Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
- Ran by Thaís (administrator) on ANOTHERBRICK on 26-06-2015 17:09:16
- Running from C:\Users\Thaís\Desktop
- Loaded Profiles: Thaís (Available Profiles: Thaís & Emília)
- Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil)
- Internet Explorer Version 10 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
- (AMD) C:\Windows\System32\atiesrxx.exe
- (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
- (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
- (AMD) C:\Windows\System32\atieclxx.exe
- (Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
- (Microsoft Corporation) C:\Windows\System32\rundll32.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
- (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
- (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
- (Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
- (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
- (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
- (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
- (Microsoft Corporation) C:\Windows\System32\rundll32.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
- (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
- (BitTorrent Inc.) C:\Users\Thaís\AppData\Roaming\BitTorrent\BitTorrent.exe
- (Spotify Ltd) C:\Users\Thaís\AppData\Roaming\Spotify\SpotifyWebHelper.exe
- (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
- (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
- (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
- (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
- (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
- (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coNatHst.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Registry (Whitelisted) ==================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2057000 2010-02-18] (Synaptics Incorporated)
- HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-04] (IDT, Inc.)
- HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
- HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
- HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2711576 2014-10-03] (Sony Corporation)
- HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
- HKLM-x32\...\Run: [] => [X]
- Winlogon\Notify\ GbPluginAbn: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2014-11-18] (Banco Real)
- Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2014-11-28] (Caixa Economica Federal)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [BitTorrent] => C:\Users\Thaís\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Spotify Web Helper] => C:\Users\Thaís\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-10] (Spotify Ltd)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Google Update] => C:\Users\Thaís\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-27] (Google Inc.)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Google+ Auto Backup] => C:\Users\Thaís\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [GoogleChromeAutoLaunch_08C5FDF9E323A43CA58AF2869C5E0FD6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Spotify] => C:\Users\Thaís\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-10] (Spotify Ltd)
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2014-06-08]
- ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
- Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-04-09]
- ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
- CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
- BHO: biogDeaal -> {222c3406-7acb-42b7-abcd-0d13a592692b} -> C:\Program Files (x86)\biogDeaal\Y4RyK9UI8jHLXK.x64.dll [2015-06-26] ()
- BHO: baigdeale -> {da74cd3d-7d00-4813-b262-db50d3768fdb} -> C:\Program Files (x86)\baigdeale\avqYjY76vDJ85R.x64.dll [2015-06-26] ()
- BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
- BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
- BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2014-11-28] (Caixa Economica Federal)
- BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll [2014-11-18] (Banco Real)
- Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
- ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1939512 2014-11-18] (Banco Real)
- ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1789792 2014-11-28] (Caixa Economica Federal)
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- FireFox:
- ========
- FF ProfilePath: C:\Users\Thaís\AppData\Roaming\Mozilla\Firefox\Profiles\67eq8z68.default
- FF NetworkProxy: "type", 0
- FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-26] ()
- FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
- FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
- FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
- FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll No File
- FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-26] ()
- FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll No File
- FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
- FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
- FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
- FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
- FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
- FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
- FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Thaís\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-12-23] (Raidcall)
- FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
- FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
- FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Thaís\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
- FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Thaís\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
- FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Thaís\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS)
- FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: gastecnologia.com.br/sf/abn -> C:\Users\Thaís\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [2014-04-07] (GAS Tecnologia)
- FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
- FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn
- FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn [2015-06-26]
- FF HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Thaís\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
- FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Thaís\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2014-06-16]
- FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
- Chrome:
- =======
- CHR dev: Chrome dev build detected! <======= ATTENTION
- CHR Profile: C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (YouTube) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-20]
- CHR Extension: (Google Search) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-20]
- CHR Extension: (No Name) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla [2015-06-26]
- CHR Extension: (Norton Security Toolbar) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-02-20]
- CHR Extension: (Gmail) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-20]
- CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
- CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
- CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
- CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
- ==================== Services (Whitelisted) =================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2253016 2013-10-02] (Broadcom Corporation.)
- R2 fa6789c5; c:\Program Files (x86)\VideoCnv\Zet.dll [3752448 2014-10-26] () [File not signed]
- R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [555320 2014-10-31] (GAS Tecnologia)
- S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
- R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
- R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [485400 2014-10-03] (Sony Corporation)
- R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-04] (IDT, Inc.) [File not signed]
- R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
- S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
- ==================== Drivers (Whitelisted) ====================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-02] (Broadcom Corporation.)
- R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [1648880 2015-06-16] (Symantec Corporation)
- R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)
- R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-28] (Symantec Corporation)
- R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-28] (Symantec Corporation)
- R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20150625.001\IDSvia64.sys [692984 2015-06-20] (Symantec Corporation)
- R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20150626.006\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
- R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20150626.006\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
- R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
- R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
- R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
- R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
- R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
- R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-11] (Symantec Corporation)
- R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
- R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
- R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-09-01] (GAS Tecnologia LTDA)
- S3 VGPU; System32\drivers\rdvgkmd.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-06-26 17:09 - 2015-06-26 17:11 - 00019680 _____ C:\Users\Thaís\Desktop\FRST.txt
- 2015-06-26 17:08 - 2015-06-26 17:09 - 00000000 ____D C:\FRST
- 2015-06-26 17:06 - 2015-06-26 17:07 - 02112512 _____ (Farbar) C:\Users\Thaís\Desktop\FRST64.exe
- 2015-06-26 16:30 - 2015-06-26 16:30 - 00000000 ____D C:\Program Files (x86)\getuitt4CheAper
- 2015-06-26 16:30 - 2015-06-26 16:30 - 00000000 ____D C:\Program Files (x86)\biogDeaal
- 2015-06-26 16:29 - 2015-06-26 16:29 - 00000000 ____D C:\Users\Todos os Usuários\pgjjnnepillpkfikipgdanmmmnejicmd
- 2015-06-26 16:29 - 2015-06-26 16:29 - 00000000 ____D C:\ProgramData\pgjjnnepillpkfikipgdanmmmnejicmd
- 2015-06-26 16:28 - 2015-06-26 16:28 - 00000000 ____D C:\Program Files (x86)\History Calendar
- 2015-06-26 16:28 - 2015-06-26 16:28 - 00000000 ____D C:\Program Files (x86)\baigdeale
- 2015-06-26 16:27 - 2015-06-26 16:27 - 00000000 ____D C:\Users\Todos os Usuários\shopwithme
- 2015-06-26 16:27 - 2015-06-26 16:27 - 00000000 ____D C:\ProgramData\shopwithme
- 2015-06-26 16:26 - 2015-06-26 16:28 - 00000000 ____D C:\Program Files (x86)\bigedeal
- 2015-06-26 16:26 - 2015-06-26 16:27 - 00000000 ____D C:\Program Files (x86)\BrowSe2buY
- 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\Users\Todos os Usuários\rocketsaler
- 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\Users\Todos os Usuários\crazydeal
- 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\ProgramData\rocketsaler
- 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\ProgramData\crazydeal
- 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\Program Files (x86)\jointheshooP
- 2015-06-26 16:25 - 2015-06-26 16:25 - 00000000 ____D C:\Program Files (x86)\The Png Project
- 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\Users\Todos os Usuários\marketcompare
- 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\Users\Todos os Usuários\jointheshop
- 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\ProgramData\marketcompare
- 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\ProgramData\jointheshop
- 2015-06-26 16:23 - 2015-06-26 16:30 - 00000000 ____D C:\Users\Todos os Usuários\13663584757147550952
- 2015-06-26 16:23 - 2015-06-26 16:30 - 00000000 ____D C:\ProgramData\13663584757147550952
- 2015-06-26 16:23 - 2015-06-26 16:25 - 00000000 ____D C:\Program Files (x86)\browSuE2buy
- 2015-06-26 16:23 - 2015-06-26 16:23 - 00000000 ____D C:\Program Files (x86)\Markuetcomparei
- 2015-06-26 16:23 - 2015-06-26 16:23 - 00000000 ____D C:\Program Files (x86)\compaRenbuy
- 2015-06-20 11:55 - 2015-06-20 11:55 - 01599891 _____ C:\Users\Emília\Downloads\1506192004-BD.wmv
- 2015-06-15 18:47 - 2015-06-15 18:47 - 00711168 _____ () C:\Users\Thaís\Downloads\install_flashplayer (1).exe
- 2015-06-14 20:35 - 2015-06-14 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
- 2015-06-14 20:29 - 2015-06-14 20:29 - 15963960 _____ (Last.fm ) C:\Users\Thaís\Downloads\Last.fm-2.1.37.exe
- 2015-06-11 03:23 - 2015-06-11 03:24 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278 (2).MPG
- 2015-06-11 03:23 - 2015-06-11 03:23 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278 (1) (1).MPG
- 2015-06-11 03:22 - 2015-06-11 03:23 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278 (1).MPG
- 2015-06-11 03:22 - 2015-06-11 03:22 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278.MPG
- 2015-06-11 01:06 - 2015-06-11 01:06 - 00000000 ____D C:\Program Files\Common Files\AV
- 2015-06-09 15:04 - 2015-06-09 15:08 - 00023069 ____H C:\Users\Thaís\Downloads\~WRL3648.tmp
- 2015-06-07 14:29 - 2015-06-11 03:51 - 00025461 _____ C:\Users\Thaís\Downloads\amigo secreto.xlsx
- 2015-06-07 14:29 - 2015-06-07 14:29 - 00025110 _____ C:\Users\Thaís\Downloads\amigo secreto (1).xlsx
- 2015-06-05 17:55 - 2015-06-05 17:55 - 00000000 __SHD C:\found.002
- 2015-06-02 22:31 - 2015-06-02 22:33 - 00994304 _____ C:\Users\Thaís\Downloads\install_flashplayer.exe
- 2015-06-02 19:26 - 2015-06-02 21:37 - 00000000 ____D C:\tmp
- 2015-06-02 18:52 - 2015-06-02 18:52 - 00020915 _____ C:\Users\Thaís\Downloads\[kat.cr]the.tallest.man.on.earth.collection.4.albums.torrent
- 2015-06-02 18:42 - 2015-06-02 18:42 - 00012264 _____ C:\Users\Thaís\Downloads\soley_archive.torrent
- 2015-06-02 18:34 - 2015-06-02 18:34 - 00173515 _____ C:\Users\Thaís\Downloads\[kat.cr]junip.junip.2013.eac.log.cue.flac (1).torrent
- 2015-06-02 18:16 - 2015-06-02 18:16 - 07161192 _____ (FLAC To MP3, http://www.FlacMP3.net/ ) C:\Users\Thaís\Downloads\flac2mp3.exe
- 2015-06-02 17:44 - 2015-06-02 19:12 - 00000000 ____D C:\Users\Thaís\Downloads\Tio Chico
- 2015-06-02 17:43 - 2015-06-02 17:43 - 00018578 _____ C:\Users\Thaís\Downloads\[kat.cr]junip.fields.mp3.320.torrent
- 2015-06-02 17:42 - 2015-06-02 17:42 - 00173515 _____ C:\Users\Thaís\Downloads\[kat.cr]junip.junip.2013.eac.log.cue.flac.torrent
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-06-26 17:08 - 2014-04-15 23:29 - 00000000 ____D C:\Users\Thaís\AppData\Roaming\BitTorrent
- 2015-06-26 16:52 - 2014-06-02 21:39 - 00000000 ____D C:\Users\Thaís\AppData\Local\CrashDumps
- 2015-06-26 16:36 - 2014-04-10 10:08 - 01975819 _____ C:\Windows\WindowsUpdate.log
- 2015-06-26 16:35 - 2014-06-16 20:41 - 00000000 ____D C:\Program Files (x86)\GbPlugin
- 2015-06-26 16:34 - 2014-05-03 16:46 - 00000000 ____D C:\Users\Thaís\AppData\Local\Spotify
- 2015-06-26 16:34 - 2014-05-03 16:44 - 00000000 ____D C:\Users\Thaís\AppData\Roaming\Spotify
- 2015-06-26 16:32 - 2015-04-09 10:09 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
- 2015-06-26 16:32 - 2015-02-20 14:20 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2015-06-26 16:32 - 2014-12-31 14:39 - 00012160 _____ C:\Windows\setupact.log
- 2015-06-26 16:32 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
- 2015-06-26 16:31 - 2009-07-14 01:45 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2015-06-26 16:31 - 2009-07-14 01:45 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2015-06-26 16:30 - 2015-03-31 20:40 - 00030960 _____ C:\Users\Thaís\Documents\Livros que tenho.xlsx
- 2015-06-26 16:30 - 2015-02-20 14:20 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2015-06-26 16:30 - 2014-11-18 23:24 - 00000000 ____D C:\Users\Todos os Usuários\bd9ecdf1a038c4e8
- 2015-06-26 16:30 - 2014-11-18 23:24 - 00000000 ____D C:\ProgramData\bd9ecdf1a038c4e8
- 2015-06-26 16:29 - 2015-04-09 10:09 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
- 2015-06-26 16:29 - 2014-04-10 11:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
- 2015-06-26 16:29 - 2014-04-10 11:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
- 2015-06-26 16:18 - 2014-07-27 20:39 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180074193-2118160070-2237393808-1000UA.job
- 2015-06-23 22:40 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
- 2015-06-23 01:18 - 2014-07-27 20:39 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180074193-2118160070-2237393808-1000Core.job
- 2015-06-22 21:37 - 2015-02-20 14:21 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2015-06-22 20:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
- 2015-06-21 12:06 - 2011-04-12 10:40 - 00663804 _____ C:\Windows\system32\prfh0416.dat
- 2015-06-21 12:06 - 2011-04-12 10:40 - 00128094 _____ C:\Windows\system32\prfc0416.dat
- 2015-06-21 12:06 - 2009-07-14 02:13 - 01517030 _____ C:\Windows\system32\PerfStringBackup.INI
- 2015-06-21 11:45 - 2015-05-23 10:41 - 00000000 ____D C:\Users\Emília\Desktop\Chico
- 2015-06-20 17:45 - 2010-11-21 00:47 - 00047630 _____ C:\Windows\PFRO.log
- 2015-06-20 15:10 - 2015-05-23 10:53 - 00000000 ____D C:\Users\Emília\AppData\Roaming\Foxit Software
- 2015-06-18 02:48 - 2014-06-22 16:42 - 00000000 ____D C:\Program Files (x86)\SoulseekQt
- 2015-06-14 20:35 - 2014-11-29 17:25 - 00001047 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
- 2015-06-14 20:35 - 2014-05-03 16:31 - 00000000 ____D C:\Program Files (x86)\Last.fm
- 2015-06-13 10:52 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
- 2015-06-11 01:10 - 2014-12-17 13:44 - 00000000 ____D C:\Users\Thaís\Desktop\fotos mama~e
- 2015-06-02 18:34 - 2015-03-18 00:35 - 00000000 ____D C:\Users\Thaís\Downloads\Radical Face - The Family Tree - The Branches (2013) [FLAC]
- 2015-06-02 18:34 - 2015-03-18 00:34 - 00000000 ____D C:\Users\Thaís\Downloads\Radical Face - Ghost (2006) [FLAC]
- 2015-06-02 18:34 - 2015-03-10 17:36 - 00000000 ____D C:\Users\Thaís\Downloads\04 - Convoque seu Buda (2014)
- ==================== Files in the root of some directories =======
- 2013-02-07 09:22 - 2013-02-07 09:22 - 0050330 _____ () C:\Program Files (x86)\AntiDust.exe
- 2014-11-20 18:24 - 2014-12-17 23:01 - 0000004 _____ () C:\Users\Thaís\AppData\Roaming\appdataFr2.bin
- 2014-06-15 16:07 - 2014-06-16 20:41 - 0049014 _____ () C:\Users\Thaís\AppData\Roaming\unins000.dat
- 2014-06-16 20:41 - 2014-06-16 20:40 - 0811218 _____ () C:\Users\Thaís\AppData\Roaming\unins000.exe
- 2014-05-06 22:46 - 2014-05-06 22:46 - 0000057 _____ () C:\ProgramData\Ament.ini
- Some files in TEMP:
- ====================
- C:\Users\Emília\AppData\Local\Temp\Foxit Reader Updater.exe
- C:\Users\Thaís\AppData\Local\Temp\jre-8u31-windows-au.exe
- C:\Users\Thaís\AppData\Local\Temp\ose00000.exe
- C:\Users\Thaís\AppData\Local\Temp\Quarantine.exe
- C:\Users\Thaís\AppData\Local\Temp\sqlite3.dll
- ==================== Bamital & volsnap Check =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\System32\winlogon.exe => File is digitally signed
- C:\Windows\System32\wininit.exe => File is digitally signed
- C:\Windows\SysWOW64\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\System32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\System32\services.exe => File is digitally signed
- C:\Windows\System32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\System32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\System32\rpcss.dll => File is digitally signed
- C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2015-06-08 18:38
- ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement