Jump to content

Recommended Posts

Hi!

 

It seems I have been a victum of a anti-virus scam. I have these pop-ups on the task bar saying I might be infected and pointing to a commercial anti-virus program.

 

Could you please have a look into my hjt log file? I have run the Malwarebytes: Anti-Malware already.

 

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 22:11:06, on 23-10-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
 
FIREFOX: 32.0.3 (x86 pt-PT)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Optimus Kanguru 4G\Maincontroller.exe
C:\Program Files (x86)\PRIMAVERA\WindowsService100\bin\Primavera.Hesiod.TaskbarNotification.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Optimus Kanguru 4G\DeviceService.exe
C:\Program Files (x86)\PRIMAVERA\WindowsService100\bin\Primavera.AutoUpdateClient.TaskbarNotification.exe
C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe
C:\Users\Jorge\AppData\Roaming\cubby\cubby.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jorge\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [iFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [HP Officejet 7500 E910 (NET)] "C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe" -deviceID "MY2CJ310RZ05JB:NW" -scfn "HP Officejet 7500 E910 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LogMeIn Cubby] "C:\Users\Jorge\AppData\Roaming\cubby\cubby.exe" -hidden
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Serviço de rede')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Serviço de rede')
O4 - Startup: Monitorar alertas de tinta - HP Officejet 7500 E910 (Rede).lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Serviço Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HSPA USB MODEM Service - Unknown owner - C:\Program Files (x86)\Optimus Kanguru 4G\ApplicationController.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: PRIMAVERA CloudServices Activator v8.00  (PRIMAVERACloudServicesActivator800) - Unknown owner - C:\Program Files (x86)\PRIMAVERA\CloudServices800\CloudConnector\Primavera.CloudConnector.Activator.exe (file missing)
O23 - Service: PRIMAVERA Windows Services (PRIMAVERAWindowsService) - PRIMAVERA Business Software Solutions, S.A. - C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.WindowsService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\windows\system32\inetsrv\wmsvc.exe (file missing)
 
--
End of file - 16976 bytes
 
Link to post
Share on other sites

Hello jdcortereal and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

https://forums.malwarebytes.org/index.php?/topic/9573-im-infected-what-do-i-do-now/

Link to post
Share on other sites

Hi there!

 

Here go the two log data!

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Jorge at 2014-10-25 08:55:59
Running from C:\Users\Jorge\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version:  - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version:  - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version:  - Microsoft)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.28.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.28.0 - Alcor Micro Corp.) Hidden
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{AD944121-0484-4F0E-B4E8-920463A4DC5C}) (Version: 1.1.1.36 - ArcSoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30417 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crystal Report 2008 Runtime SP4 (HKLM-x32\...\{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}) (Version: 12.4.0.966 - SAP AG)
Cubby (HKCU\...\Cubby) (Version: 1.0.0.12648 - LogMeIn, Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.2106 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2321 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2531 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.5101 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.5101 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3423 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 4.1.1.3423 - CyberLink Corp.) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.28.30376 - Hewlett-Packard Company)
Embedded Security for HP ProtectTools (HKLM\...\{43BE25B8-E69F-42CF-9414-7DDCF891629B}) (Version: 7.0.000.2882 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.2.4549 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.2.4549 - Hewlett-Packard Company) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.5 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{C0C9A493-51CB-4F3F-A296-5B5E410C338E}) (Version: 5.0.9.0 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Connection Manager (HKLM-x32\...\{EC8D12E4-A73C-4C27-B1C7-E9683052E556}) (Version: 4.5.25.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Deskjet 1050 J410 series Ajuda (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Estudo de aprimoramento de produtos (HKLM\...\{3851B388-4869-450D-B56B-451C43E031DD}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Software básico do dispositivo (HKLM\...\{45936A78-6A4E-4510-A554-410A0517ABFD}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{3E26BB6F-F8EE-492F-923F-B0130D9D4646}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.16 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.11.2 - Hewlett-Packard Company)
HP Officejet 7500 E910 Ajuda (HKLM-x32\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Officejet 7500 E910 Estudo de aprimoramento de produtos (HKLM\...\{C9105833-04E3-4C6F-B75E-29372222868C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Software básico do dispositivo (HKLM\...\{FEF8B493-213B-4030-A31F-B7846EF3D515}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.0.1177 - Hewlett-Packard Company)
HP ProtectTools Security Manager (Version: 7.0.0.1177 - Hewlett-Packard Company) Hidden
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{223AE3E8-4445-410F-8EDA-13EC137E3BDB}) (Version: 3.4.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}) (Version: 2.4.1.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 17.3 - Intel)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.943.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Malwarebytes Anti-Malware versão 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Mozilla Firefox 32.0.3 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 pt-PT)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Optimus Kanguru 4G (HKLM-x32\...\Optimus Kanguru 4G_is1) (Version:  - TCT Mobile Limited)
Password Memory 5 (HKLM-x32\...\ca_keynote_is1) (Version: 5 - Code:Aero Technologies)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.93 - PDF Complete, Inc)
PRIMAVERA - Deployment Center Client v1.00 (HKLM-x32\...\{BFDE89BB-E5AC-458E-8D6B-435AB3DDC705}) (Version: 01.0005.1105 - PRIMAVERA)
PRIMAVERA - Windows Services v1.00 (HKLM-x32\...\{CC152EB6-8D14-48C3-906B-066CA5730286}) (Version: 01.0005.1043 - PRIMAVERA)
PRIMAVERA CloudConnector - Platform v8.00 (HKLM-x32\...\{C0756D6F-9682-4A8B-8B47-DD839EAA7436}) (Version: 8.0101.1499 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Base Aplicacional de Negócio v8.10 (HKLM-x32\...\{FB5B98E4-2E66-4617-9639-D999E1A59520}) (Version: 08.1006.1256 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Contabilidade v8.10 (HKLM-x32\...\{8E41EB10-B570-4D90-8248-E53A57A835DB}) (Version: 08.1006.1262 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Database Manager v8.10 (HKLM-x32\...\{5F50AE41-7297-4644-9884-A38CD7BFA6D5}) (Version: 08.1006.1082 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Declarações Fiscais e Oficiais v8.10 (HKLM-x32\...\{4ABE80C5-DF4D-4EF6-8D0E-B9714488FE5C}) (Version: 08.1006.1203 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Equipamentos e Activos v8.10 (HKLM-x32\...\{E9CAFC63-9061-4BAF-BC90-38509C4E63C1}) (Version: 08.1006.1254 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Logística e Tesouraria v8.10 (HKLM-x32\...\{6C5FD712-8910-439C-A4C4-D29880DD3F96}) (Version: 08.1006.1265 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Plataforma e Administrador v8.10 (HKLM-x32\...\{3F0561A8-CFF6-460A-B358-BA5733AED688}) (Version: 08.1006.1202 - PRIMAVERA)
PRIMAVERA EXECUTIVE - Recursos Humanos v8.10 (HKLM-x32\...\{53CA767E-D75C-4E38-BF25-C93C73DDBCF1}) (Version: 08.1006.1260 - PRIMAVERA)
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Suporte para Aplicações Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA 6.3 SDK by PRIMAVERA (HKLM-x32\...\{D85681A0-5301-4D79-B213-1B4B68D65B75}) (Version: 1.00.0008 - )
VideoDownloadConverter Toolbar Chrome Extension (HKLM-x32\...\VideoDownloadConverter_4z Chrome Extension Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Visualizador do Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0816-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
VoipCheapCom (HKLM-x32\...\VoipCheapCom_is1) (Version: 4.13 build 736 - Finarea S.A. Switzerland)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2335032104-3983965300-2769350856-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jorge\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2335032104-3983965300-2769350856-1002_Classes\CLSID\{BD22D1CE-1AAB-47ED-9FF0-C34606E926A3}\InprocServer32 -> C:\Users\Jorge\AppData\Roaming\cubby\cubbyext64.dll (LogMeIn, Inc.)
 
==================== Restore Points  =========================
 
10-10-2014 07:23:28 Windows Update
14-10-2014 07:19:57 Windows Update
16-10-2014 02:00:20 Windows Update
16-10-2014 05:59:36 Windows Update
19-10-2014 18:30:36 Windows Update
22-10-2014 20:55:05 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00F4597F-A8A1-4DC6-BD15-E58BD99E5CA9} - System32\Tasks\{75B69411-4330-4D34-BC5E-7F340CB27AAE} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {054DFBF2-2AEC-42DF-B276-09BD05E6F56B} - System32\Tasks\{BBC58BCC-E714-497E-8921-3CAD9163A0AE} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {2AFD4ECE-207E-4FD3-B443-9E5D0EC77135} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {38C8C2B1-7AA5-4F14-A97E-B4585CDC34B5} - System32\Tasks\{FE5D89D3-2CCF-40D0-8406-1CB6BC91CBB6} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {39CB9DDD-78C7-4FB8-8C3E-81CB73C74BF8} - System32\Tasks\{C36ACCD0-2E03-4497-AF4C-B0AD3EE925FA} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {43D1B5E2-59CB-4818-B7FC-1852F419E3B8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5DC75620-04C4-4283-A123-C9949CCE95B6} - System32\Tasks\{BE80372F-C79B-4CD2-B744-11A2F63C9562} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {6C4D025C-80B6-4935-8DDB-10A33A20FD30} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {98D480CB-1625-4EAF-B8F9-2B5AA716F899} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9ED0F5BD-B3DA-4DAF-B90D-CAC9FC41D6AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A41A0CDD-EFA1-489E-B591-6C1456D79729} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {AB47E1FA-0272-4FBD-B7D1-F79C7AD2F800} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {B0748434-E369-4B68-B243-C70079A4C69F} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-28] (Microsoft Corporation)
Task: {B2C8DA93-BC69-4D80-AAD4-09F7E083B7E1} - System32\Tasks\{AF9F9EA5-F73D-420B-B5CD-DD9FF283C01E} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {BEF4CA27-05A7-43D2-B98C-E819F9776142} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {CF43B8B1-46CE-41C1-AF16-A28200CAB5E6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-20] (AVAST Software)
Task: {D2E81EE8-201B-45E5-BE73-C5B6CDC50249} - System32\Tasks\{C6DEB2CB-68EC-406C-8ED0-A0434F3CD3C7} => C:\Program Files (x86)\PRIMAVERA\SG800\Apl\Erp800LE.exe [2014-02-04] (PRIMAVERA Business Software Solutions, SA)
Task: {F0E4FB6D-E364-42BE-97A0-1ECB30266FD0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2335032104-3983965300-2769350856-1002
Task: {FACF3A27-58C0-472D-8CA2-2D1BF0BF7F7B} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-01-18 00:57 - 2012-01-18 00:57 - 00298368 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2012-03-22 00:14 - 2012-03-22 00:14 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2011-10-12 10:03 - 2011-10-12 10:03 - 00213328 _____ () C:\windows\system32\PassThroughOTP.dll
2010-09-06 21:18 - 2010-09-06 21:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2012-03-21 23:34 - 2012-03-21 23:34 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2012-03-27 04:33 - 2012-03-27 04:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-14 19:32 - 2012-09-01 12:44 - 00561832 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\ApplicationController.exe
2014-07-14 19:32 - 2012-09-01 12:44 - 00164008 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Maincontroller.exe
2014-07-14 19:32 - 2012-09-01 12:44 - 00389288 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\DeviceService.exe
2012-03-21 23:36 - 2012-03-21 23:36 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2012-02-10 22:26 - 2012-02-10 22:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-05-29 19:55 - 2012-03-28 18:38 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2014-07-20 13:22 - 2014-07-20 13:22 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-24 21:28 - 2014-10-24 21:28 - 02896896 _____ () C:\Program Files\AVAST Software\Avast\defs\14102401\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-14 19:32 - 2012-05-16 16:57 - 00011362 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\mingwm10.dll
2014-07-14 19:32 - 2012-05-16 16:57 - 00043008 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\libgcc_s_dw2-1.dll
2014-07-14 19:32 - 2012-05-16 16:57 - 02537472 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\QtCore4.dll
2014-07-14 19:32 - 2012-08-15 15:49 - 01034752 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Common.dll
2014-07-14 19:32 - 2012-05-16 16:57 - 09814016 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\QtGui4.dll
2014-07-14 19:32 - 2012-05-16 16:57 - 01140224 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\QtNetwork4.dll
2013-05-29 20:20 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-07-14 19:32 - 2012-08-15 15:52 - 00557056 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Control.dll
2014-07-14 19:33 - 2012-09-01 12:43 - 00270848 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Plugin\PluginConnect.dll
2014-07-14 19:32 - 2012-09-01 12:42 - 00208896 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\CMControllers_General.dll
2014-07-14 19:33 - 2012-09-01 12:44 - 00308224 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Plugin\PluginMain.dll
2014-07-14 19:33 - 2012-09-01 12:42 - 00163840 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Plugin\PluginNetworkSetting.dll
2014-07-14 19:33 - 2012-09-01 12:44 - 00117248 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Plugin\PluginPinSetting.dll
2014-07-14 19:33 - 2012-09-01 12:43 - 00096768 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\Plugin\PluginUpdate.dll
2014-07-14 19:33 - 2012-05-16 16:57 - 00083456 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\imageformats\qgif4.dll
2014-07-14 19:33 - 2012-05-16 16:57 - 00083456 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\imageformats\qico4.dll
2014-07-14 19:33 - 2012-05-16 16:57 - 00287232 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\imageformats\qjpeg4.dll
2014-07-14 19:33 - 2012-05-16 16:57 - 00351744 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\imageformats\qmng4.dll
2014-07-14 19:33 - 2012-05-16 16:57 - 00378880 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\imageformats\qtiff4.dll
2014-07-14 19:33 - 2012-08-15 15:53 - 00193536 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\BusinessPlugin\PluginConnectBusiness.dll
2014-07-14 19:33 - 2012-08-15 15:52 - 00150528 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\BusinessPlugin\PluginPbBusiness.dll
2014-07-14 19:33 - 2012-08-15 15:53 - 00195072 _____ () C:\Program Files (x86)\Optimus Kanguru 4G\BusinessPlugin\PluginSmsBusiness.dll
2014-07-20 13:22 - 2014-07-20 13:22 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-22 00:00 - 2012-03-22 00:00 - 02846720 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2012-03-21 23:34 - 2012-03-21 23:34 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2012-03-21 23:59 - 2012-03-21 23:59 - 03002368 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2012-03-22 00:04 - 2012-03-22 00:04 - 02850816 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2012-03-22 00:02 - 2012-03-22 00:02 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2012-03-21 23:38 - 2012-03-21 23:38 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2012-03-21 23:39 - 2012-03-21 23:39 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-04-08 18:16 - 2013-04-08 18:16 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-16 08:22 - 2014-10-16 08:22 - 00172544 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-04-23 04:09 - 2012-02-02 02:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-05-29 19:55 - 2012-03-28 18:18 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-10-23 08:46 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-23 08:46 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-23 08:46 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-23 08:46 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0966080E
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrador (S-1-5-21-2335032104-3983965300-2769350856-500 - Administrator - Disabled)
Convidado (S-1-5-21-2335032104-3983965300-2769350856-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2335032104-3983965300-2769350856-1003 - Limited - Enabled)
Jorge (S-1-5-21-2335032104-3983965300-2769350856-1002 - Administrator - Enabled) => C:\Users\Jorge
 
==================== Faulty Device Manager Devices =============
 
Name: Officejet 7500 E910
Description: Officejet 7500 E910
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet 7500 E910
Description: Officejet 7500 E910
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/25/2014 08:08:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 06:14:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/24/2014 10:14:09 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha ao gerar o contexto de activação para "imaging1". Erro no ficheiro de manifesto ou de política imaging2 na linha imaging3.
O elemento imaging aparece como subordinado do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não é suportado por esta versão do Windows.
 
Error: (10/24/2014 08:04:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/23/2014 07:05:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/23/2014 10:52:22 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha ao gerar o contexto de activação para "imaging1". Erro no ficheiro de manifesto ou de política imaging2 na linha imaging3.
O elemento imaging aparece como subordinado do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não é suportado por esta versão do Windows.
 
Error: (10/23/2014 08:06:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2014 09:43:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/22/2014 08:45:30 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha ao gerar o contexto de activação para "imaging1". Erro no ficheiro de manifesto ou de política imaging2 na linha imaging3.
O elemento imaging aparece como subordinado do elemento urn:schemas-microsoft-com:asm.v1^assembly, o que não é suportado por esta versão do Windows.
 
Error: (10/22/2014 08:06:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (10/25/2014 08:08:46 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
 
Error: (10/25/2014 08:08:46 AM) (Source: W3SVC) (EventID: 1004) (User: )
Description: O Serviço de Publicação World Wide Web (Serviço WWW) não registou o prefixo de URL http://*:80/ para o site 1. O site foi desactivado. O campo de dados contém o número de erro.
 
Error: (10/24/2014 06:14:01 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
 
Error: (10/24/2014 06:14:01 PM) (Source: W3SVC) (EventID: 1004) (User: )
Description: O Serviço de Publicação World Wide Web (Serviço WWW) não registou o prefixo de URL http://*:80/ para o site 1. O site foi desactivado. O campo de dados contém o número de erro.
 
Error: (10/24/2014 05:52:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
 
Error: (10/24/2014 08:05:08 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: A funcionalidade de Protecção em Tempo Real %%860 detectou um erro e falhou.
 
Funcionalidade: %%835
 
Código de Erro: 0x80004005
 
Descrição do erro: Erro não especificado 
 
Motivo: %%842
 
Error: (10/24/2014 08:04:30 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
 
Error: (10/24/2014 08:04:30 AM) (Source: W3SVC) (EventID: 1004) (User: )
Description: O Serviço de Publicação World Wide Web (Serviço WWW) não registou o prefixo de URL http://*:80/ para o site 1. O site foi desactivado. O campo de dados contém o número de erro.
 
Error: (10/23/2014 07:06:09 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: A funcionalidade de Protecção em Tempo Real %%860 detectou um erro e falhou.
 
Funcionalidade: %%835
 
Código de Erro: 0x80004005
 
Descrição do erro: Erro não especificado 
 
Motivo: %%842
 
Error: (10/23/2014 08:06:42 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: A funcionalidade de Protecção em Tempo Real %%860 detectou um erro e falhou.
 
Funcionalidade: %%835
 
Código de Erro: 0x80004005
 
Descrição do erro: Erro não especificado 
 
Motivo: %%842
 
 
Microsoft Office Sessions:
=========================
Error: (01/14/2014 03:50:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-3380M CPU @ 2.90GHz
Percentage of memory in use: 61%
Total physical RAM: 3959.55 MB
Available physical RAM: 1510.12 MB
Total Pagefile: 7917.28 MB
Available Pagefile: 4394.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:442.83 GB) (Free:332.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.97 GB) FAT32
Drive f: (driver) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: (HP_RECOVERY) (Fixed) (Total:20.64 GB) (Free:3.14 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C160742A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=442.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
 
==================== End Of Log ============================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Jorge (administrator) on JORGE-HP on 25-10-2014 08:55:04
Running from C:\Users\Jorge\Downloads
Loaded Profile: Jorge (Available profiles: Jorge & Classic .NET AppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(VoipCheapCom) C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe
() C:\Program Files (x86)\Optimus Kanguru 4G\ApplicationController.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(LogMeIn, Inc.) C:\Users\Jorge\AppData\Roaming\cubby\cubby.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
() C:\Program Files (x86)\Optimus Kanguru 4G\Maincontroller.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Optimus Kanguru 4G\DeviceService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(PRIMAVERA Business Software Solutions, S.A.) C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.WindowsService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(PRIMAVERA Business Software Solutions, S.A.) C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.TaskbarNotification.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(PRIMAVERA Business Software Solutions, S.A.) C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.AutoUpdateClient.TaskbarNotification.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
(Farbar) C:\Users\Jorge\Downloads\FRST64 (3).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-09] (Synaptics Incorporated)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7173632 2013-05-29] (Broadcom Corporation)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-03-07] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-09-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-04-23] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [iFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-30] (AVAST Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [VoipCheapCom] => C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe [19936072 2014-02-20] (VoipCheapCom)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [LogMeIn Cubby] => C:\Users\Jorge\AppData\Roaming\cubby\cubby.exe [5454608 2014-09-17] (LogMeIn, Inc.)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\MountPoints2: {362dd7ca-0b73-11e4-b660-b8763fe0c570} - D:\autorun.exe
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\MountPoints2: {e39b40ef-263e-11e4-a6b4-b8763fe0c570} - D:\autorun.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet 7500 E910 (Rede).lnk
ShortcutTarget: Monitorar alertas de tinta - HP Officejet 7500 E910 (Rede).lnk -> C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\nj4lxhtk.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Homepage: www.google.pt
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\nj4lxhtk.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-20]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-29]
CHR Extension: (Google Drive) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-29]
CHR Extension: (YouTube) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-29]
CHR Extension: (Pesquisa do Google) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-29]
CHR Extension: (Avast Online Security) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-20]
CHR Extension: (Google Wallet) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]
CHR Extension: (Gmail) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-29]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-13] (Hewlett-Packard Company)
R2 HPSLPSVC; C:\Users\Jorge\AppData\Local\Temp\7zS758F\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 HSPA USB MODEM Service; C:\Program Files (x86)\Optimus Kanguru 4G\ApplicationController.exe [561832 2012-09-01] ()
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-21] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-03-07] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG)
R2 PRIMAVERAWindowsService; C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.WindowsService.exe [177328 2014-08-05] (PRIMAVERA Business Software Solutions, S.A.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5858304 2013-05-29] (Broadcom Corporation) [File not signed]
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S2 PRIMAVERACloudServicesActivator800; C:\Program Files (x86)\PRIMAVERA\CloudServices800\CloudConnector\Primavera.CloudConnector.Activator.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2012-07-03] (TCT International Mobile Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2012-03-31] (TCT International Mobile Ltd.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-25 08:55 - 2014-10-25 08:55 - 00028425 _____ () C:\Users\Jorge\Downloads\FRST.txt
2014-10-25 08:53 - 2014-10-25 08:54 - 02112000 _____ (Farbar) C:\Users\Jorge\Downloads\FRST64 (3).exe
2014-10-24 22:22 - 2014-10-24 22:23 - 02112000 _____ (Farbar) C:\Users\Jorge\Downloads\FRST64 (2).exe
2014-10-24 21:31 - 2014-10-25 08:55 - 00000000 ____D () C:\FRST
2014-10-24 21:24 - 2014-10-24 21:24 - 02112000 _____ (Farbar) C:\Users\Jorge\Downloads\FRST64 (1).exe
2014-10-24 20:18 - 2014-10-24 20:18 - 02112000 _____ (Farbar) C:\Users\Jorge\Downloads\FRST64.exe
2014-10-24 19:55 - 2014-10-24 19:59 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Jorge\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-10-24 19:55 - 2014-10-24 19:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Jorge\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-23 22:11 - 2014-10-23 22:11 - 00016978 _____ () C:\Users\Jorge\Downloads\hijackthis.log
2014-10-23 22:11 - 2014-10-23 22:11 - 00016978 _____ () C:\Users\Jorge\Desktop\hijackthis.log
2014-10-23 22:09 - 2014-10-23 22:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jorge\Downloads\HijackThis.exe
2014-10-18 10:56 - 2014-10-20 08:29 - 00028998 _____ () C:\Users\Jorge\Desktop\Efectividade PROSTEEEL Outubro 2014.xlsx
2014-10-16 16:53 - 2014-10-17 23:02 - 00000270 _____ () C:\windows\SysWOW64\debug.log
2014-10-16 03:24 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 03:24 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 03:24 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 03:24 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 03:24 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 03:24 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 03:24 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 03:24 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 03:24 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 03:24 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 03:24 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 03:24 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-16 03:24 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 03:24 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 03:24 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-16 03:24 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 03:24 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-16 03:24 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-16 03:24 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 03:24 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 03:24 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 03:24 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-16 03:24 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-16 03:24 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 03:24 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-16 03:24 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-16 03:24 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 03:24 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 03:24 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 03:24 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 03:24 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-16 03:24 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 03:24 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 03:24 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-16 03:24 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 03:24 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-16 03:24 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 03:24 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 03:24 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 03:24 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 03:24 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-16 03:24 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-16 03:24 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-16 03:24 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 03:24 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 03:24 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-16 03:24 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 03:24 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 03:24 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 03:24 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 03:24 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-16 03:24 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 03:24 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 03:24 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-16 03:24 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 03:24 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-16 03:06 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 03:06 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 03:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-16 03:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-16 03:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 03:06 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-16 03:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-16 03:06 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-16 02:43 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 02:43 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 02:43 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 01:03 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 00:56 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-16 00:24 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 00:24 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 23:18 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 23:18 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 09:52 - 2014-10-16 10:42 - 00000000 ____D () C:\Users\Jorge\AppData\Local\WinZip
2014-10-15 09:52 - 2014-10-15 09:52 - 00002263 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-10-15 09:52 - 2014-10-15 09:52 - 00002257 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-10-15 09:52 - 2014-10-15 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-10-15 09:52 - 2014-10-15 09:52 - 00000000 ____D () C:\Program Files\WinZip
2014-10-15 09:40 - 2014-10-15 09:40 - 00004026 _____ () C:\windows\System32\Tasks\LaunchSignup
2014-10-15 09:27 - 2014-10-15 09:31 - 12353078 _____ () C:\Users\Jorge\Downloads\SERRLHARIA.zip
2014-10-12 07:28 - 2014-10-12 07:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-12 07:28 - 2014-10-12 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-10 18:58 - 2014-10-10 18:58 - 00009138 _____ () C:\Users\Jorge\Desktop\Documents\Contas Jango SET-OUT 14.xlsx
2014-10-10 08:58 - 2014-10-22 14:59 - 00000000 ____D () C:\Users\Jorge\Desktop\Contas correntes OUT 2014
2014-10-08 12:14 - 2014-10-08 12:14 - 00042851 _____ () C:\Users\Jorge\Desktop\FACTURA I10- JORGE CORTE-REAL.xlsx
2014-10-08 08:35 - 2014-10-08 08:37 - 00000000 ____D () C:\Users\Jorge\Downloads\SEPA- Anulação aut. débitos diretos
2014-10-07 17:02 - 2014-06-25 14:58 - 00013786 _____ () C:\Users\Jorge\Desktop\facturação contentores HA-PROST 2103-14.xlsx
2014-10-06 17:03 - 2014-10-06 17:03 - 00129024 _____ () C:\Users\Jorge\Desktop\ADC_PROS.rpt
2014-10-01 14:19 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-10-01 14:19 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2014-09-27 11:38 - 2014-10-03 16:35 - 00010365 _____ () C:\Users\Jorge\Desktop\pintura tubos CCC.xlsx
2014-09-25 23:00 - 2014-09-25 23:00 - 00000326 _____ () C:\Users\Jorge\Desktop\Ferramentas de diagnóstico da impressora HP.url
2014-09-25 14:59 - 2014-09-25 14:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 11:16 - 2014-09-25 11:21 - 00013068 _____ () C:\Users\Jorge\Desktop\Dados do pessoal PROSTEEEL 2014.xlsx
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-25 08:47 - 2013-09-29 22:03 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Skype
2014-10-25 08:42 - 2013-09-29 22:05 - 00001008 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-25 08:18 - 2013-10-18 19:33 - 00071964 _____ () C:\Users\Jorge\Desktop\caixa Prosteel.xlsx
2014-10-25 08:16 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-25 08:16 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-25 08:15 - 2013-04-23 04:38 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-25 08:13 - 2013-05-29 19:35 - 02003570 _____ () C:\windows\WindowsUpdate.log
2014-10-25 08:10 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\inetsrv
2014-10-25 08:09 - 2013-11-04 15:41 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\cubby
2014-10-25 08:09 - 2013-04-23 04:25 - 00000000 ____D () C:\ProgramData\PDFC
2014-10-25 08:08 - 2013-09-29 22:05 - 00001004 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-25 08:07 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-25 08:06 - 2009-07-14 05:51 - 00096868 _____ () C:\windows\setupact.log
2014-10-24 22:09 - 2014-01-08 11:02 - 00000000 ____D () C:\Users\Jorge\Desktop\Proformas 2014
2014-10-24 20:02 - 2014-06-24 10:16 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 20:01 - 2014-06-24 10:15 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-24 20:01 - 2014-06-24 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 20:01 - 2014-06-24 10:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-24 16:06 - 2014-02-17 14:51 - 00031080 _____ () C:\Users\Jorge\Desktop\PROFORMA nº  -2014.xlsx
2014-10-24 16:03 - 2013-10-18 19:33 - 00042244 _____ () C:\Users\Jorge\Desktop\registo proformas.xlsx
2014-10-24 08:49 - 2013-10-18 19:33 - 00015828 _____ () C:\Users\Jorge\Desktop\ACAIL.xlsx
2014-10-24 08:05 - 2013-12-20 18:07 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-23 15:24 - 2013-05-29 20:05 - 00000000 ____D () C:\ProgramData\Temp
2014-10-23 09:29 - 2013-04-23 02:38 - 00801976 _____ () C:\windows\system32\prfh0816.dat
2014-10-23 09:29 - 2013-04-23 02:38 - 00181720 _____ () C:\windows\system32\prfc0816.dat
2014-10-23 09:29 - 2009-07-14 06:13 - 01869308 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-23 09:20 - 2013-11-11 11:42 - 00000000 ____D () C:\Users\Jorge\Desktop\Documents\Youcam
2014-10-23 08:46 - 2013-09-29 22:06 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-18 19:37 - 2013-09-29 22:05 - 00004004 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 19:37 - 2013-09-29 22:05 - 00003752 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 22:18 - 2013-10-18 19:33 - 00000000 ____D () C:\Users\Jorge\Desktop\docs
2014-10-16 16:53 - 2013-09-29 22:02 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Adobe
2014-10-16 10:41 - 2013-05-29 20:25 - 00000000 ____D () C:\ProgramData\WinZip
2014-10-16 08:54 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-16 07:01 - 2013-09-30 21:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 03:27 - 2009-07-14 05:45 - 00429872 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 03:05 - 2014-05-07 08:43 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 03:04 - 2014-03-20 10:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 03:00 - 2014-03-20 10:41 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-15 09:52 - 2013-04-23 04:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-10-13 08:05 - 2009-07-14 06:08 - 00032578 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-12 07:28 - 2013-05-29 20:22 - 00000000 ____D () C:\ProgramData\Skype
2014-10-09 18:24 - 2013-10-18 19:33 - 00049520 _____ () C:\Users\Jorge\Desktop\custos AngolaÚltima versão.xlsx
2014-10-08 14:17 - 2014-07-02 10:58 - 00000000 ____D () C:\Users\Jorge\Desktop\Contas corr, fornecedores
2014-10-07 09:06 - 2013-10-18 19:33 - 00000000 ____D () C:\Users\Jorge\Desktop\Desenhos Comerciais
2014-10-06 09:12 - 2014-04-17 08:27 - 00000000 ____D () C:\Users\Jorge\Desktop\efecitividade
2014-10-02 22:57 - 2013-10-28 17:19 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\HpUpdate
2014-10-02 11:58 - 2013-10-28 14:35 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2014-10-02 11:58 - 2013-10-28 14:35 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-10-01 11:11 - 2014-06-24 10:15 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-24 10:15 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2014-06-24 10:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-01 08:25 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-26 23:34 - 2013-10-13 17:43 - 00000000 ____D () C:\windows\System32\Tasks\Games
2014-09-26 16:38 - 2014-09-14 17:10 - 00029120 _____ () C:\Users\Jorge\Desktop\Efectividade PROSTEEEL Setembro 2014.xlsx
2014-09-25 18:47 - 2013-10-20 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
 
Some content of TEMP:
====================
C:\Users\Jorge\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jorge\AppData\Local\Temp\CloudBackup4460.exe
C:\Users\Jorge\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuitzii.dll
C:\Users\Jorge\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Jorge\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Jorge\AppData\Local\Temp\HPInstaller.exe
C:\Users\Jorge\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jorge\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jorge\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-16 00:51
 
==================== End Of Log ============================
 
 
Link to post
Share on other sites

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Next, reboot your system and generate a new fresh FRST log.

Link to post
Share on other sites

  • 2 weeks later...

Here goes, after uninstalling bittorrent:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Jorge (administrator) on JORGE-HP on 02-11-2014 16:51:59
Running from C:\Users\Jorge\Downloads
Loaded Profile: Jorge (Available profiles: Jorge & Classic .NET AppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
() C:\Program Files (x86)\Optimus Kanguru 4G\ApplicationController.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(PRIMAVERA Business Software Solutions, S.A.) C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.WindowsService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Optimus Kanguru 4G\Maincontroller.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Optimus Kanguru 4G\DeviceService.exe
(VoipCheapCom) C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(LogMeIn, Inc.) C:\Users\Jorge\AppData\Roaming\cubby\cubby.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(PRIMAVERA Business Software Solutions, S.A.) C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.TaskbarNotification.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(PRIMAVERA Business Software Solutions, S.A.) C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.AutoUpdateClient.TaskbarNotification.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-09] (Synaptics Incorporated)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7173632 2013-05-29] (Broadcom Corporation)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-03-07] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [334240 2012-09-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-04-23] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [iFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-30] (AVAST Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [VoipCheapCom] => C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe [19936072 2014-02-20] (VoipCheapCom)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [LogMeIn Cubby] => C:\Users\Jorge\AppData\Roaming\cubby\cubby.exe [5454608 2014-09-17] (LogMeIn, Inc.)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\MountPoints2: {362dd7ca-0b73-11e4-b660-b8763fe0c570} - D:\autorun.exe
HKU\S-1-5-21-2335032104-3983965300-2769350856-1002\...\MountPoints2: {e39b40ef-263e-11e4-a6b4-b8763fe0c570} - D:\autorun.exe
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet 7500 E910 (Rede).lnk
ShortcutTarget: Monitorar alertas de tinta - HP Officejet 7500 E910 (Rede).lnk -> C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\nj4lxhtk.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Homepage: www.google.pt
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\nj4lxhtk.default\searchplugins\bing-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-20]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-29]
CHR Extension: (Google Drive) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-29]
CHR Extension: (YouTube) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-29]
CHR Extension: (Pesquisa do Google) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-29]
CHR Extension: (Avast Online Security) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-20]
CHR Extension: (Google Wallet) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]
CHR Extension: (Gmail) - C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-29]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [523680 2012-09-13] (Hewlett-Packard Company)
R2 HPSLPSVC; C:\Users\Jorge\AppData\Local\Temp\7zS758F\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 HSPA USB MODEM Service; C:\Program Files (x86)\Optimus Kanguru 4G\ApplicationController.exe [561832 2012-09-01] ()
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1127800 2012-01-27] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [984440 2012-01-27] (Infineon Technologies AG)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-21] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-03-07] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [212344 2012-01-27] (Infineon Technologies AG)
R2 PRIMAVERAWindowsService; C:\Program Files (x86)\PRIMAVERA\WindowsService100\Bin\Primavera.Hesiod.WindowsService.exe [177328 2014-08-05] (PRIMAVERA Business Software Solutions, S.A.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5858304 2013-05-29] (Broadcom Corporation) [File not signed]
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S2 PRIMAVERACloudServicesActivator800; C:\Program Files (x86)\PRIMAVERA\CloudServices800\CloudConnector\Primavera.CloudConnector.Activator.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2012-07-03] (TCT International Mobile Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2012-03-31] (TCT International Mobile Ltd.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-02 16:51 - 2014-11-02 16:51 - 00000000 ____D () C:\Users\Jorge\Downloads\FRST-OlderVersion
2014-10-27 09:12 - 2014-10-27 09:12 - 00010789 _____ () C:\Users\Jorge\Desktop\Documents\Cartões BAI-BNI.xlsx
2014-10-25 08:55 - 2014-11-02 16:51 - 00028195 _____ () C:\Users\Jorge\Downloads\FRST.txt
2014-10-25 08:55 - 2014-10-25 08:57 - 00039786 _____ () C:\Users\Jorge\Downloads\Addition.txt
2014-10-24 21:31 - 2014-11-02 16:52 - 00000000 ____D () C:\FRST
2014-10-24 20:18 - 2014-11-02 16:51 - 02114560 _____ (Farbar) C:\Users\Jorge\Downloads\FRST64.exe
2014-10-24 19:55 - 2014-10-24 19:59 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Jorge\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-10-24 19:55 - 2014-10-24 19:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Jorge\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-23 22:11 - 2014-10-23 22:11 - 00016978 _____ () C:\Users\Jorge\Downloads\hijackthis.log
2014-10-23 22:11 - 2014-10-23 22:11 - 00016978 _____ () C:\Users\Jorge\Desktop\hijackthis.log
2014-10-23 22:09 - 2014-10-23 22:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jorge\Downloads\HijackThis.exe
2014-10-18 10:56 - 2014-10-20 08:29 - 00028998 _____ () C:\Users\Jorge\Desktop\Efectividade PROSTEEEL Outubro 2014.xlsx
2014-10-16 16:53 - 2014-10-17 23:02 - 00000270 _____ () C:\windows\SysWOW64\debug.log
2014-10-16 03:24 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 03:24 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 03:24 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 03:24 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 03:24 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 03:24 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 03:24 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 03:24 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 03:24 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 03:24 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 03:24 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 03:24 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-16 03:24 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 03:24 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 03:24 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-16 03:24 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 03:24 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-16 03:24 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-16 03:24 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 03:24 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 03:24 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 03:24 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-16 03:24 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-16 03:24 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 03:24 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-16 03:24 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-16 03:24 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 03:24 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 03:24 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 03:24 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 03:24 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-10-16 03:24 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 03:24 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 03:24 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-10-16 03:24 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 03:24 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-10-16 03:24 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 03:24 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 03:24 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 03:24 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 03:24 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-10-16 03:24 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-10-16 03:24 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-10-16 03:24 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 03:24 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 03:24 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-16 03:24 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 03:24 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 03:24 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 03:24 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 03:24 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-10-16 03:24 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 03:24 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 03:24 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-16 03:24 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 03:24 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-10-16 03:06 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 03:06 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 03:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-16 03:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-16 03:06 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-16 03:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 03:06 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-10-16 03:06 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-10-16 03:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-16 03:06 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-16 02:43 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 02:43 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 02:43 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 01:03 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 00:56 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2014-10-16 00:56 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-16 00:24 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 00:24 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-15 23:18 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-15 23:18 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-15 09:52 - 2014-10-16 10:42 - 00000000 ____D () C:\Users\Jorge\AppData\Local\WinZip
2014-10-15 09:52 - 2014-10-15 09:52 - 00002263 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-10-15 09:52 - 2014-10-15 09:52 - 00002257 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-10-15 09:52 - 2014-10-15 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-10-15 09:52 - 2014-10-15 09:52 - 00000000 ____D () C:\Program Files\WinZip
2014-10-15 09:40 - 2014-10-15 09:40 - 00004026 _____ () C:\windows\System32\Tasks\LaunchSignup
2014-10-15 09:27 - 2014-10-15 09:31 - 12353078 _____ () C:\Users\Jorge\Downloads\SERRLHARIA.zip
2014-10-12 07:28 - 2014-10-12 07:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-12 07:28 - 2014-10-12 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-10 18:58 - 2014-10-10 18:58 - 00009138 _____ () C:\Users\Jorge\Desktop\Documents\Contas Jango SET-OUT 14.xlsx
2014-10-10 08:58 - 2014-10-29 11:01 - 00000000 ____D () C:\Users\Jorge\Desktop\Contas correntes OUT 2014
2014-10-08 12:14 - 2014-10-08 12:14 - 00042851 _____ () C:\Users\Jorge\Desktop\FACTURA I10- JORGE CORTE-REAL.xlsx
2014-10-08 08:35 - 2014-10-08 08:37 - 00000000 ____D () C:\Users\Jorge\Downloads\SEPA- Anulação aut. débitos diretos
2014-10-07 17:02 - 2014-06-25 14:58 - 00013786 _____ () C:\Users\Jorge\Desktop\facturação contentores HA-PROST 2103-14.xlsx
2014-10-06 17:03 - 2014-10-06 17:03 - 00129024 _____ () C:\Users\Jorge\Desktop\ADC_PROS.rpt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-02 16:46 - 2013-09-29 22:03 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Skype
2014-11-02 16:42 - 2013-09-29 22:05 - 00001008 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-02 16:15 - 2013-04-23 04:38 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 14:17 - 2013-11-04 15:41 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\cubby
2014-11-02 14:17 - 2013-09-29 22:05 - 00001004 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-02 13:59 - 2013-05-29 19:35 - 01458997 _____ () C:\windows\WindowsUpdate.log
2014-11-02 13:53 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 13:53 - 2009-07-14 05:45 - 00031536 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 13:47 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\inetsrv
2014-11-02 13:46 - 2013-04-23 04:25 - 00000000 ____D () C:\ProgramData\PDFC
2014-11-02 13:45 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-02 13:45 - 2009-07-14 05:51 - 00097764 _____ () C:\windows\setupact.log
2014-11-01 17:37 - 2014-01-08 11:02 - 00000000 ____D () C:\Users\Jorge\Desktop\Proformas 2014
2014-11-01 17:36 - 2013-12-20 18:07 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-31 15:22 - 2013-10-18 19:33 - 00072264 _____ () C:\Users\Jorge\Desktop\caixa Prosteel.xlsx
2014-10-31 15:19 - 2013-10-18 19:33 - 00015867 _____ () C:\Users\Jorge\Desktop\ACAIL.xlsx
2014-10-31 09:14 - 2014-02-17 14:51 - 00031085 _____ () C:\Users\Jorge\Desktop\PROFORMA nº  -2014.xlsx
2014-10-31 09:11 - 2013-10-18 19:33 - 00042418 _____ () C:\Users\Jorge\Desktop\registo proformas.xlsx
2014-10-30 21:24 - 2013-05-29 20:05 - 00000000 ____D () C:\ProgramData\Temp
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-10-29 08:29 - 2014-06-25 08:26 - 00000000 ____D () C:\Users\Jorge\AppData\Local\Adobe
2014-10-29 08:21 - 2013-04-23 04:38 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-10-29 08:20 - 2013-04-23 04:38 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-29 08:20 - 2013-04-23 04:38 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-28 08:43 - 2013-09-29 22:06 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 11:02 - 2013-04-23 02:38 - 00801976 _____ () C:\windows\system32\prfh0816.dat
2014-10-27 11:02 - 2013-04-23 02:38 - 00181720 _____ () C:\windows\system32\prfc0816.dat
2014-10-27 11:02 - 2009-07-14 06:13 - 01869308 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-27 10:42 - 2013-12-24 13:42 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\BitTorrent
2014-10-24 20:02 - 2014-06-24 10:16 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 20:01 - 2014-06-24 10:15 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-24 20:01 - 2014-06-24 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 20:01 - 2014-06-24 10:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-23 09:20 - 2013-11-11 11:42 - 00000000 ____D () C:\Users\Jorge\Desktop\Documents\Youcam
2014-10-18 19:37 - 2013-09-29 22:05 - 00004004 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 19:37 - 2013-09-29 22:05 - 00003752 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 22:18 - 2013-10-18 19:33 - 00000000 ____D () C:\Users\Jorge\Desktop\docs
2014-10-16 16:53 - 2013-09-29 22:02 - 00000000 ____D () C:\Users\Jorge\AppData\Roaming\Adobe
2014-10-16 10:41 - 2013-05-29 20:25 - 00000000 ____D () C:\ProgramData\WinZip
2014-10-16 08:54 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-10-16 07:01 - 2013-09-30 21:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 03:27 - 2009-07-14 05:45 - 00429872 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 03:05 - 2014-05-07 08:43 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 03:04 - 2014-03-20 10:41 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 03:00 - 2014-03-20 10:41 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-15 09:52 - 2013-04-23 04:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-10-13 08:05 - 2009-07-14 06:08 - 00032578 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-10-12 07:28 - 2013-05-29 20:22 - 00000000 ____D () C:\ProgramData\Skype
2014-10-09 18:24 - 2013-10-18 19:33 - 00049520 _____ () C:\Users\Jorge\Desktop\custos AngolaÚltima versão.xlsx
2014-10-08 14:17 - 2014-07-02 10:58 - 00000000 ____D () C:\Users\Jorge\Desktop\Contas corr, fornecedores
2014-10-07 09:06 - 2013-10-18 19:33 - 00000000 ____D () C:\Users\Jorge\Desktop\Desenhos Comerciais
2014-10-06 09:12 - 2014-04-17 08:27 - 00000000 ____D () C:\Users\Jorge\Desktop\efecitividade
2014-10-03 16:35 - 2014-09-27 11:38 - 00010365 _____ () C:\Users\Jorge\Desktop\pintura tubos CCC.xlsx
 
Some content of TEMP:
====================
C:\Users\Jorge\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jorge\AppData\Local\Temp\CloudBackup4460.exe
C:\Users\Jorge\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuitzii.dll
C:\Users\Jorge\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Jorge\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Jorge\AppData\Local\Temp\HPInstaller.exe
C:\Users\Jorge\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jorge\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jorge\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-26 09:01
 
==================== End Of Log ============================
Link to post
Share on other sites

Step 1

I notice that you are using more than one antivirus program.

  • avast! Free Antivirus
  • Microsoft Security Essentials
  • This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please unistall one of them and then reboot your system.

    After reboot, uninstall this program: VideoDownloadConverter Toolbar Chrome Extension

    Step 2

    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Threat Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.
Link to post
Share on other sites

  • 2 months later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.