik Media) Hidden
Any Video Converter Professional 3.1.8 (HKLM\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
Apple Software Update (HKLM\...\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}) (Version: 2.0.2.92 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Arquivos de Suporte da Instalação do Microsoft SQL Server (Inglês) (HKLM\...\{8618F932-5FFA-48BE-B39A-2F606761EBDC}) (Version: 9.00.5000.00 - Microsoft Corporation)
Assistente de Conexão do Windows Live (HKLM\...\{381C70F0-FC2C-4BEF-B16C-B88FA67A6B7B}) (Version: 5.000.818.6 - Microsoft Corporation)
Assistente Pimaco + (HKLM\...\Assistente Pimaco +) (Version: 2.2.0.0 - Pimaco Autoadesivos Ltda)
aTube Catcher 1.0 (HKLM\...\{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1) (Version:  - DsNET Corp)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
AVS DVD Player version 2.4 (HKLM\...\AVS DVD Player_is1) (Version:  - Online Media Technologies Ltd.)
BitComet 0.94 (HKLM\...\BitComet) (Version: 0.94 - ~RnySmile~)
BLM 2.6.5 (HKLM\...\The Blocklist Manager_is1) (Version: 2.6.5 - Bluetack Internet Security Solutions)
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.62.1068 - AB Team, d.o.o.)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.0704.122.388 - Nome de sua empresa:) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCleaner (remove only) (HKLM\...\CCleaner) (Version:  - )
CDRoller version 8.61 (HKLM\...\CDRoller_is1) (Version: 8.61 - Digital Atlantic Corp.)
Clone2Go Video Converter Free Version 1.8.5 (HKLM\...\Clone2Go Video Converter Free Version_is1) (Version:  - Clone2Go.com)
CodecInstaller 2.8.0 (HKLM\...\CodecInstaller) (Version: 2.8.0 - JockerSoft)
Command & Conquer 3 (HKLM\...\{B0C30E93-D3D9-4F04-A2AC-54749B573275}) (Version: 1.00.0000 - Electronic Arts Inc.)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CoreAAC Audio Decoder (remove only) (HKLM\...\CoreAAC Audio Decoder) (Version:  - )
CoreAVC Professional Edition (remove only) (HKLM\...\CoreAVC Professional Edition) (Version:  - )
DANFE View (HKLM\...\DANFE View_is1) (Version: 2.4.8 - Unimake Softwares)
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dicionário eletrônico Houaiss (HKLM\...\Houaiss) (Version: 1.0 - )
Digital Voice Editor 3 (HKLM\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: 3.3.01.11240 - Sony Corporation)
DiRT (HKLM\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Disc2Phone (HKLM\...\{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}) (Version: 1.4.0.112 - Sony Media Software)
DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.0 - DivXNetworks, Inc.)
DJS Trial (HKLM\...\DJS 1.0) (Version: 1.601.000 - Pioneer Corporation.)
DJS Trial (Version: 1.601.000 - Pioneer Corporation.) Hidden
DolbyFiles (Version: 2.0 - Nero AG) Hidden
DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.16 Build R3102 - Hagel Technologies Ltd.)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
eMule (HKLM\...\eMule) (Version:  - )
Esquemas de Som do Windows (HKLM\...\UltSounds) (Version:  - Microsoft Corporation)
F1 2010 (HKLM\...\GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}) (Version: 1.0.0000.132 - Codemasters)
F1 2010 (Version: 1.0.0000.132 - Codemasters) Hidden
Ferramenta de Carregamento do Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Flash Effect Maker Pro v3.2560 Free (560 Templates) (HKLM\...\Flash Effect Maker_is1) (Version:  - www.avimpeg.net)
FLV Player 1.3.3 (HKLM\...\FLVPlayer) (Version:  - )
Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version:  - )
Free NFe (HKLM\...\{E661808B-E4B7-4D26-A983-4E70344DA6BD}_is1) (Version: 2.0.1 - Free NFe)
FTP Commander (HKLM\...\FTP Commander) (Version:  - )
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GetDataBack for FAT and GetDataBack for NTFS (HKLM\...\{49C09E32-B9FD-4EDC-9152-9BC0CC618A13}) (Version: 3.03.000 - Runtime Software)
GOM Player (HKLM\...\GOM Player) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
Google Earth Pro (HKLM\...\{48EE6C79-1CE2-4CE8-B511-F2140B6781D6}) (Version: 4.0.2737 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Gravador do Microsoft SQL Server VSS (HKLM\...\{F5C549C0-8A49-4911-A9B5-EE94C627A177}) (Version: 9.00.5000.00 - Microsoft Corporation)
Guardião - Itaú 30 horas (HKLM\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.8.0.1 - )
Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - )
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
hp deskjet 930c series (Remover somente) (HKLM\...\hp deskjet 930c series) (Version:  - )
HP Deskjet Printer Driver Software. 8.0.B (HKLM\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP Print Diagnostic Utility (HKLM\...\{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}) (Version: 1.51.0000 - Hewlett_Packard)
HP Update (HKLM\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.005.007 - Hewlett-Packard)
HP USB Disk Storage Format Tool (HKLM\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.5405.0 - IDT)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Intel Audio Studio 2.7 (HKLM\...\{1D0BF0C6-E45A-460D-B1F5-05D123335A21}) (Version: 2.7.2.11 - Intel Corporation)
Intel® Integrated Performance Primitives RTI 4.0 (HKLM\...\{51C91B84-7B46-4FE7-8999-8228CFA75F89}) (Version: 4.0.23 - Intel Corporation)
IRPF2005 - Declaração de Ajuste Anual (HKLM\...\IRPF2005 - Declaração de Ajuste Anual) (Version:  - )
IRPF2006 - Declaração de Ajuste Anual (HKLM\...\IRPF2006 - Declaração de Ajuste Anual) (Version:  - )
IRPF2007 - Declaração de Ajuste Anual (HKLM\...\IRPF2007 - Declaração de Ajuste Anual) (Version:  - )
IRPF2008 Windows - Declaração de Ajuste Anual (HKLM\...\IRPF2008 Windows - Declaração de Ajuste Anual) (Version:  - )
IRPF2009 - Declaração de Ajuste Anual e Final de Espólio (HKLM\...\IRPF2009 - Declaração de Ajuste Anual e Final de Espólio) (Version:  - )
IRPF2010 - Declaração de Ajuste Anual e Final de Espólio (HKLM\...\IRPF2010 - Declaração de Ajuste Anual e Final de Espólio) (Version:  - )
IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2011) (Version: 1.0 - Receita Federal do Brasil)
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)
IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2013) (Version: 1.3 - Receita Federal do Brasil)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2014) (Version: 1.3 - Receita Federal do Brasil)
J2SE Runtime Environment 5.0 Update 11 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150110}) (Version: 1.5.0.110 - Sun Microsystems, Inc.)
Jasc Animation Shop 3 (HKLM\...\{174D5678-D941-433C-BD23-58A5C7B0D36D}) (Version: 3.05.0000 - Jasc Software Inc)
Java Auto Updater (Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java 6 Update 19 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216019FF}) (Version: 6.0.190 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Loaris Trojan Remover (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version:  - Loaris, Inc.)
Mask Pro 4.1 (HKLM\...\{2DFAC810-6DD8-4E23-96A4-BEB118408203}) (Version: 4.1 - onOne Software)
Menu Templates - Starter Kit (Version: 9.4.6.0 - Nero AG) Hidden
MessageViewer Pro 3.1.10 (HKCU\...\MessageViewer Pro) (Version: 3.1.10 - Encryptomatic, LLC)
MGI PhotoSuite SE (Remover somente) (HKLM\...\MGI_PHOTOSUITE_SE_V10) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 7.0 (HKLM\...\{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F398B059-0711-490E-8552-1453FF04098F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.70.1104.04 - Microsoft Corporation) Hidden
Miniaurélio (HKLM\...\{01A373F1-B268-43CA-A8F1-45708A62F50A}) (Version: 5.12 - Positivo Informática.)
MixVibes FREE 4 uninstall (HKLM\...\MixVibesFREE.exe) (Version:  - )
MKV2AC3 - 1.03.03 (HKLM\...\{9042C334-9881-4603-B1BC-7E623514A495}) (Version: 1.0.0 - Martins)
MKVToolNix 6.6.0 (HKLM\...\MKVToolNix) (Version: 6.6.0 - Moritz Bunkus)
Movie Templates - Starter Kit (Version: 9.4.6.0 - Nero AG) Hidden
MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.6.0 - F.J. Wechselberger)
Need for Speed™ ProStreet (HKLM\...\{CC419DDC-E0F0-4013-B25A-6FA036516F0D}) (Version: 1.0.1.0 - Electronic Arts)
Need for Speed™ SHIFT (HKLM\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Nero 9 (HKLM\...\{d0d0615a-e9d6-4ccc-95c9-ef43e666d984}) (Version:  - Nero AG)
Nero Burning ROM Help (Version: 9.4.17.100 - Nero AG) Hidden
Nero BurnRights (Version: 3.4.11.100 - Nero AG) Hidden
Nero BurnRights Help (Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (Version: 4.4.9.100 - Nero AG) Hidden
Nero CoverDesigner Help (Version: 4.4.9.100 - Nero AG) Hidden
Nero Disc Copy Gadget (Version: 2.4.22.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (Version: 2.4.22.0 - Nero AG) Hidden
Nero DiscSpeed (Version: 5.4.12.100 - Nero AG) Hidden
Nero DiscSpeed Help (Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (Version: 4.4.11.100 - Nero AG) Hidden
Nero DriveSpeed Help (Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (Version: 9.4.17.100 - Nero AG) Hidden
Nero InfoTool (Version: 6.4.11.100 - Nero AG) Hidden
Nero InfoTool Help (Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
Nero Live (Version: 1.4.48.0 - Nero AG) Hidden
Nero Live Help (Version: 1.4.48.0 - Nero AG) Hidden
Nero PhotoSnap (Version: 1.53.2.0 - Nero AG) Hidden
Nero PhotoSnap Help (Version: 1.53.2.0 - Nero AG) Hidden
Nero Recode (Version: 4.4.31.0 - Nero AG) Hidden
Nero Recode Help (Version: 4.4.31.0 - Nero AG) Hidden
Nero Rescue Agent (Version: 2.4.12.100 - Nero AG) Hidden
Nero RescueAgent Help (Version: 2.4.4.100 - Nero AG) Hidden
Nero ShowTime (Version: 5.4.0.100 - Nero AG) Hidden
Nero ShowTime (Version: 5.4.14.100 - Nero AG) Hidden
Nero StartSmart (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart Help (Version: 9.4.12.100 - Nero AG) Hidden
Nero Vision (Version: 6.4.10.205 - Nero AG) Hidden
Nero Vision Help (Version: 6.4.8.100 - Nero AG) Hidden
Nero WaveEditor (Version: 5.4.32.0 - Nero AG) Hidden
NeroBurningROM (Version: 9.4.17.100 - Nero AG) Hidden
NeroExpress (Version: 9.4.17.100 - Nero AG) Hidden
NeroLiveGadget (Version: 1.2.16.100 - Nero AG) Hidden
NeroLiveGadget Help (Version: 1.2.16.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.5.0 - Nikon)
Norton Internet Security (HKLM\...\NIS) (Version: 17.9.0.12 - Symantec Corporation)
Novo Dicionário Aurélio (HKLM\...\{498B4BF1-AD73-4AA8-99EB-18D400E42482}) (Version: 5.00 - Positivo Informática.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - )
OEM Logo and Information (HKLM\...\OEMInformation) (Version:  - Intel)
OpenAL (HKLM\...\OpenAL) (Version:  - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PeerGuardian 2.0 (HKLM\...\PeerGuardian_is1) (Version: 2.0.6.4 - Methlabs Productions)
Pimaco (HKLM\...\{2610CDBE-07FB-4A4F-932D-5B012469A76A}) (Version: 1.0.0 - Prime)
Pinnacle Instant DVD Recorder (HKLM\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 2.00.088 - )
Power MP4 iPod PSP 3GP AVI MPG WMV Video Converter 5.0 (HKLM\...\{C79308BC-63CC-4A0F-A585-2E137EA42A1E}_is1) (Version:  - AML SOFT, Inc.)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.82.0 - PS3 Media Server)
Pure Pinball 2.0 REDUX (HKLM\...\Pure Pinball 2.0 REDUX) (Version:  - )
Qual é a Música (HKLM\...\Qual é a Música) (Version:  - )
QuickTime (HKLM\...\{08094E03-AFE4-4853-9D31-6D0743DF5328}) (Version: 7.1.6.200 - Apple Computer, Inc.)
Rapture3D 2.4.4 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Real Alternative 1.43 (HKLM\...\RealAlt_is1) (Version: 1.43 - )
Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Receitanet 2007 (HKLM\...\Receitanet) (Version:  - )
Receitanet Java 2009.01 (HKLM\...\Receitanet Java 2009.01) (Version:  - )
Receitanet Java 2010.02a (HKLM\...\Receitanet Java 2010.02a) (Version:  - )
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SEGA Rally (HKLM\...\InstallShield_{4A05FF52-4AA8-4681-BC06-5EE7F812A441}) (Version: 1.00.0000 - SEGA)
SEGA Rally (Version: 1.00.0000 - SEGA) Hidden
SF_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SMAC 2.0 (HKLM\...\SMAC 2.0) (Version:  - )
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.2.7 - SmartSound Software Inc) Hidden
Sniper Elite (HKLM\...\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}) (Version:  - )
SolveigMM Video Splitter (HKLM\...\SolveigMM Video Splitter 3.6.1305.22) (Version: 3.6.1305.22 - Solveig Multimedia)
Sony Ericsson Device Data (Version: 1.0.32 - Sony Ericsson) Hidden
Sony Ericsson Drivers (Version: 1.0.28 - Sony Ericsson) Hidden
Sony Ericsson PC Suite (HKLM\...\{D6BF6477-8369-489F-8DE6-3731F4B88560}) (Version: 2.10.46 - )
Sony Ericsson PC Suite (Version: 2.10.37 - Sony Ericsson) Hidden
Sony Media Manager 2.2 (HKLM\...\{878D2EB2-2D55-42A9-955E-1E08F28529FD}) (Version: 2.2.136 - Sony)
SoundTrax (Version: 4.4.32.0 - Nero AG) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Spybot - Search & Destroy 1.4 (HKLM\...\Spybot - Search & Destroy_is1) (Version: 1.4 - Safer Networking Limited)
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)
Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden
System Requirements Lab for Intel (HKLM\...\{ADD72094-D289-4714-A62E-70574478A2BC}) (Version: 4.3.1.0 - Husdawg, LLC)
Tempus-Transfer for Windows 98/NT (HKLM\...\FTW32NativeMode) (Version:  - )
The Core Media Player 4.0 (HKLM\...\The Core Media Player) (Version:  - )
Time Adjuster STANDARD 3.1 (HKCU\...\TimeAdjuster) (Version:  - IrekSoftware.com)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Ulead VideoStudio 10 (HKLM\...\{E188D820-1218-4E28-8BCA-91134C3664C2}) (Version: 10.0 - Ulead Systems)
Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version:  - Microsoft Corporation)
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Unlocker 1.8.5 (HKLM\...\Unlocker) (Version: 1.8.5 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VDownloader  1.12 (HKLM\...\{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1) (Version:  - Enrique Puertas)
VDownloader 2.9.435 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
Vegas Pro 11.0 (HKLM\...\{0F414901-5ED4-11E1-86F3-F04DA23A5C58}) (Version: 11.0.594 - Sony)
VideoLAN VLC media player 0.8.6c (HKLM\...\VLC media player) (Version: 0.8.6c - VideoLAN Team)
viDrop (remove only) (HKLM\...\viDrop) (Version:  - )
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.5.0 - Nikon)
Vista x86 OneClick Activator (HKLM\...\{2876AEE2-A9C9-4585-A46A-44CF451C960E}) (Version: 1.0.0 - ClonySoft)
VobSub v2.23 (Remove Only) (HKLM\...\VobSub) (Version:  - )
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.45 - VSO-Software SARL)
Vuze (HKLM\...\8461-7759-5462-8226) (Version:  - Vuze Inc.)
WebEx Support Manager for Internet Explorer (HKLM\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
XviD MPEG-4 Codec (HKLM\...\XviD) (Version:  - )
Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden
ZwCAD 2007 Standard  (HKLM\...\ZwCAD 2007 Standard) (Version:  01.01 - My company, Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3925259852-1633748315-1759152405-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\nandscape\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3925259852-1633748315-1759152405-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\nandscape\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3925259852-1633748315-1759152405-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\nandscape\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-apoctoshape.dll (Octoshape ApS)
 
==================== Restore Points  =========================
 
31-07-2014 13:50:34 Ponto de Verificação Agendado
01-08-2014 03:00:05 Ponto de Verificação Agendado
02-08-2014 03:01:08 Ponto de Verificação Agendado
07-08-2014 20:42:45 Mover o arquivo para quarentena: Gbieh Module
07-08-2014 20:45:19 Mover o arquivo para quarentena: Gbieh Module
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 07:23 - 2014-05-05 13:24 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {002CBD46-6093-45B3-8B10-DEB895F79A85} - System32\Tasks\{FD27FEC9-A2A4-4D9B-9D10-015BB092D67E} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {075F7B0C-8858-426A-81EA-5161F4D13E82} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {156AFF4E-4B10-4382-83AE-F64239725C0E} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe [2014-02-17] (IObit)
Task: {1876E129-3F12-426B-A134-576C1C50C2F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29] (Apple Inc.)
Task: {23089B3C-DE02-4DE5-B848-1E8F3A13750B} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {2EF1A2C3-210D-4AFD-BEB7-E51E7FD69C0C} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {38480AB4-1706-47F5-8CDB-E7E424CFC8AA} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe [2014-02-13] (IObit)
Task: {3A950610-5351-4CF3-89BD-526A7E64AA8B} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {5A6D9831-D95C-4713-B4E9-F03D1644498F} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {5B1D55DC-14BC-4271-B6E8-961333D524AE} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {5F7DB3AD-CF53-466F-A17C-8E4962024B26} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-08-10] (IObit)
Task: {84CFA9A3-1CB5-4F9E-811F-B6D144DB41D2} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe [2014-08-04] (Loaris Inc.)
Task: {BA0FDC47-A408-49DF-8C6C-987776EF64B5} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)
Task: {C6FCF5FD-7D49-446D-9B11-9C4F08959BCB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {DCBCB8BB-9526-4B8A-B165-95CD2E858290} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {EB567D59-BDB8-4120-A89A-9F1883493543} - System32\Tasks\{C2858690-7701-4E61-B8CA-B881BB31DD2B} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/pt/abandoninstall?page=tsMain
Task: {F01EBC95-B21B-413A-9B6B-ED7E5EA9C3F7} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-21 13:37 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
2006-09-07 14:19 - 2006-09-07 14:19 - 00008704 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2007-03-25 21:42 - 2007-01-13 20:02 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2004-09-11 22:47 - 2004-09-11 22:47 - 00126464 _____ () C:\Program Files\CoreCodec\The Core Media Player\System\coreshellagent.cll
2013-08-21 13:38 - 2013-01-15 18:47 - 00143168 _____ () C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll
2013-03-09 00:52 - 2012-07-04 02:09 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2014-02-17 14:30 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files\IObit\Smart Defrag 3\webres.dll
2013-08-21 13:38 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl
2013-08-21 13:38 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl
2013-08-21 13:38 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-08-21 13:37 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 6\webres.dll
2007-11-18 15:39 - 2009-07-01 17:09 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2006-07-14 02:34 - 2006-07-14 02:34 - 00007680 _____ () C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll
2009-12-01 19:22 - 1997-11-03 09:34 - 00061440 _____ () C:\Windows\twain_32\TCE\S430\SCANER32.EXE
2009-12-01 19:22 - 1997-10-17 09:01 - 00062464 _____ () C:\Windows\twain_32\TCE\S430\av26032.dll
2012-07-04 01:16 - 2012-07-04 01:16 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-07-17 21:01 - 2014-07-15 06:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-17 21:01 - 2014-07-15 06:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-17 21:00 - 2014-07-15 06:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-17 21:01 - 2014-07-15 06:24 - 14664008 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
2014-04-15 16:17 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-15 16:17 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\System32:0F8DE818_Cef.gbp
AlternateDataStreams: C:\Windows\System32:0F8DE818_Uni.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7
AlternateDataStreams: C:\Users\nandscape\Desktop\jscreenfix_qvga_mpeg1.mpeg:TOC.WMV
AlternateDataStreams: C:\Users\nandscape\Downloads\Very Hot lesbians Kissing.mp4:TOC.WMV
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Register Mask Pro 3.0.lnk => C:\Windows\pss\Register Mask Pro 3.0.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => 
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => 
MSCONFIG\startupreg: BigDogPath => c:\windows\vm_sti.exe v-gear talkcam 1.1
MSCONFIG\startupreg: DAEMON Tools => "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
MSCONFIG\startupreg: GrooveMonitor => "c:\program files\microsoft office\office12\groovemonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: I downloaded pirated Software from P2P 2006 => Command  Conquer 3 Tiberium Wars
MSCONFIG\startupreg: LaunchList => C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
MSCONFIG\startupreg: NeroFilterCheck => 
MSCONFIG\startupreg: Nikon Message Center 2 => c:\program files\nikon\nikon message center 2\nkmc2.exe -s
MSCONFIG\startupreg: QuickTime Task => "c:\program files\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
MSCONFIG\startupreg: UVS10 Preload => C:\Program Files\Ulead VideoStudio 10\uvPL.exe
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Adaptador do Microsoft 6to4
Description: Adaptador do Microsoft 6to4
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Adaptador do Microsoft 6to4 #2
Description: Adaptador do Microsoft 6to4
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Adaptador do Microsoft ISATAP #4
Description: Adaptador do Microsoft ISATAP
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/07/2014 05:45:19 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback.  hr =  0x80070005.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
 
 
Operação:
   Obtendo Dados do Gravador
 
Contexto:
   Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
   Nome do Gravador: System Writer
   ID de Instância de Gravador: {19357057-3fb8-4b9c-b594-fdfad2999d5b}
 
Error: (08/07/2014 05:42:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback.  hr =  0x80070005.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
 
 
Operação:
   Obtendo Dados do Gravador
 
Contexto:
   Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
   Nome do Gravador: System Writer
   ID de Instância de Gravador: {19357057-3fb8-4b9c-b594-fdfad2999d5b}
 
 
 
System errors:
=============
Error: (08/07/2014 10:19:29 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (08/07/2014 10:03:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update
 
Error: (08/07/2014 10:00:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço de Cache de Fontes do Windows
 
Error: (08/07/2014 09:57:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
 
Error: (08/07/2014 09:57:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Panda Process Protection Driver%%2
 
Error: (08/07/2014 09:54:09 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!
 
Error: (08/07/2014 09:53:53 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Falha na inicialização do despejo de memória!
 
Error: (08/05/2014 08:40:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Gbp Service%%3
 
Error: (08/05/2014 08:40:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Gbp Service210001Reiniciar o serviço
 
Error: (08/05/2014 08:35:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Gbp Service110001Reiniciar o serviço
 
 
Microsoft Office Sessions:
=========================
Error: (01/13/2012 08:13:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 671 seconds with 660 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-08 00:18:10.312
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:18:09.890
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:18:09.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:18:09.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:17:43.970
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:17:43.508
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:17:43.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-08 00:17:42.597
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-07 13:53:55.876
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-07 13:53:55.448
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 74%
Total physical RAM: 3324.15 MB
Available physical RAM: 842.52 MB
Total Pagefile: 6866.29 MB
Available Pagefile: 2596.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1886.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:279.45 GB) (Free:40.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive h: (Novo volume) (Fixed) (Total:931.51 GB) (Free:307.66 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: CEA9EAB2)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:8-08-2014

Ran by nandscape (administrator) on nandscape-PC on 07-08-2014 23:56:42

Running from C:\Users\nandscape\Downloads

Platform: Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: Português (Brasil)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeterSvc.exe

(IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe

() C:\Windows\System32\PnkBstrA.exe

(Tanuki Software, Ltd.) C:\Program Files\PS3 Media Server\Versao_182\PS3 Media Server\win32\service\wrapper.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Sun Microsystems, Inc.) C:\Windows\System32\java.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe

(DT Soft Ltd.) C:\Program Files\DAEMON Tools\daemon.exe

(Intel Corporation) C:\Program Files\Intel Audio Studio 2.7\IntelAudioStudio.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe

() C:\Windows\twain_32\TCE\S430\SCANER32.EXE

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe

(Unimake Software) C:\DANFEView\mon\danfemon.exe

(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Windows\System32\wuauclt.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Trend Micro Inc.) C:\Users\nandscape\Downloads\HijackThis.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\conime.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)

Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll (Caixa Economica Federal)

Winlogon\Notify\ GbPluginIsg: C:\Program Files\GbPlugin\gbiehIsg.dll (Infoseg - Senasp)

Winlogon\Notify\ GbPluginUni: C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)

HKLM\...\Policies\Explorer\Run: [] => 1 No File

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [DLD.EXE] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [1058816 2009-03-13] (Hagel Technologies Ltd.)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [spybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [HideLegacyLogonScripts] 0

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [HideLogoffScripts] 0

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [RunLogonScriptSync] 1

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [RunStartupScriptSync] 0

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [HideStartupScripts] 0

Startup: C:\Users\nandscape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TCE Scanner Utilities.lnk

ShortcutTarget: TCE Scanner Utilities.lnk -> C:\Windows\twain_32\TCE\S430\SCANER32.EXE ()

SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKCU - DefaultScope {FD1349FF-A3AB-43ED-99E4-B2BF368F9F72} URL = http://www.google.com.br/search?hl=pt-BR&q={searchTerms}&meta=&rlz=1I7ADFA_pt-BR

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

SearchScopes: HKCU - {FD1349FF-A3AB-43ED-99E4-B2BF368F9F72} URL = http://www.google.com.br/search?hl=pt-BR&q={searchTerms}&meta=&rlz=1I7ADFA_pt-BR

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: ssh2 Class -> {2E3C3651-B19C-4DD9-A979-901EC3E930AF} -> C:\Program Files\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)

BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (BitComet)

BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File

BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Auxiliar de Conexão do Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540015} -> C:\Program Files\GbPlugin\gbiehIsg.dll (Infoseg - Senasp)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)



DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files\GbPlugin\gbiehIsg.dll [1463232 2014-01-14] (Infoseg - Senasp)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1685384 2011-07-18] (Banco do Brasil)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehUni.dll [1586744 2014-05-05] (Banco Itaú Unibanco)

Tcpip\Parameters: [DhcpNameServer] 201.17.0.79 201.17.0.119

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\Marcelo Marins\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)

FF Plugin HKCU: gastecnologia.com.br/sf/uni - C:\Users\nandscape\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\nandscape\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-28]

FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn

FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn [2010-02-26]

FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2014-08-07]

 

Chrome: 

=======

CHR DefaultSearchKeyword: google.com.br

CHR DefaultNewTabURL: 

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.190.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)

CHR Plugin: (Java Platform SE 6 U19) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Octoshape Streaming Services) - C:\Users\nandscape\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Plugin: (Octoshape Streaming Services) - C:\Users\nandscape\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Extension: (Google Docs) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]

CHR Extension: (Google Drive) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]

CHR Extension: (YouTube) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]

Link to post
Share on other sites

After this line there is a very large meaningless code that I can not post here, I've tried, like the one below:

CHR Extension: (Pesquisa do Google) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]
CHR Extension: (GBBD GuardiÃÆÃÂÂÃ
 
after endless lines so comes the following:
 
cal\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2014-04-30]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-08-21]
CHR Extension: (Google Wallet) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-08-21]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [504832 2009-03-13] (Hagel Technologies Ltd.) [File not signed]
S2 EraserSvc11210; C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2007-04-05] (Macrovision Europe Ltd.) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2009-07-01] ()
R2 PS3 Media Server; C:\Program Files\PS3 Media Server\Versao_182\PS3 Media Server\win32\service\wrapper.exe [366872 2011-05-17] (Tanuki Software, Ltd.)
S2 scpVista; C:\Program Files\Scpad\scpVista.exe [136496 2009-07-10] (Scopus Tecnologia Ltda)
S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\STacSV.exe [254036 2009-03-12] (IDT, Inc.)
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S4 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-18] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R2 Av260cn; C:\Windows\system32\Drivers\Av260cn.sys [84192 1997-10-08] () [File not signed]
R2 Av260cnb; C:\Windows\system32\Drivers\Av260cnb.sys [83904 1997-10-08] () [File not signed]
R2 Av260cnd; C:\Windows\system32\Drivers\Av260cnd.sys [84000 1997-10-27] () [File not signed]
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys [1101616 2014-05-09] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NIS\1109000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-07-31] (Symantec Corporation)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [47192 2014-06-13] (GAS Tecnologia)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20140806.001\IDSvix86.sys [395992 2014-07-31] (Symantec Corporation)
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41888 2007-05-09] (Logitech Inc.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140807.001\NAVENG.SYS [93272 2014-07-31] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140807.001\NAVEX15.SYS [1612376 2014-07-31] (Symantec Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-07-05] (GAS Tecnologia)
S3 NdisrdMP; C:\Windows\System32\DRIVERS\gbpndisrd.sys [31088 2014-08-05] (GbPlugin NDIS Device Driver)
R1 NTGDT; C:\Windows\system32\Drivers\NTGDT.SYS [18112 2008-02-15] () [File not signed]
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [24680 2009-11-24] (NVIDIA Corporation)
S0 OemBiosDevice; C:\Windows\System32\drivers\royal.sys [240128 2007-08-20] (PARADOX) [File not signed]
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [14112 2007-05-09] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [1276832 2007-05-09] (Logitech Inc.)
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-07-04] (Advanced Micro Devices, Inc.)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [22528 2007-03-30] (Feitian Technologies Co., Ltd.)
S3 RT73; C:\Windows\System32\DRIVERS\rt73.sys [245504 2005-11-04] (Ralink Technology, Corp.)
S3 SE30bus; C:\Windows\System32\DRIVERS\SE30bus.sys [61600 2006-05-15] (MCCI) [File not signed]
S3 SE30mdfl; C:\Windows\System32\DRIVERS\SE30mdfl.sys [9360 2006-05-15] (MCCI) [File not signed]
S3 SE30mdm; C:\Windows\System32\DRIVERS\SE30mdm.sys [97184 2006-05-15] (MCCI) [File not signed]
S3 SE30mgmt; C:\Windows\System32\DRIVERS\SE30mgmt.sys [88688 2006-05-15] (MCCI) [File not signed]
S3 se30nd5; C:\Windows\System32\DRIVERS\se30nd5.sys [18704 2006-05-15] (MCCI) [File not signed]
S3 SE30obex; C:\Windows\System32\DRIVERS\SE30obex.sys [86560 2006-05-15] (MCCI) [File not signed]
S3 se30unic; C:\Windows\System32\DRIVERS\se30unic.sys [90800 2006-05-15] (MCCI) [File not signed]
R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [209200 2007-02-07] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [5504 2006-10-18] (Silicon Image, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2007-03-26] () [File not signed]
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1109000.00C\SRTSP.SYS [325680 2010-04-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1109000.00C\SRTSPX.SYS [43696 2010-04-21] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1109000.00C\SYMDS.SYS [328752 2009-08-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1109000.00C\SYMEFA.SYS [173176 2011-08-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2010-02-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1109000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1109000.00C\SYMTDIV.SYS [340088 2011-08-21] (Symantec Corporation)
S3 ZSMC302; C:\Windows\System32\Drivers\usbvm302.sys [90968 2004-03-19] (VM)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U3 navapsvc; 
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 PavProc; No ImagePath
S3 PavSRK.sys; No ImagePath
S3 PavTPK.sys; No ImagePath
U3 SAVRT; 
U1 SAVRTPEL; 
S3 sfng32; system32\drivers\sfng32.sys [X]
S2 TimerStop; No ImagePath
U3 TlntSvr; 
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2006-09-07] () [File not signed]
U2 wuaserv; 
U3 al41m6j3; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2099-12-31 17:52 - 2007-08-31 10:47 - 00000000 ____D () C:\Users\nandscape\Downloads\Vista_StopTimer
2014-08-07 23:56 - 2014-08-08 00:18 - 06244118 _____ () C:\Users\nandscape\Downloads\FRST.txt
2014-08-07 23:56 - 2014-08-07 23:57 - 00000000 ____D () C:\FRST
2014-08-07 23:53 - 2014-08-07 23:53 - 01084928 _____ (Farbar) C:\Users\nandscape\Downloads\FRST.exe
2014-08-07 18:07 - 2014-08-07 18:07 - 00011279 _____ () C:\Users\nandscape\Downloads\hijackthis.log
2014-08-07 17:57 - 2014-08-07 17:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\nandscape\Downloads\HijackThis.exe
2014-08-07 17:18 - 2014-08-07 17:49 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-08-07 17:17 - 2014-08-07 17:17 - 02365840 _____ () C:\Users\nandscape\Downloads\SecurityTaskManager_Setup.exe
2014-08-07 17:17 - 2014-08-07 17:17 - 00000000 ____D () C:\Program Files\Security Task Manager
2014-08-07 15:37 - 2014-08-07 15:37 - 00084681 _____ () C:\Users\nandscape\Downloads\Teste do Pezinho.zip
2014-08-05 01:56 - 2014-08-05 01:56 - 00005360 ____N () C:\bootex.log
2014-08-04 09:29 - 2014-08-04 10:47 - 00000000 ____D () C:\Program Files\Loaris
2014-08-04 09:29 - 2014-08-04 09:29 - 00000932 _____ () C:\Users\Public\Desktop\Loaris Trojan Remover.lnk
2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover
2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Loaris
2014-08-04 08:34 - 2014-08-04 08:35 - 00013891 _____ () C:\Users\nandscape\Downloads\Loaris Trojan Remover V1.3.3.7.torrent
2014-08-01 11:26 - 2014-08-01 11:26 - 00220672 _____ () C:\Users\nandscape\Downloads\Grade 11.08.2014 Pedro.xls
2014-07-31 05:36 - 2014-07-31 05:37 - 00000000 ____D () C:\Program Files\FreeNFe
2014-07-31 05:36 - 2014-07-31 05:36 - 00001720 _____ () C:\Users\Public\Desktop\Free NFe.lnk
2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free NFe
2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\Program Files\Firebird
2014-07-31 05:36 - 2013-04-28 23:17 - 00781312 _____ () C:\Windows\system32\DllSefaz32.dll
2014-07-31 05:36 - 2013-03-20 10:46 - 00416768 _____ (DelphiZip) C:\Windows\system32\DelZip190.dll
2014-07-31 05:36 - 2012-07-03 16:19 - 01425912 _____ (Microsoft Corporation) C:\Windows\system32\msxml5.dll
2014-07-31 05:36 - 2012-07-03 16:19 - 00091912 _____ (Microsoft Corporation) C:\Windows\system32\msxml5r.dll
2014-07-31 05:36 - 2012-07-02 13:59 - 00548864 _____ (Firebird Project) C:\Windows\system32\fbclient.dll
2014-07-31 05:36 - 2012-07-02 13:59 - 00367616 _____ () C:\Windows\system32\DllInscE32.dll
2014-07-31 05:36 - 2012-07-02 13:59 - 00148556 _____ () C:\Windows\firebird.msg
2014-07-31 05:36 - 2012-07-02 13:56 - 00274489 _____ (Microsoft Corporation) C:\Windows\system32\ntwdblib.dll
2014-07-31 05:36 - 2011-12-08 19:55 - 00042496 _____ (Embarcadero Technologies, Inc.) C:\Windows\system32\borlndmm.dll
2014-07-31 05:10 - 2014-07-31 05:10 - 00007633 _____ () C:\Users\nandscape\Downloads\Free NFe - Emissor Gratuito de Nota Fiscal Eletrônica 2.0.1.rar[www.b2s-share.com].torrent
2014-07-28 17:07 - 2014-07-28 17:07 - 00002652 _____ () C:\Users\nandscape\Downloads\Playboy.07.14.torrent
2014-07-28 15:37 - 2014-07-28 15:37 - 00015572 _____ () C:\Users\nandscape\Downloads\Auto.Esporte.27.07.2014.720p.HDTV.x264-TrueHD.mkv.torrent
2014-07-24 01:28 - 2014-07-24 01:28 - 00001411 _____ () C:\Users\Public\Desktop\DANFE View.lnk
2014-07-24 01:28 - 2014-07-24 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DANFE View
2014-07-24 01:27 - 2014-08-08 00:00 - 00000000 ____D () C:\DANFEView
2014-07-24 01:23 - 2014-07-24 01:24 - 21112752 _____ (Unimake Softwares ) C:\Users\nandscape\Downloads\idanfeview.exe
2014-07-24 01:10 - 2014-07-24 01:10 - 05042542 _____ (SERPRO) C:\Users\nandscape\Downloads\DNF-instalador-3.0.2.exe
2014-07-24 01:06 - 2014-08-07 11:22 - 00000000 ____D () C:\Users\nandscape\Desktop\FUSION_NF
2014-07-18 10:08 - 2014-07-18 10:09 - 00324596 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.13072014.720p.HDTV.x264.PedroGabriel.mkv.torrent
2014-07-18 10:08 - 2014-07-18 10:08 - 00320616 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.06072014.720p.HDTV.x264.PedroGabriel.mkv.torrent
2014-07-14 11:36 - 2014-07-14 11:36 - 00928245 _____ () C:\Users\nandscape\Desktop\SAMMYA_CPF.psd
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-08 00:18 - 2014-08-07 23:56 - 06244118 _____ () C:\Users\nandscape\Downloads\FRST.txt
2014-08-08 00:00 - 2014-07-24 01:27 - 00000000 ____D () C:\DANFEView
2014-08-07 23:57 - 2014-08-07 23:56 - 00000000 ____D () C:\FRST
2014-08-07 23:55 - 2006-11-02 09:46 - 00005216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-07 23:55 - 2006-11-02 09:46 - 00005216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-07 23:54 - 2007-03-23 19:03 - 00235520 _____ () C:\Users\nandscape\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-07 23:53 - 2014-08-07 23:53 - 01084928 _____ (Farbar) C:\Users\nandscape\Downloads\FRST.exe
2014-08-07 23:48 - 2013-06-26 13:55 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-07 18:07 - 2014-08-07 18:07 - 00011279 _____ () C:\Users\nandscape\Downloads\hijackthis.log
2014-08-07 17:57 - 2014-08-07 17:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\nandscape\Downloads\HijackThis.exe
2014-08-07 17:49 - 2014-08-07 17:18 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-08-07 17:17 - 2014-08-07 17:17 - 02365840 _____ () C:\Users\nandscape\Downloads\SecurityTaskManager_Setup.exe
2014-08-07 17:17 - 2014-08-07 17:17 - 00000000 ____D () C:\Program Files\Security Task Manager
2014-08-07 16:54 - 2008-01-27 11:47 - 00000000 ____D () C:\Program Files\AC3Filter
2014-08-07 15:37 - 2014-08-07 15:37 - 00084681 _____ () C:\Users\nandscape\Downloads\Teste do Pezinho.zip
2014-08-07 15:16 - 2007-04-05 18:03 - 00000000 ___RD () C:\Users\nandscape\Desktop\Audio-Video
2014-08-07 11:22 - 2014-07-24 01:06 - 00000000 ____D () C:\Users\nandscape\Desktop\FUSION_NF
2014-08-07 10:50 - 2006-11-02 09:51 - 01539876 _____ () C:\Windows\WindowsUpdate.log
2014-08-07 10:06 - 2009-10-16 19:58 - 00000000 ____D () C:\Users\nandscape\AppData\Roaming\Azureus
2014-08-07 10:04 - 2013-06-26 13:55 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-07 09:54 - 2009-08-05 18:52 - 00000000 ____D () C:\Program Files\GbPlugin
2014-08-07 09:54 - 2006-11-02 10:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 05:49 - 2006-11-02 10:00 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-06 05:15 - 2008-08-24 22:37 - 00000000 ____D () C:\LinhaDefensiva
2014-08-06 05:14 - 2007-03-26 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2014-08-05 16:07 - 2009-08-04 13:02 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-08-05 11:15 - 2012-01-06 10:02 - 00000000 ____D () C:\Users\nandscape\Documents\Cote_Rio_2
2014-08-05 07:44 - 2014-04-15 15:00 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\system32\Drivers\gbpndisrd.sys
2014-08-05 01:56 - 2014-08-05 01:56 - 00005360 ____N () C:\bootex.log
2014-08-04 10:47 - 2014-08-04 09:29 - 00000000 ____D () C:\Program Files\Loaris
2014-08-04 09:29 - 2014-08-04 09:29 - 00000932 _____ () C:\Users\Public\Desktop\Loaris Trojan Remover.lnk
2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover
2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Loaris
2014-08-04 08:35 - 2014-08-04 08:34 - 00013891 _____ () C:\Users\nandscape\Downloads\Loaris Trojan Remover V1.3.3.7.torrent
2014-08-01 17:16 - 2006-11-05 22:25 - 00707872 _____ () C:\Windows\system32\prfh0416.dat
2014-08-01 17:16 - 2006-11-05 22:25 - 00151996 _____ () C:\Windows\system32\prfc0416.dat
2014-08-01 17:16 - 2006-11-02 07:33 - 01655402 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 11:26 - 2014-08-01 11:26 - 00220672 _____ () C:\Users\nandscape\Downloads\Grade 11.08.2014 Pedro.xls
2014-07-31 05:37 - 2014-07-31 05:36 - 00000000 ____D () C:\Program Files\FreeNFe
2014-07-31 05:36 - 2014-07-31 05:36 - 00001720 _____ () C:\Users\Public\Desktop\Free NFe.lnk
2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free NFe
2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\Program Files\Firebird
2014-07-31 05:10 - 2014-07-31 05:10 - 00007633 _____ () C:\Users\nandscape\Downloads\Free NFe - Emissor Gratuito de Nota Fiscal Eletrônica 2.0.1.rar[www.b2s-share.com].torrent
2014-07-30 11:57 - 2012-11-23 08:57 - 00001106 _____ () C:\Users\nandscape\acesso.serpro.gov.br.HOD.properties
2014-07-30 11:57 - 2007-03-23 18:45 - 00000000 ____D () C:\Users\nandscape
2014-07-28 17:07 - 2014-07-28 17:07 - 00002652 _____ () C:\Users\nandscape\Downloads\Playboy.07.14.torrent
2014-07-28 15:37 - 2014-07-28 15:37 - 00015572 _____ () C:\Users\nandscape\Downloads\Auto.Esporte.27.07.2014.720p.HDTV.x264-TrueHD.mkv.torrent
2014-07-25 12:58 - 2009-08-15 17:02 - 00000000 ____D () C:\Users\Convidado\Tracing
2014-07-24 01:28 - 2014-07-24 01:28 - 00001411 _____ () C:\Users\Public\Desktop\DANFE View.lnk
2014-07-24 01:28 - 2014-07-24 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DANFE View
2014-07-24 01:24 - 2014-07-24 01:23 - 21112752 _____ (Unimake Softwares ) C:\Users\nandscape\Downloads\idanfeview.exe
2014-07-24 01:22 - 2011-03-01 17:51 - 00000000 ____D () C:\Arquivos de Programas RFB
2014-07-24 01:10 - 2014-07-24 01:10 - 05042542 _____ (SERPRO) C:\Users\nandscape\Downloads\DNF-instalador-3.0.2.exe
2014-07-18 14:18 - 2010-07-09 12:31 - 00000000 ____D () C:\Users\nandscape\Documents\Andreia
2014-07-18 10:09 - 2014-07-18 10:08 - 00324596 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.13072014.720p.HDTV.x264.PedroGabriel.mkv.torrent
2014-07-18 10:08 - 2014-07-18 10:08 - 00320616 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.06072014.720p.HDTV.x264.PedroGabriel.mkv.torrent
2014-07-17 21:03 - 2013-06-26 13:59 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 15:16 - 2013-11-01 22:59 - 17990982 _____ () C:\Users\nandscape\Downloads\Very Hot lesbians Kissing.mp4
2014-07-14 11:36 - 2014-07-14 11:36 - 00928245 _____ () C:\Users\nandscape\Desktop\SAMMYA_CPF.psd
 
Some content of TEMP:
====================
C:\Users\Convidado\AppData\Local\Temp\.gbas.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-07 23:02
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi,

Please download mbam.pngMalwarebytes Anti-Malware and save it to your desktop.

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 2014-08-08

Scan Time: 21:50

Logfile: Malwarebytes.txt

Administrator: No

 

Version: 2.00.2.1012

Malware Database: v2014.08.08.07

Rootkit Database: v2014.08.04.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows Vista Service Pack 2

CPU: x86

File System: NTFS

User: nandscape

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 327361

Time Elapsed: 47 min, 37 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Deep Rootkit Scan: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 1

PUP.Optional.Softonic.A, HKU\S-1-5-21-3925259852-1633748315-1759152405-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\softonicToolbar, , [fb2c8a3a334893a30611f5016a9845bb], 

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 5

RiskWare.Tool.CK, C:\Users\nandscape\Documents\GetDataBack - Data Recovery for NTFS V2.31.rar, , [3dea8440bcbfbf77b742b6210bf98977], 

Adware.WhenU, C:\Users\nandscape\Downloads\daemon408-x86.exe, , [45e2c9fb5922da5c921a14bb2fd5bb45], 

PUP.Optional.InstallCore, C:\Users\nandscape\Downloads\UltimateCodec.exe, , [c85f7b49740770c67414dd3ba75ae818], 

PUP.Optional.4Shared, C:\Users\nandscape\Downloads\4shared_Desktop_3.3.5.exe, , [69be9d27daa15dd9c6bae03e8080d32d], 

PUP.Optional.InstallCore.A, C:\Users\nandscape\Downloads\7-data-android-recover-10-beta-32-bits.exe, , [6eb9497b92e9290db47b2d1e937103fd], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Hi,

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select "Run As Administrator"

  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.

    Copy and paste the contents of that logfile in your next reply.

Step 2

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.

    Please copy and paste these logs in your next reply.

lesestoff.png

Can you please tell me which problems still persist now?

Link to post
Share on other sites

# AdwCleaner v3.304 - Relatório criado 09/08/2014 às 11:22:35

# Atualizado 08/08/2014 por Xplode

# Sistema Operacional : Windows Vista Ultimate Service Pack 2 (32 bits)

# Usuário : nandscape

# Executando de : C:\Users\nandscape\Downloads\AdwCleaner.exe

# Opção : Limpar

 

***** [ Serviços ] *****

 

 

***** [ Arquivos / Pastas ] *****

 

Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer

[x] Não Deletada : C:\Program Files\FlvPlayer

Pasta Deletada : C:\Users\nandscape\AppData\LocalLow\Softonic

[x] Não Deletada : C:\Users\nandscape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlvPlayer

 

***** [ Tarefas ] *****

 

 

***** [ Atalhos ] *****

 

 

***** [ Registro ] *****

 

[x] Não Deletada : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL

[x] Não Deletada : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL

[x] Não Deletada : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL

[x] Não Deletada : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL

Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Chave Deletedo : HKCU\Software\Conduit

Chave Deletedo : HKCU\Software\Headlight

Chave Deletedo : HKCU\Software\SoftonicToolbar

Chave Deletedo : HKCU\Software\YahooPartnerToolbar

[x] Não Deletada : HKLM\Software\FlvPlayer

[x] Não Deletada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer

[x] Não Deletada : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FlvPlayer

 

***** [ Navegadores ] *****

 

-\\ Internet Explorer v9.0.8112.16540

 

 

-\\ Google Chrome v36.0.1985.125

 

[ Arquivo : C:\Users\Convidado\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms}

 

[ Arquivo : C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms}

Deletedo [search Provider] : hxxp://www.softonic.com.br/s/{searchTerms}

Deletedo [search Provider] : hxxp://www2.planalto.gov.br/@@busca?SearchableText={searchTerms}

Deletedo [search Provider] : hxxp://www8.hp.com/br/pt/hp-search/search-results.html?client=&qt={searchTerms}&search=%EF%80%A1&cc=br&charset=utf-8&hpa=hxxp%3A%2F%2Fwww.hp.com%2Fcountry%2Fbr%2Fpt%2Fcontact_us.html&hpn=Inicio&hpr=hxxp%3A%2F%2Fh41131.www4.hp.com%2Fbr%2Fpt&hps=Inicio〈=pt&qp=url%3Ah41131.www4.hp.com%2Fbr%2Fpt+url%3ANEW+URL+GOES+HERE

 

*************************

 

AdwCleaner[R0].txt - [3560 octets] - [09/08/2014 09:01:06]

AdwCleaner[s0].txt - [4015 octets] - [09/08/2014 11:22:35]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4075 octets] ##########
Link to post
Share on other sites

ESET LOG

 

 

C:\$Recycle.Bin\S-1-5-21-3925259852-1633748315-1759152405-1000\$RLJRQ9N\Toolbar.exe Win32/Toolbar.AskSBar potentially unwanted application

C:\$Recycle.Bin\S-1-5-21-3925259852-1633748315-1759152405-1000\$RT0XMXX\Toolbar.exe Win32/Toolbar.AskSBar potentially unwanted application

C:\Downloads\Nero-9\nero94170rld.iso Win32/Toolbar.AskSBar potentially unwanted application

C:\Jogos\F1_2010\f1_2010.exe Win32/HackTool.Crack.BC potentially unsafe application

C:\Program Files\DAEMON Tools\SetupDTSB.exe Win32/Adware.WhenU.SaveNow potentially unwanted application

C:\Program Files\IObit\Smart Defrag 2\smartdefrag-3-free.exe Win32/Toolbar.Widgi.E potentially unwanted application

C:\Program Files\IObit\Smart Defrag 3\SDUpgrate.exe Win32/Toolbar.Widgi.E potentially unwanted application

C:\Program Files\VDOWNLOADER\OpenCandy\OCSetupHlp.dll Win32/OpenCandy potentially unsafe application

C:\Program Files\Vuze\.install4j\i4j_extf_11_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

C:\Program Files\Vuze\.install4j\i4j_extf_4_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 Win32/AdWare.1ClickDownload.AR application

C:\Users\nandscape\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\9c59823-385efd9c Java/TrojanDownloader.OpenStream.NDI trojan

C:\Users\nandscape\AppData\LocalLow\Sun\Java\Deployment\cache\javapi\v1.0\jar\autoplayer.jar-4803870b-32683cd7.zip a variant of Java/TrojanDownloader.Agent.NBN trojan

C:\Users\nandscape\Desktop\Audio-Video\VDownloaderSetup2.9.exe Win32/OpenCandy potentially unsafe application

C:\Users\nandscape\Desktop\Easy.WebTV.and.Radio.2.5.0\EasyWebTV.exe Win32/TrojanDownloader.Adload.NIQ trojan

C:\Users\nandscape\Desktop\Programas\vdownloader_setup.exe a variant of Win32/Adware.ADON potentially unwanted application

C:\Users\nandscape\Documents\GetDataBack - Data Recovery for NTFS V2.31.rar a variant of Win32/Tool.TPE.A potentially unsafe application

C:\Users\nandscape\Documents\Azureus Downloads\Advanced SystemCare Pro 6.4.0.289.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application

C:\Users\nandscape\Documents\Azureus Downloads\DT.PRO.Ad.v5.0.0316.0317.Tdl\DAEMONToolsPro500316-0317.exe Win32/OpenCandy potentially unsafe application

C:\Users\nandscape\Documents\Azureus Downloads\Vuze 4.5 Portable\Vuze.exe a variant of Win32/TrojanDropper.Small.NLJ trojan

C:\Users\nandscape\Downloads\daemon408-x86.exe Win32/Adware.WhenU.SaveNow potentially unwanted application

C:\Users\nandscape\Downloads\Nero-7.8.5.0_ptb_update.exe Win32/Toolbar.AskSBar potentially unwanted application

C:\Users\nandscape\Downloads\UltimateCodec.exe Win32/InstallCore.BN potentially unwanted application

H:\Instaladores\aTube_Catcher_Installer.exe Win32/Adware.ADON potentially unwanted application

H:\Instaladores\DriverPack Solution 13.iso a variant of Win32/Toolbar.Babylon.A potentially unwanted application

H:\Instaladores\Adobe.Photoshop.5.1.LangPack.Plugins.MGT\ADCS51P.iso a variant of Win32/Keygen.BH potentially unsafe application

H:\Instaladores\BSPlayer224\keygen.exe a variant of Win32/Keygen.AG potentially unsafe application

H:\Instaladores\ConvertXToDVD\VSO.ConvertXtoDVD.3.2.0.52.2b\keYgeN\Keygen.exe a variant of Win32/Keygen.AS potentially unsafe application

H:\Instaladores\Jogos\F1_2010\rzr-f110.iso Win32/HackTool.Crack.BC potentially unsafe application

H:\Instaladores\Microsoft Office Professional Plus 2010\A. MOP 2010.rar a variant of MSIL/HackKMS.A potentially unsafe application

H:\Instaladores\Microsoft.Windows.7.AIO.PT.SP1.Marco.2012-UpPTMSNM\windows_7_aio_sp1_pt_03_2012-upptmsnm.iso Win32/HackTool.WinActivator.I potentially unsafe application

H:\Instaladores\Nero_8-Ultra\Nero-8.2.8.0_ptb_trial.exe Win32/Toolbar.AskSBar potentially unwanted application

H:\Instaladores\Norton 2010 Internet Security with crack\Norton 2010 Internet Security with crack.rar multiple threats

H:\Instaladores\Norton 360 - Ampla Segurança\Norton 360 Internacional\Norton 360 Internacional.iso a variant of Generik.GHLRJE trojan

H:\Instaladores\Norton 360 - Ampla Segurança\Norton 360 Português BR\Norton 360 Português BR.iso a variant of Generik.GHLRJE trojan

H:\Instaladores\WindowsVistaSP1crack\Activation.exe a variant of Win32/HiddenStart.A potentially unsafe application

H:\Instaladores\WindowsVistaSP1crack\VistaSP1_Loader_3.0.0.11.exe a variant of Win32/HiddenStart.A potentially unsafe application

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version:8-08-2014

Ran by Marcelo Marins at 2014-08-10 05:48:41

Running from C:\Users\nandscape\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

"Nero SoundTrax Help (Version: 4.4.32.0 - Nero AG) Hidden

%DeviceDesc% (HKLM\...\indeoxp) (Version:  - )

µTorrent (HKCU\...\uTorrent) (Version: 1.7.5 - )

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden

3GP Video Converter 3 (HKLM\...\3GP Video Converter 3) (Version: 3.1.9.0829b - Xilisoft)

AC3Filter (remove only) (HKLM\...\AC3Filter) (Version:  - )

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

Active@ File Recovery 7.1 (HKLM\...\Active@ File Recovery 7.1) (Version:  - )

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)

Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden

Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden

Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden

Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden

Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color Common Settings (HKLM\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)

Adobe Color Common Settings (Version: 1.0.1 - Adobe Systems Incorporated) Hidden

Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)

Adobe ExtendScript Toolkit 2 (Version: 2.0.2 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)

Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop CS3 (HKLM\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden

Adobe Reader X (10.1.0) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)

Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden

Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden

Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden

Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Advanced SystemCare 6 (HKLM\...\Advanced SystemCare 6_is1) (Version: 6.4 - IObit)

Advanced WindowsCare Personal (HKLM\...\Advanced WindowsCare V2 Personal_is1) (Version: 2.8.6 - IObit)

Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden

Adware Spyware Scanner Deleter version 0.2 (HKLM\...\Adware Spyware Scanner Deleter_is1) (Version:  - )

AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{EAB74CB6-760C-2136-FC77-9549721FB84A}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)

AMR Converter Pro (HKLM\...\AMR Converter Pro) (Version:  - Mystik Media)

AMR Converter Pro (Version: 2.0 - Mystik Media) Hidden

Any Video Converter Professional 3.1.8 (HKLM\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)

Apple Software Update (HKLM\...\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}) (Version: 2.0.2.92 - Apple Inc.)

ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)

Arquivos de Suporte da Instalação do Microsoft SQL Server (Inglês) (HKLM\...\{8618F932-5FFA-48BE-B39A-2F606761EBDC}) (Version: 9.00.5000.00 - Microsoft Corporation)

Assistente de Conexão do Windows Live (HKLM\...\{381C70F0-FC2C-4BEF-B16C-B88FA67A6B7B}) (Version: 5.000.818.6 - Microsoft Corporation)

Assistente Pimaco + (HKLM\...\Assistente Pimaco +) (Version: 2.2.0.0 - Pimaco Autoadesivos Ltda)

aTube Catcher 1.0 (HKLM\...\{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1) (Version:  - DsNET Corp)

AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )

AVS DVD Player version 2.4 (HKLM\...\AVS DVD Player_is1) (Version:  - Online Media Technologies Ltd.)

BitComet 0.94 (HKLM\...\BitComet) (Version: 0.94 - ~RnySmile~)

BLM 2.6.5 (HKLM\...\The Blocklist Manager_is1) (Version: 2.6.5 - Bluetack Internet Security Solutions)

BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.62.1068 - AB Team, d.o.o.)

BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden

Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center (Version: 2012.0704.122.388 - Nome de sua empresa:) Hidden

Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden

ccc-utility (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden

CCleaner (remove only) (HKLM\...\CCleaner) (Version:  - )

CDRoller version 8.61 (HKLM\...\CDRoller_is1) (Version: 8.61 - Digital Atlantic Corp.)

Clone2Go Video Converter Free Version 1.8.5 (HKLM\...\Clone2Go Video Converter Free Version_is1) (Version:  - Clone2Go.com)

CodecInstaller 2.8.0 (HKLM\...\CodecInstaller) (Version: 2.8.0 - JockerSoft)

Command & Conquer 3 (HKLM\...\{B0C30E93-D3D9-4F04-A2AC-54749B573275}) (Version: 1.00.0000 - Electronic Arts Inc.)

ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )

CoreAAC Audio Decoder (remove only) (HKLM\...\CoreAAC Audio Decoder) (Version:  - )

CoreAVC Professional Edition (remove only) (HKLM\...\CoreAVC Professional Edition) (Version:  - )

DANFE View (HKLM\...\DANFE View_is1) (Version: 2.4.8 - Unimake Softwares)

Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden

DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

Dicionário eletrônico Houaiss (HKLM\...\Houaiss) (Version: 1.0 - )

Digital Voice Editor 3 (HKLM\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: 3.3.01.11240 - Sony Corporation)

DiRT (HKLM\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)

Disc2Phone (HKLM\...\{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}) (Version: 1.4.0.112 - Sony Media Software)

DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)

DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.0 - DivXNetworks, Inc.)

DJS Trial (HKLM\...\DJS 1.0) (Version: 1.601.000 - Pioneer Corporation.)

DJS Trial (Version: 1.601.000 - Pioneer Corporation.) Hidden

DolbyFiles (Version: 2.0 - Nero AG) Hidden

DU Meter (HKLM\...\DUMeter3_is1) (Version: 4.16 Build R3102 - Hagel Technologies Ltd.)

DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )

eMule (HKLM\...\eMule) (Version:  - )

Esquemas de Som do Windows (HKLM\...\UltSounds) (Version:  - Microsoft Corporation)

F1 2010 (HKLM\...\GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}) (Version: 1.0.0000.132 - Codemasters)

F1 2010 (Version: 1.0.0000.132 - Codemasters) Hidden

Ferramenta de Carregamento do Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Flash Effect Maker Pro v3.2560 Free (560 Templates) (HKLM\...\Flash Effect Maker_is1) (Version:  - www.avimpeg.net)

FLV Player 1.3.3 (HKLM\...\FLVPlayer) (Version:  - )

Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version:  - )

Free NFe (HKLM\...\{E661808B-E4B7-4D26-A983-4E70344DA6BD}_is1) (Version: 2.0.1 - Free NFe)

FTP Commander (HKLM\...\FTP Commander) (Version:  - )

GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden

GetDataBack for FAT and GetDataBack for NTFS (HKLM\...\{49C09E32-B9FD-4EDC-9152-9BC0CC618A13}) (Version: 3.03.000 - Runtime Software)

GOM Player (HKLM\...\GOM Player) (Version:  - )

Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Earth (HKLM\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)

Google Earth Pro (HKLM\...\{48EE6C79-1CE2-4CE8-B511-F2140B6781D6}) (Version: 4.0.2737 - Google)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

Gravador do Microsoft SQL Server VSS (HKLM\...\{F5C549C0-8A49-4911-A9B5-EE94C627A177}) (Version: 9.00.5000.00 - Microsoft Corporation)

Guardião - Itaú 30 horas (HKLM\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.8.0.1 - )

Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - )

HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)

hp deskjet 930c series (Remover somente) (HKLM\...\hp deskjet 930c series) (Version:  - )

HP Deskjet Printer Driver Software. 8.0.B (HKLM\...\{0411A7A4-23D4-47ad-B109-3CBE7E8093F1}) (Version: 8.0 - HP)

HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)

HP Print Diagnostic Utility (HKLM\...\{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}) (Version: 1.51.0000 - Hewlett_Packard)

HP Update (HKLM\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.005.007 - Hewlett-Packard)

HP USB Disk Storage Format Tool (HKLM\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )

IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 5.10.5405.0 - IDT)

ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden

Intel Audio Studio 2.7 (HKLM\...\{1D0BF0C6-E45A-460D-B1F5-05D123335A21}) (Version: 2.7.2.11 - Intel Corporation)

Intel® Integrated Performance Primitives RTI 4.0 (HKLM\...\{51C91B84-7B46-4FE7-8999-8228CFA75F89}) (Version: 4.0.23 - Intel Corporation)

IRPF2005 - Declaração de Ajuste Anual (HKLM\...\IRPF2005 - Declaração de Ajuste Anual) (Version:  - )

IRPF2006 - Declaração de Ajuste Anual (HKLM\...\IRPF2006 - Declaração de Ajuste Anual) (Version:  - )

IRPF2007 - Declaração de Ajuste Anual (HKLM\...\IRPF2007 - Declaração de Ajuste Anual) (Version:  - )

IRPF2008 Windows - Declaração de Ajuste Anual (HKLM\...\IRPF2008 Windows - Declaração de Ajuste Anual) (Version:  - )

IRPF2009 - Declaração de Ajuste Anual e Final de Espólio (HKLM\...\IRPF2009 - Declaração de Ajuste Anual e Final de Espólio) (Version:  - )

IRPF2010 - Declaração de Ajuste Anual e Final de Espólio (HKLM\...\IRPF2010 - Declaração de Ajuste Anual e Final de Espólio) (Version:  - )

IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2011) (Version: 1.0 - Receita Federal do Brasil)

IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2012) (Version: 1.0 - Receita Federal do Brasil)

IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2013) (Version: 1.3 - Receita Federal do Brasil)

IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\IRPF2014) (Version: 1.3 - Receita Federal do Brasil)

J2SE Runtime Environment 5.0 Update 11 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150110}) (Version: 1.5.0.110 - Sun Microsystems, Inc.)

Jasc Animation Shop 3 (HKLM\...\{174D5678-D941-433C-BD23-58A5C7B0D36D}) (Version: 3.05.0000 - Jasc Software Inc)

Java Auto Updater (Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden

Java 6 Update 19 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216019FF}) (Version: 6.0.190 - Sun Microsystems, Inc.)

Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Loaris Trojan Remover (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version:  - Loaris, Inc.)

Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mask Pro 4.1 (HKLM\...\{2DFAC810-6DD8-4E23-96A4-BEB118408203}) (Version: 4.1 - onOne Software)

Menu Templates - Starter Kit (Version: 9.4.6.0 - Nero AG) Hidden

MessageViewer Pro 3.1.10 (HKCU\...\MessageViewer Pro) (Version: 3.1.10 - Encryptomatic, LLC)

MGI PhotoSuite SE (Remover somente) (HKLM\...\MGI_PHOTOSUITE_SE_V10) (Version:  - )

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)

Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)

Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden

Microsoft IntelliType Pro 7.0 (HKLM\...\{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}) (Version: 7.0.260.0 - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office FrontPage 2003 (HKLM\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden

Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)

Microsoft SQL Server Native Client (HKLM\...\{F398B059-0711-490E-8552-1453FF04098F}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft XML Parser (Version: 8.70.1104.04 - Microsoft Corporation) Hidden

Miniaurélio (HKLM\...\{01A373F1-B268-43CA-A8F1-45708A62F50A}) (Version: 5.12 - Positivo Informática.)

MixVibes FREE 4 uninstall (HKLM\...\MixVibesFREE.exe) (Version:  - )

MKV2AC3 - 1.03.03 (HKLM\...\{9042C334-9881-4603-B1BC-7E623514A495}) (Version: 1.0.0 - Martins)

MKVToolNix 6.6.0 (HKLM\...\MKVToolNix) (Version: 6.6.0 - Moritz Bunkus)

Movie Templates - Starter Kit (Version: 9.4.6.0 - Nero AG) Hidden

MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MyPhoneExplorer (HKLM\...\MPE) (Version: 1.6.0 - F.J. Wechselberger)

Need for Speed™ ProStreet (HKLM\...\{CC419DDC-E0F0-4013-B25A-6FA036516F0D}) (Version: 1.0.1.0 - Electronic Arts)

Need for Speed™ SHIFT (HKLM\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)

Need for Speed™ Undercover (HKLM\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)

Nero 9 (HKLM\...\{d0d0615a-e9d6-4ccc-95c9-ef43e666d984}) (Version:  - Nero AG)

Nero Burning ROM Help (Version: 9.4.17.100 - Nero AG) Hidden

Nero BurnRights (Version: 3.4.11.100 - Nero AG) Hidden

Nero BurnRights Help (Version: 3.4.4.100 - Nero AG) Hidden

Nero ControlCenter (Version: 0.0.0.1 - Nero AG) Hidden

Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden

Nero CoverDesigner (Version: 4.4.9.100 - Nero AG) Hidden

Nero CoverDesigner Help (Version: 4.4.9.100 - Nero AG) Hidden

Nero Disc Copy Gadget (Version: 2.4.22.0 - Nero AG) Hidden

Nero Disc Copy Gadget Help (Version: 2.4.22.0 - Nero AG) Hidden

Nero DiscSpeed (Version: 5.4.12.100 - Nero AG) Hidden

Nero DiscSpeed Help (Version: 5.4.4.100 - Nero AG) Hidden

Nero DriveSpeed (Version: 4.4.11.100 - Nero AG) Hidden

Nero DriveSpeed Help (Version: 4.4.4.100 - Nero AG) Hidden

Nero Express Help (Version: 9.4.17.100 - Nero AG) Hidden

Nero InfoTool (Version: 6.4.11.100 - Nero AG) Hidden

Nero InfoTool Help (Version: 6.4.4.100 - Nero AG) Hidden

Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden

Nero Live (Version: 1.4.48.0 - Nero AG) Hidden

Nero Live Help (Version: 1.4.48.0 - Nero AG) Hidden

Nero PhotoSnap (Version: 1.53.2.0 - Nero AG) Hidden

Nero PhotoSnap Help (Version: 1.53.2.0 - Nero AG) Hidden

Nero Recode (Version: 4.4.31.0 - Nero AG) Hidden

Nero Recode Help (Version: 4.4.31.0 - Nero AG) Hidden

Nero Rescue Agent (Version: 2.4.12.100 - Nero AG) Hidden

Nero RescueAgent Help (Version: 2.4.4.100 - Nero AG) Hidden

Nero ShowTime (Version: 5.4.0.100 - Nero AG) Hidden

Nero ShowTime (Version: 5.4.14.100 - Nero AG) Hidden

Nero StartSmart (Version: 9.4.12.100 - Nero AG) Hidden

Nero StartSmart Help (Version: 9.4.12.100 - Nero AG) Hidden

Nero Vision (Version: 6.4.10.205 - Nero AG) Hidden

Nero Vision Help (Version: 6.4.8.100 - Nero AG) Hidden

Nero WaveEditor (Version: 5.4.32.0 - Nero AG) Hidden

NeroBurningROM (Version: 9.4.17.100 - Nero AG) Hidden

NeroExpress (Version: 9.4.17.100 - Nero AG) Hidden

NeroLiveGadget (Version: 1.2.16.100 - Nero AG) Hidden

NeroLiveGadget Help (Version: 1.2.16.100 - Nero AG) Hidden

neroxml (Version: 1.0.0 - Nero AG) Hidden

Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)

Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.5.0 - Nikon)

Norton Internet Security (HKLM\...\NIS) (Version: 17.9.0.12 - Symantec Corporation)

Novo Dicionário Aurélio (HKLM\...\{498B4BF1-AD73-4AA8-99EB-18D400E42482}) (Version: 5.00 - Positivo Informática.)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)

NVIDIA PhysX (HKLM\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)

Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - )

OEM Logo and Information (HKLM\...\OEMInformation) (Version:  - Intel)

OpenAL (HKLM\...\OpenAL) (Version:  - )

PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

PeerGuardian 2.0 (HKLM\...\PeerGuardian_is1) (Version: 2.0.6.4 - Methlabs Productions)

Pimaco (HKLM\...\{2610CDBE-07FB-4A4F-932D-5B012469A76A}) (Version: 1.0.0 - Prime)

Pinnacle Instant DVD Recorder (HKLM\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 2.00.088 - )

Power MP4 iPod PSP 3GP AVI MPG WMV Video Converter 5.0 (HKLM\...\{C79308BC-63CC-4A0F-A585-2E137EA42A1E}_is1) (Version:  - AML SOFT, Inc.)

PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.82.0 - PS3 Media Server)

Pure Pinball 2.0 REDUX (HKLM\...\Pure Pinball 2.0 REDUX) (Version:  - )

Qual é a Música (HKLM\...\Qual é a Música) (Version:  - )

QuickTime (HKLM\...\{08094E03-AFE4-4853-9D31-6D0743DF5328}) (Version: 7.1.6.200 - Apple Computer, Inc.)

Rapture3D 2.4.4 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)

Real Alternative 1.43 (HKLM\...\RealAlt_is1) (Version: 1.43 - )

Receitanet (HKLM\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)

Receitanet 2007 (HKLM\...\Receitanet) (Version:  - )

Receitanet Java 2009.01 (HKLM\...\Receitanet Java 2009.01) (Version:  - )

Receitanet Java 2010.02a (HKLM\...\Receitanet Java 2010.02a) (Version:  - )

Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)

SEGA Rally (HKLM\...\InstallShield_{4A05FF52-4AA8-4681-BC06-5EE7F812A441}) (Version: 1.00.0000 - SEGA)

SEGA Rally (Version: 1.00.0000 - SEGA) Hidden

SF_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden

Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

SMAC 2.0 (HKLM\...\SMAC 2.0) (Version:  - )

Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)

SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.2.7 - SmartSound Software Inc) Hidden

Sniper Elite (HKLM\...\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}) (Version:  - )

SolveigMM Video Splitter (HKLM\...\SolveigMM Video Splitter 3.6.1305.22) (Version: 3.6.1305.22 - Solveig Multimedia)

Sony Ericsson Device Data (Version: 1.0.32 - Sony Ericsson) Hidden

Sony Ericsson Drivers (Version: 1.0.28 - Sony Ericsson) Hidden

Sony Ericsson PC Suite (HKLM\...\{D6BF6477-8369-489F-8DE6-3731F4B88560}) (Version: 2.10.46 - )

Sony Ericsson PC Suite (Version: 2.10.37 - Sony Ericsson) Hidden

Sony Media Manager 2.2 (HKLM\...\{878D2EB2-2D55-42A9-955E-1E08F28529FD}) (Version: 2.2.136 - Sony)

SoundTrax (Version: 4.4.32.0 - Nero AG) Hidden

Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)

Spybot - Search & Destroy 1.4 (HKLM\...\Spybot - Search & Destroy_is1) (Version: 1.4 - Safer Networking Limited)

Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden

Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)

Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden

System Requirements Lab for Intel (HKLM\...\{ADD72094-D289-4714-A62E-70574478A2BC}) (Version: 4.3.1.0 - Husdawg, LLC)

Tempus-Transfer for Windows 98/NT (HKLM\...\FTW32NativeMode) (Version:  - )

The Core Media Player 4.0 (HKLM\...\The Core Media Player) (Version:  - )

Time Adjuster STANDARD 3.1 (HKCU\...\TimeAdjuster) (Version:  - IrekSoftware.com)

Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden

TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden

Ulead VideoStudio 10 (HKLM\...\{E188D820-1218-4E28-8BCA-91134C3664C2}) (Version: 10.0 - Ulead Systems)

Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version:  - Microsoft Corporation)

UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden

Unlocker 1.8.5 (HKLM\...\Unlocker) (Version: 1.8.5 - Cedrick Collomb)

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)

VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden

VDownloader  1.12 (HKLM\...\{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1) (Version:  - Enrique Puertas)

VDownloader 2.9.435 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)

Vegas Pro 11.0 (HKLM\...\{0F414901-5ED4-11E1-86F3-F04DA23A5C58}) (Version: 11.0.594 - Sony)

VideoLAN VLC media player 0.8.6c (HKLM\...\VLC media player) (Version: 0.8.6c - VideoLAN Team)

viDrop (remove only) (HKLM\...\viDrop) (Version:  - )

ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.5.0 - Nikon)

Vista x86 OneClick Activator (HKLM\...\{2876AEE2-A9C9-4585-A46A-44CF451C960E}) (Version: 1.0.0 - ClonySoft)

VobSub v2.23 (Remove Only) (HKLM\...\VobSub) (Version:  - )

VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.45 - VSO-Software SARL)

Vuze (HKLM\...\8461-7759-5462-8226) (Version:  - Vuze Inc.)

WebEx Support Manager for Internet Explorer (HKLM\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)

WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden

Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

XviD MPEG-4 Codec (HKLM\...\XviD) (Version:  - )

Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden

ZwCAD 2007 Standard  (HKLM\...\ZwCAD 2007 Standard) (Version:  01.01 - My company, Inc.)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3925259852-1633748315-1759152405-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\nandscape\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-3925259852-1633748315-1759152405-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\nandscape\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-3925259852-1633748315-1759152405-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\nandscape\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-apoctoshape.dll (Octoshape ApS)

 

==================== Restore Points  =========================

 

31-07-2014 13:50:34 Ponto de Verificação Agendado

01-08-2014 03:00:05 Ponto de Verificação Agendado

02-08-2014 03:01:08 Ponto de Verificação Agendado

07-08-2014 20:42:45 Mover o arquivo para quarentena: Gbieh Module

07-08-2014 20:45:19 Mover o arquivo para quarentena: Gbieh Module

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2006-11-02 07:23 - 2014-05-05 13:24 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {002CBD46-6093-45B3-8B10-DEB895F79A85} - System32\Tasks\{FD27FEC9-A2A4-4D9B-9D10-015BB092D67E} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)

Task: {075F7B0C-8858-426A-81EA-5161F4D13E82} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {156AFF4E-4B10-4382-83AE-F64239725C0E} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe [2014-02-17] (IObit)

Task: {1876E129-3F12-426B-A134-576C1C50C2F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29] (Apple Inc.)

Task: {23089B3C-DE02-4DE5-B848-1E8F3A13750B} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {2EF1A2C3-210D-4AFD-BEB7-E51E7FD69C0C} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {38480AB4-1706-47F5-8CDB-E7E424CFC8AA} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe [2014-02-13] (IObit)

Task: {3A950610-5351-4CF3-89BD-526A7E64AA8B} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()

Task: {5A6D9831-D95C-4713-B4E9-F03D1644498F} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)

Task: {5B1D55DC-14BC-4271-B6E8-961333D524AE} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {5F7DB3AD-CF53-466F-A17C-8E4962024B26} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-08-10] (IObit)

Task: {84CFA9A3-1CB5-4F9E-811F-B6D144DB41D2} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe [2014-08-04] (Loaris Inc.)

Task: {BA0FDC47-A408-49DF-8C6C-987776EF64B5} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-05-21] (Microsoft Corporation)

Task: {C6FCF5FD-7D49-446D-9B11-9C4F08959BCB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)

Task: {DCBCB8BB-9526-4B8A-B165-95CD2E858290} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)

Task: {EB567D59-BDB8-4120-A89A-9F1883493543} - System32\Tasks\{C2858690-7701-4E61-B8CA-B881BB31DD2B} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/pt/abandoninstall?page=tsMain

Task: {F01EBC95-B21B-413A-9B6B-ED7E5EA9C3F7} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-08-21 13:37 - 2013-01-15 18:47 - 00517440 _____ () C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll

2007-11-18 15:39 - 2009-07-01 17:09 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe

2006-09-07 14:19 - 2006-09-07 14:19 - 00008704 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll

2007-03-25 21:42 - 2007-01-13 20:02 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll

2013-08-21 13:38 - 2013-01-15 18:47 - 00143168 _____ () C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll

2006-03-09 18:45 - 2006-03-09 18:45 - 00081920 ____R () C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll

2013-03-09 00:52 - 2012-07-04 02:09 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll

2013-08-21 13:38 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madExcept_.bpl

2013-08-21 13:38 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madBasic_.bpl

2013-08-21 13:38 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 6\madDisAsm_.bpl

2013-08-21 13:37 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 6\webres.dll

2006-07-14 02:34 - 2006-07-14 02:34 - 00007680 _____ () C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll

2009-12-01 19:22 - 1997-11-03 09:34 - 00061440 _____ () C:\Windows\twain_32\TCE\S430\SCANER32.EXE

2009-12-01 19:22 - 1997-10-17 09:01 - 00062464 _____ () C:\Windows\twain_32\TCE\S430\av26032.dll

2014-07-17 21:01 - 2014-07-15 06:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-17 21:01 - 2014-07-15 06:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-17 21:00 - 2014-07-15 06:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

2014-04-15 16:17 - 2014-02-10 11:44 - 04592128 _____ () C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll

2014-04-15 16:17 - 2014-02-10 11:44 - 00112128 _____ () C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Windows\System32:0F8DE818_Cef.gbp

AlternateDataStreams: C:\Windows\System32:0F8DE818_Uni.gbp

AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst

AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7

AlternateDataStreams: C:\Users\nandscape\Desktop\jscreenfix_qvga_mpeg1.mpeg:TOC.WMV

AlternateDataStreams: C:\Users\nandscape\Downloads\Very Hot lesbians Kissing.mp4:TOC.WMV

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: Fax => 3

MSCONFIG\Services: WPCSvc => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Register Mask Pro 3.0.lnk => C:\Windows\pss\Register Mask Pro 3.0.lnk.CommonStartup

MSCONFIG\startupreg: Adobe ARM => "c:\program files\common files\adobe\arm\1.0\adobearm.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => 

MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => 

MSCONFIG\startupreg: BigDogPath => c:\windows\vm_sti.exe v-gear talkcam 1.1

MSCONFIG\startupreg: DAEMON Tools => "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

MSCONFIG\startupreg: GrooveMonitor => "c:\program files\microsoft office\office12\groovemonitor.exe"

MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: I downloaded pirated Software from P2P 2006 => Command  Conquer 3 Tiberium Wars

MSCONFIG\startupreg: LaunchList => C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe

MSCONFIG\startupreg: NeroFilterCheck => 

MSCONFIG\startupreg: Nikon Message Center 2 => c:\program files\nikon\nikon message center 2\nkmc2.exe -s

MSCONFIG\startupreg: QuickTime Task => "c:\program files\quicktime\qttask.exe" -atboottime

MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H

MSCONFIG\startupreg: UVS10 Preload => C:\Program Files\Ulead VideoStudio 10\uvPL.exe

MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Adaptador do Microsoft 6to4

Description: Adaptador do Microsoft 6to4

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Adaptador do Microsoft 6to4 #2

Description: Adaptador do Microsoft 6to4

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: Adaptador do Microsoft ISATAP #4

Description: Adaptador do Microsoft ISATAP

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/07/2014 05:45:19 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback.  hr =  0x80070005.

Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.

 

 

Operação:

   Obtendo Dados do Gravador

 

Contexto:

   Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}

   Nome do Gravador: System Writer

   ID de Instância de Gravador: {19357057-3fb8-4b9c-b594-fdfad2999d5b}

 

Error: (08/07/2014 05:42:40 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback.  hr =  0x80070005.

Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.

 

 

Operação:

   Obtendo Dados do Gravador

 

Contexto:

   Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}

   Nome do Gravador: System Writer

   ID de Instância de Gravador: {19357057-3fb8-4b9c-b594-fdfad2999d5b}

 

 

System errors:

=============

Error: (08/10/2014 05:40:48 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

Error: (08/09/2014 10:50:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Serviço do Google Update (gupdate)%%1053

 

Error: (08/09/2014 10:50:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: 30000Serviço do Google Update (gupdate)

 

Error: (08/09/2014 10:50:22 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

 

Error: (08/09/2014 00:41:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Instalador de Módulos do Windows%%1053

 

Error: (08/09/2014 00:41:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: 30000Instalador de Módulos do Windows

 

Error: (08/09/2014 00:41:48 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

 

Error: (08/09/2014 00:33:46 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

 

Error: (08/09/2014 00:28:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Serviço de Compartilhamento de Rede do Windows Media Player%%1053

 

Error: (08/09/2014 00:28:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: 30000Serviço de Compartilhamento de Rede do Windows Media Player

 

 

Microsoft Office Sessions:

=========================

Error: (01/13/2012 08:13:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 671 seconds with 660 seconds of active time.  This session ended with a crash.

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-08-10 05:48:09.525

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:09.078

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:08.609

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:08.149

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:07.494

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:07.055

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:06.631

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:48:06.089

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:47:06.088

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-08-10 05:47:05.670

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 66%

Total physical RAM: 3324.15 MB

Available physical RAM: 1105.95 MB

Total Pagefile: 6860.29 MB

Available Pagefile: 3837.77 MB

Total Virtual: 2047.88 MB

Available Virtual: 1919.06 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:279.45 GB) (Free:39.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive h: (Novo volume) (Fixed) (Total:931.51 GB) (Free:307.66 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: CEA9EAB2)

Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

P2P/Piracy Warning:
  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
C:\Jogos\F1_2010\f1_2010.exe Win32/HackTool.Crack.BC potentially unsafe applicationH:\Instaladores\BSPlayer224\keygen.exe a variant of Win32/Keygen.AG potentially unsafe applicationH:\Instaladores\ConvertXToDVD\VSO.ConvertXtoDVD.3.2.0.52.2b\keYgeN\Keygen.exe a variant of Win32/Keygen.AS potentially unsafe applicationH:\Instaladores\Jogos\F1_2010\rzr-f110.iso Win32/HackTool.Crack.BC potentially unsafe applicationH:\Instaladores\Microsoft Office Professional Plus 2010\A. MOP 2010.rar a variant of MSIL/HackKMS.A potentially unsafe applicationH:\Instaladores\Microsoft.Windows.7.AIO.PT.SP1.Marco.2012-UpPTMSNM\windows_7_aio_sp1_pt_03_2012-upptmsnm.iso Win32/HackTool.WinActivator.I potentially unsafe applicationH:\Instaladores\Norton 2010 Internet Security with crack\Norton 2010 Internet Security with crack.rar multiple threatsH:\Instaladores\WindowsVistaSP1crack\Activation.exe a variant of Win32/HiddenStart.A potentially unsafe applicationH:\Instaladores\WindowsVistaSP1crack\VistaSP1_Loader_3.0.0.11.exe a variant of Win32/HiddenStart.A potentially unsafe application

Thread will be closed.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:8-08-2014

Ran by nandscape (administrator) on nandscapePC on 10-08-2014 05:23:36

Running from C:\Users\nandscape\Downloads

Platform: Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: Português (Brasil)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeterSvc.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe

() C:\Windows\System32\PnkBstrA.exe

(Tanuki Software, Ltd.) C:\Program Files\PS3 Media Server\Versao_182\PS3 Media Server\win32\service\wrapper.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Sun Microsystems, Inc.) C:\Windows\System32\java.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(DT Soft Ltd.) C:\Program Files\DAEMON Tools\daemon.exe

(Intel Corporation) C:\Program Files\Intel Audio Studio 2.7\IntelAudioStudio.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

() C:\Windows\twain_32\TCE\S430\SCANER32.EXE

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Microsoft Corporation) C:\Windows\System32\wuauclt.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe

(Microsoft Corporation) C:\Windows\System32\conime.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)

Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll (Caixa Economica Federal)

Winlogon\Notify\ GbPluginIsg: C:\Program Files\GbPlugin\gbiehIsg.dll (Infoseg - Senasp)

Winlogon\Notify\ GbPluginUni: C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)

HKLM\...\Policies\Explorer\Run: [] => 1 No File

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [DLD.EXE] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [1058816 2009-03-13] (Hagel Technologies Ltd.)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [spybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [HideLegacyLogonScripts] 0

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [HideLogoffScripts] 0

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [RunLogonScriptSync] 1

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [RunStartupScriptSync] 0

HKU\S-1-5-21-3925259852-1633748315-1759152405-1000\...\Policies\system: [HideStartupScripts] 0

Startup: C:\Users\nandscape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TCE Scanner Utilities.lnk

ShortcutTarget: TCE Scanner Utilities.lnk -> C:\Windows\twain_32\TCE\S430\SCANER32.EXE ()

SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

SearchScopes: HKCU - {FD1349FF-A3AB-43ED-99E4-B2BF368F9F72} URL = http://www.google.com.br/search?hl=pt-BR&q={searchTerms}&meta=&rlz=1I7ADFA_pt-BR

BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: ssh2 Class -> {2E3C3651-B19C-4DD9-A979-901EC3E930AF} -> C:\Program Files\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)

BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll (BitComet)

BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File

BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Auxiliar de Conexão do Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)

BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540015} -> C:\Program Files\GbPlugin\gbiehIsg.dll (Infoseg - Senasp)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File

Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)



DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files\GbPlugin\gbiehIsg.dll [1463232 2014-01-14] (Infoseg - Senasp)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1685384 2011-07-18] (Banco do Brasil)

ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehUni.dll [1586744 2014-05-05] (Banco Itaú Unibanco)

Tcpip\Parameters: [DhcpNameServer] 201.17.0.79 201.17.0.119

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\nandscape\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)

FF Plugin HKCU: gastecnologia.com.br/sf/uni - C:\Users\nandscape\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\nandscape\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-28]

FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn

FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn [2010-02-26]

FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2014-08-09]

 

Chrome: 

=======

CHR HomePage: 

CHR DefaultSearchKeyword: google.com.br

CHR DefaultNewTabURL: 

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.190.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)

CHR Plugin: (Java Platform SE 6 U19) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.1.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Octoshape Streaming Services) - C:\Users\nandscape\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Plugin: (Octoshape Streaming Services) - C:\Users\nandscape\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Extension: (Google Docs) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-26]

CHR Extension: (Google Drive) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-26]

CHR Extension: (YouTube) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-26]

CHR Extension: (Pesquisa do Google) - C:\Users\nandscapes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-26]

CHR Extension: (GBBD GuardiÃÃÆâ€ââ€ÅÂÂ

Link to post
Share on other sites

€žÂ¢ÃƒÆ’ƒâ€ Ã¢â‚¬â„¢ÃƒÆ’¢â‚¬Å¡Ãƒâ€šÃ‚º 30 horas) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2014-04-30]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-08-21]

CHR Extension: (Google Wallet) - C:\Users\nandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR Extension: (Gmail) - C:\Users\Mnandscape\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-26]

CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-08-21]

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)

R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [504832 2009-03-13] (Hagel Technologies Ltd.) [File not signed]

S2 EraserSvc11210; C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)

S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2007-04-05] (Macrovision Europe Ltd.) [File not signed]

R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]

R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

S3 MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]

S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]

R2 NIS; C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)

S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2009-07-01] ()

R2 PS3 Media Server; C:\Program Files\PS3 Media Server\Versao_182\PS3 Media Server\win32\service\wrapper.exe [366872 2011-05-17] (Tanuki Software, Ltd.)

S2 scpVista; C:\Program Files\Scpad\scpVista.exe [136496 2009-07-10] (Scopus Tecnologia Ltda)

S3 SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\STacSV.exe [254036 2009-03-12] (IDT, Inc.)

S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]

S4 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-18] (Microsoft Corporation)

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)

R2 Av260cn; C:\Windows\system32\Drivers\Av260cn.sys [84192 1997-10-08] () [File not signed]

R2 Av260cnb; C:\Windows\system32\Drivers\Av260cnb.sys [83904 1997-10-08] () [File not signed]

R2 Av260cnd; C:\Windows\system32\Drivers\Av260cnd.sys [84000 1997-10-27] () [File not signed]

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20140801.001\BHDrvx86.sys [1101616 2014-05-09] (Symantec Corporation)

R1 ccHP; C:\Windows\system32\drivers\NIS\1109000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)

R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-10] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-07-31] (Symantec Corporation)

R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [47192 2014-06-13] (GAS Tecnologia)

R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20140808.002\IDSvix86.sys [395992 2014-07-31] (Symantec Corporation)

S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41888 2007-05-09] (Logitech Inc.)

R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-10] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140809.004\NAVENG.SYS [93272 2014-07-31] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20140809.004\NAVEX15.SYS [1612376 2014-07-31] (Symantec Corporation)

R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-07-05] (GAS Tecnologia)

S3 NdisrdMP; C:\Windows\System32\DRIVERS\gbpndisrd.sys [31088 2014-08-05] (GbPlugin NDIS Device Driver)

R1 NTGDT; C:\Windows\system32\Drivers\NTGDT.SYS [18112 2008-02-15] () [File not signed]

R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [24680 2009-11-24] (NVIDIA Corporation)

S0 OemBiosDevice; C:\Windows\System32\drivers\royal.sys [240128 2007-08-20] (PARADOX) [File not signed]

S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [14112 2007-05-09] (Logitech Inc.)

S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [1276832 2007-05-09] (Logitech Inc.)

S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [10070016 2012-07-04] (Advanced Micro Devices, Inc.)

R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [22528 2007-03-30] (Feitian Technologies Co., Ltd.)

S3 RT73; C:\Windows\System32\DRIVERS\rt73.sys [245504 2005-11-04] (Ralink Technology, Corp.)

S3 SE30bus; C:\Windows\System32\DRIVERS\SE30bus.sys [61600 2006-05-15] (MCCI) [File not signed]

S3 SE30mdfl; C:\Windows\System32\DRIVERS\SE30mdfl.sys [9360 2006-05-15] (MCCI) [File not signed]

S3 SE30mdm; C:\Windows\System32\DRIVERS\SE30mdm.sys [97184 2006-05-15] (MCCI) [File not signed]

S3 SE30mgmt; C:\Windows\System32\DRIVERS\SE30mgmt.sys [88688 2006-05-15] (MCCI) [File not signed]

S3 se30nd5; C:\Windows\System32\DRIVERS\se30nd5.sys [18704 2006-05-15] (MCCI) [File not signed]

S3 SE30obex; C:\Windows\System32\DRIVERS\SE30obex.sys [86560 2006-05-15] (MCCI) [File not signed]

S3 se30unic; C:\Windows\System32\DRIVERS\se30unic.sys [90800 2006-05-15] (MCCI) [File not signed]

R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [209200 2007-02-07] (Silicon Image, Inc)

R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)

R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [5504 2006-10-18] (Silicon Image, Inc.)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2007-03-26] () [File not signed]

R1 SRTSP; C:\Windows\System32\Drivers\NIS\1109000.00C\SRTSP.SYS [325680 2010-04-21] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NIS\1109000.00C\SRTSPX.SYS [43696 2010-04-21] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NIS\1109000.00C\SYMDS.SYS [328752 2009-08-29] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NIS\1109000.00C\SYMEFA.SYS [173176 2011-08-21] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2010-02-26] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NIS\1109000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)

R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1109000.00C\SYMTDIV.SYS [340088 2011-08-21] (Symantec Corporation)

S3 ZSMC302; C:\Windows\System32\Drivers\usbvm302.sys [90968 2004-03-19] (VM)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

U3 navapsvc; 

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S2 PavProc; No ImagePath

S3 PavSRK.sys; No ImagePath

S3 PavTPK.sys; No ImagePath

U3 SAVRT; 

U1 SAVRTPEL; 

S3 sfng32; system32\drivers\sfng32.sys [X]

S2 TimerStop; No ImagePath

U3 TlntSvr; 

U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2006-09-07] () [File not signed]

U2 wuaserv; 

U3 a718l7un; No ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2099-12-31 17:52 - 2007-08-31 10:47 - 00000000 ____D () C:\Users\nandscape\Downloads\Vista_StopTimer

2014-08-10 05:40 - 2014-08-10 05:40 - 00004553 _____ () C:\Users\nandscape\Downloads\ESET.txt

2014-08-09 12:48 - 2014-08-09 12:48 - 02347384 _____ (ESET) C:\Users\nandscape\Downloads\esetsmartinstaller_enu.exe

2014-08-09 12:18 - 2014-08-09 12:18 - 00000878 _____ () C:\Windows\PFRO.log

2014-08-09 09:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-08-09 08:59 - 2014-08-09 11:54 - 00000000 ____D () C:\AdwCleaner

2014-08-09 08:57 - 2014-08-09 08:57 - 01366203 _____ () C:\Users\nandscape\Downloads\AdwCleaner.exe

2014-08-08 23:59 - 2014-08-09 00:05 - 00001825 _____ () C:\Users\nandscape\Desktop\Malwarebytes.txt

2014-08-08 21:47 - 2014-08-10 03:44 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-08 21:43 - 2014-08-08 21:43 - 00000915 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-08 21:43 - 2014-08-08 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-08 21:43 - 2014-08-08 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-08 21:43 - 2014-08-08 21:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-08-08 21:43 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-08-08 21:43 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-08-08 21:43 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-08-08 21:16 - 2014-08-08 21:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\nandscape\Desktop\mbam-setup-2.0.2.1012.exe

2014-08-08 00:19 - 2014-08-08 21:55 - 00051745 _____ () C:\Users\nandscape\Downloads\Addition.txt

2014-08-07 23:56 - 2014-08-10 05:47 - 06244012 _____ () C:\Users\nandscape\Downloads\FRST.txt

2014-08-07 23:56 - 2014-08-10 05:23 - 00000000 ____D () C:\FRST

2014-08-07 23:53 - 2014-08-07 23:53 - 01084928 _____ (Farbar) C:\Users\nandscape\Downloads\FRST.exe

2014-08-07 18:07 - 2014-08-07 18:07 - 00011279 _____ () C:\Users\nandscape\Downloads\hijackthis.log

2014-08-07 17:57 - 2014-08-07 17:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\nandscape\Downloads\HijackThis.exe

2014-08-07 17:18 - 2014-08-07 17:49 - 00000000 ____D () C:\ProgramData\SecTaskMan

2014-08-07 17:17 - 2014-08-07 17:17 - 02365840 _____ () C:\Users\nandscape\Downloads\SecurityTaskManager_Setup.exe

2014-08-07 17:17 - 2014-08-07 17:17 - 00000000 ____D () C:\Program Files\Security Task Manager

2014-08-07 15:37 - 2014-08-07 15:37 - 00084681 _____ () C:\Users\nandscape\Downloads\Teste do Pezinho.zip

2014-08-05 01:56 - 2014-08-05 01:56 - 00005360 ____N () C:\bootex.log

2014-08-04 09:29 - 2014-08-04 10:47 - 00000000 ____D () C:\Program Files\Loaris

2014-08-04 09:29 - 2014-08-04 09:29 - 00000932 _____ () C:\Users\Public\Desktop\Loaris Trojan Remover.lnk

2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover

2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Loaris

2014-08-04 08:34 - 2014-08-04 08:35 - 00013891 _____ () C:\Users\nandscape\Downloads\Loaris Trojan Remover V1.3.3.7.torrent

2014-08-01 11:26 - 2014-08-01 11:26 - 00220672 _____ () C:\Users\nandscape\Downloads\Grade 11.08.2014 Pedro.xls

2014-07-31 05:36 - 2014-07-31 05:37 - 00000000 ____D () C:\Program Files\FreeNFe

2014-07-31 05:36 - 2014-07-31 05:36 - 00001720 _____ () C:\Users\Public\Desktop\Free NFe.lnk

2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free NFe

2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\Program Files\Firebird

2014-07-31 05:36 - 2013-04-28 23:17 - 00781312 _____ () C:\Windows\system32\DllSefaz32.dll

2014-07-31 05:36 - 2013-03-20 10:46 - 00416768 _____ (DelphiZip) C:\Windows\system32\DelZip190.dll

2014-07-31 05:36 - 2012-07-03 16:19 - 01425912 _____ (Microsoft Corporation) C:\Windows\system32\msxml5.dll

2014-07-31 05:36 - 2012-07-03 16:19 - 00091912 _____ (Microsoft Corporation) C:\Windows\system32\msxml5r.dll

2014-07-31 05:36 - 2012-07-02 13:59 - 00548864 _____ (Firebird Project) C:\Windows\system32\fbclient.dll

2014-07-31 05:36 - 2012-07-02 13:59 - 00367616 _____ () C:\Windows\system32\DllInscE32.dll

2014-07-31 05:36 - 2012-07-02 13:59 - 00148556 _____ () C:\Windows\firebird.msg

2014-07-31 05:36 - 2012-07-02 13:56 - 00274489 _____ (Microsoft Corporation) C:\Windows\system32\ntwdblib.dll

2014-07-31 05:36 - 2011-12-08 19:55 - 00042496 _____ (Embarcadero Technologies, Inc.) C:\Windows\system32\borlndmm.dll

2014-07-31 05:10 - 2014-07-31 05:10 - 00007633 _____ () C:\Users\nandscape\Downloads\Free NFe - Emissor Gratuito de Nota Fiscal Eletrônica 2.0.1.rar[www.b2s-share.com].torrent

2014-07-28 17:07 - 2014-07-28 17:07 - 00002652 _____ () C:\Users\nandscape\Downloads\Playboy.07.14.torrent

2014-07-28 15:37 - 2014-07-28 15:37 - 00015572 _____ () C:\Users\nandscape\Downloads\Auto.Esporte.27.07.2014.720p.HDTV.x264-TrueHD.mkv.torrent

2014-07-24 01:28 - 2014-07-24 01:28 - 00001411 _____ () C:\Users\Public\Desktop\DANFE View.lnk

2014-07-24 01:28 - 2014-07-24 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DANFE View

2014-07-24 01:27 - 2014-08-09 12:37 - 00000000 ____D () C:\DANFEView

2014-07-24 01:23 - 2014-07-24 01:24 - 21112752 _____ (Unimake Softwares ) C:\Users\nandscape\Downloads\idanfeview.exe

2014-07-24 01:10 - 2014-07-24 01:10 - 05042542 _____ (SERPRO) C:\Users\nandscape\Downloads\DNF-instalador-3.0.2.exe

2014-07-24 01:06 - 2014-08-07 11:22 - 00000000 ____D () C:\Users\nandscape\Desktop\FUSION_NF

2014-07-18 10:08 - 2014-07-18 10:09 - 00324596 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.13072014.720p.HDTV.x264.PedroGabriel.mkv.torrent

2014-07-18 10:08 - 2014-07-18 10:08 - 00320616 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.06072014.720p.HDTV.x264.PedroGabriel.mkv.torrent

2014-07-14 11:36 - 2014-07-14 11:36 - 00928245 _____ () C:\Users\nandscape\Desktop\SAMMYA_CPF.psd

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-10 05:48 - 2013-06-26 13:55 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-10 05:47 - 2014-08-07 23:56 - 06244012 _____ () C:\Users\nandscape\Downloads\FRST.txt

2014-08-10 05:40 - 2014-08-10 05:40 - 00004553 _____ () C:\Users\nandscape\Downloads\ESET.txt

2014-08-10 05:23 - 2014-08-07 23:56 - 00000000 ____D () C:\FRST

2014-08-10 04:20 - 2006-11-02 09:46 - 00005216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-10 04:20 - 2006-11-02 09:46 - 00005216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-10 03:44 - 2014-08-08 21:47 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-09 20:09 - 2006-11-02 09:51 - 01632002 _____ () C:\Windows\WindowsUpdate.log

2014-08-09 12:54 - 2007-03-25 23:57 - 00000000 ____D () C:\Program Files\ESET

2014-08-09 12:48 - 2014-08-09 12:48 - 02347384 _____ (ESET) C:\Users\nandscape\Downloads\esetsmartinstaller_enu.exe

2014-08-09 12:37 - 2014-07-24 01:27 - 00000000 ____D () C:\DANFEView

2014-08-09 12:23 - 2013-06-26 13:55 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-09 12:19 - 2006-11-02 10:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-09 12:18 - 2014-08-09 12:18 - 00000878 _____ () C:\Windows\PFRO.log

2014-08-09 12:16 - 2006-11-02 10:00 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-08-09 11:54 - 2014-08-09 08:59 - 00000000 ____D () C:\AdwCleaner

2014-08-09 08:57 - 2014-08-09 08:57 - 01366203 _____ () C:\Users\nandscape\Downloads\AdwCleaner.exe

2014-08-09 00:05 - 2014-08-08 23:59 - 00001825 _____ () C:\Users\nandscape\Desktop\Malwarebytes.txt

2014-08-08 21:55 - 2014-08-08 00:19 - 00051745 _____ () C:\Users\nandscape\Downloads\Addition.txt

2014-08-08 21:43 - 2014-08-08 21:43 - 00000915 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-08 21:43 - 2014-08-08 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-08 21:43 - 2014-08-08 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-08 21:43 - 2014-08-08 21:43 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-08-08 21:17 - 2014-08-08 21:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mnandscape\Desktop\mbam-setup-2.0.2.1012.exe

2014-08-08 12:19 - 2007-03-23 19:03 - 00240128 _____ () C:\Users\nandscape\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-08-07 23:53 - 2014-08-07 23:53 - 01084928 _____ (Farbar) C:\Users\nandscape\Downloads\FRST.exe

2014-08-07 18:07 - 2014-08-07 18:07 - 00011279 _____ () C:\Users\nandscape\Downloads\hijackthis.log

2014-08-07 17:57 - 2014-08-07 17:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\nandscape\Downloads\HijackThis.exe

2014-08-07 17:49 - 2014-08-07 17:18 - 00000000 ____D () C:\ProgramData\SecTaskMan

2014-08-07 17:17 - 2014-08-07 17:17 - 02365840 _____ () C:\Users\nandscape\Downloads\SecurityTaskManager_Setup.exe

2014-08-07 17:17 - 2014-08-07 17:17 - 00000000 ____D () C:\Program Files\Security Task Manager

2014-08-07 16:54 - 2008-01-27 11:47 - 00000000 ____D () C:\Program Files\AC3Filter

2014-08-07 15:37 - 2014-08-07 15:37 - 00084681 _____ () C:\Users\nandscape\Downloads\Teste do Pezinho.zip

2014-08-07 15:16 - 2007-04-05 18:03 - 00000000 ___RD () C:\Users\nandscape\Desktop\Audio-Video

2014-08-07 11:22 - 2014-07-24 01:06 - 00000000 ____D () C:\Users\nandscape\Desktop\FUSION_NF

2014-08-07 10:06 - 2009-10-16 19:58 - 00000000 ____D () C:\Users\nandscape\AppData\Roaming\Azureus

2014-08-07 09:54 - 2009-08-05 18:52 - 00000000 ____D () C:\Program Files\GbPlugin

2014-08-06 05:15 - 2008-08-24 22:37 - 00000000 ____D () C:\LinhaDefensiva

2014-08-06 05:14 - 2007-03-26 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter

2014-08-05 16:07 - 2009-08-04 13:02 - 00000000 ____D () C:\ProgramData\GbPlugin

2014-08-05 11:15 - 2012-01-06 10:02 - 00000000 ____D () C:\Users\nandscape\Documents\Cote_Rio_2

2014-08-05 07:44 - 2014-04-15 15:00 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\system32\Drivers\gbpndisrd.sys

2014-08-05 01:56 - 2014-08-05 01:56 - 00005360 ____N () C:\bootex.log

2014-08-04 10:47 - 2014-08-04 09:29 - 00000000 ____D () C:\Program Files\Loaris

2014-08-04 09:29 - 2014-08-04 09:29 - 00000932 _____ () C:\Users\Public\Desktop\Loaris Trojan Remover.lnk

2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover

2014-08-04 09:29 - 2014-08-04 09:29 - 00000000 ____D () C:\ProgramData\Loaris

2014-08-04 08:35 - 2014-08-04 08:34 - 00013891 _____ () C:\Users\nandscape\Downloads\Loaris Trojan Remover V1.3.3.7.torrent

2014-08-01 17:16 - 2006-11-05 22:25 - 00707872 _____ () C:\Windows\system32\prfh0416.dat

2014-08-01 17:16 - 2006-11-05 22:25 - 00151996 _____ () C:\Windows\system32\prfc0416.dat

2014-08-01 17:16 - 2006-11-02 07:33 - 01655402 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-01 11:26 - 2014-08-01 11:26 - 00220672 _____ () C:\Users\nandscape\Downloads\Grade 11.08.2014 Pedro.xls

2014-07-31 05:37 - 2014-07-31 05:36 - 00000000 ____D () C:\Program Files\FreeNFe

2014-07-31 05:36 - 2014-07-31 05:36 - 00001720 _____ () C:\Users\Public\Desktop\Free NFe.lnk

2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free NFe

2014-07-31 05:36 - 2014-07-31 05:36 - 00000000 ____D () C:\Program Files\Firebird

2014-07-31 05:10 - 2014-07-31 05:10 - 00007633 _____ () C:\Users\nandscape\Downloads\Free NFe - Emissor Gratuito de Nota Fiscal Eletrônica 2.0.1.rar[www.b2s-share.com].torrent

2014-07-30 11:57 - 2012-11-23 08:57 - 00001106 _____ () C:\Users\nandscape\acesso.serpro.gov.br.HOD.properties

2014-07-30 11:57 - 2007-03-23 18:45 - 00000000 ____D () C:\Users\nandscape

2014-07-28 17:07 - 2014-07-28 17:07 - 00002652 _____ () C:\Users\nandscape\Downloads\Playboy.07.14.torrent

2014-07-28 15:37 - 2014-07-28 15:37 - 00015572 _____ () C:\Users\nandscape\Downloads\Auto.Esporte.27.07.2014.720p.HDTV.x264-TrueHD.mkv.torrent

2014-07-25 12:58 - 2009-08-15 17:02 - 00000000 ____D () C:\Users\Convidado\Tracing

2014-07-24 01:28 - 2014-07-24 01:28 - 00001411 _____ () C:\Users\Public\Desktop\DANFE View.lnk

2014-07-24 01:28 - 2014-07-24 01:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DANFE View

2014-07-24 01:24 - 2014-07-24 01:23 - 21112752 _____ (Unimake Softwares ) C:\Users\nandscape\Downloads\idanfeview.exe

2014-07-24 01:22 - 2011-03-01 17:51 - 00000000 ____D () C:\Arquivos de Programas RFB

2014-07-24 01:10 - 2014-07-24 01:10 - 05042542 _____ (SERPRO) C:\Users\nandscape\Downloads\DNF-instalador-3.0.2.exe

2014-07-18 14:18 - 2010-07-09 12:31 - 00000000 ____D () C:\Users\nandscape\Documents\Andreia

2014-07-18 10:09 - 2014-07-18 10:08 - 00324596 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.13072014.720p.HDTV.x264.PedroGabriel.mkv.torrent

2014-07-18 10:08 - 2014-07-18 10:08 - 00320616 _____ () C:\Users\nandscape\Downloads\PanicoNaBand.06072014.720p.HDTV.x264.PedroGabriel.mkv.torrent

2014-07-17 21:03 - 2013-06-26 13:59 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-16 15:16 - 2013-11-01 22:59 - 17990982 _____ () C:\Users\nandscape\Downloads\Very Hot lesbians Kissing.mp4

2014-07-14 11:36 - 2014-07-14 11:36 - 00928245 _____ () C:\Users\nandscape\Desktop\SAMMYA_CPF.psd

 

Some content of TEMP:

====================

C:\Users\Convidado\AppData\Local\Temp\.gbas.dll

C:\Users\nandscape\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-10 00:36

 

==================== End Of Log ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.