It's been a week my laptop has been showing some pop-ups on any website I visit and I can't fix it. On top of that, it has become considerably slow. Here are my FRST64 logs! Thanks in advance.
P.S I had do deactivate my Norton anti-virus to run the FRST64.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Marcelo Almeida (administrator) on MARCELO on 15-11-2014 11:50:12
Running from C:\Users\Marcelo Almeida\Desktop
Loaded Profile: Marcelo Almeida (Available profiles: Marcelo Almeida)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BHipsSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\bavhm.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Start Savin\FrameworkEngine.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files (x86)\Start Savin\FrameworkEngine.exe
() C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
() C:\Program Files (x86)\AppEnable\updateAppEnable.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Dropbox, Inc.) C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe
() C:\Program Files (x86)\AppEnable\bin\AppEnable.PurBrowse64.exe
() C:\Program Files (x86)\AppEnable\bin\AppEnable.BrowserAdapter.exe
() C:\Program Files (x86)\AppEnable\bin\AppEnable.BrowserAdapter64.exe
() C:\Program Files (x86)\AppEnable\bin\AppEnable.BOASHelper.exe
() C:\Program Files (x86)\AppEnable\bin\AppEnable.BOASPRT.exe
() C:\Program Files (x86)\AppEnable\bin\AppEnable.BOAS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavTray.exe [1683304 2014-08-21] (Baidu, Inc.)
HKLM-x32\...\RunOnce: [Start Savin-repairJob] => wscript.exe "C:\Users\Marcelo Almeida\AppData\Local\Start Savin\repair.js" "Start Savin-repairJob"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3161253163-2864934560-918969146-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3161253163-2864934560-918969146-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3161253163-2864934560-918969146-1001\...\MountPoints2: {0cb30354-50cc-11e4-82c2-5c514f76d7bf} - "D:\LGAutoRun.exe"
HKU\S-1-5-21-3161253163-2864934560-918969146-1001\...\MountPoints2: {f6f29572-7ad4-11e3-8258-5c514f76d7bf} - "D:\LGAutoRun.exe"
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs: C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll => C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Marcelo Almeida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavShx64.dll (Baidu, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =21.6.0.32
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
SearchScopes: HKLM - DefaultScope {B0FB88A0-7C41-452B-B361-7CC27ECC7380} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM - {B0FB88A0-7C41-452B-B361-7CC27ECC7380} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - DefaultScope {B0FB88A0-7C41-452B-B361-7CC27ECC7380} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {B0FB88A0-7C41-452B-B361-7CC27ECC7380} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKCU - DefaultScope {B0FB88A0-7C41-452B-B361-7CC27ECC7380} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKCU - {B0FB88A0-7C41-452B-B361-7CC27ECC7380} URL =
BHO: Start Savin BHO -> {181F2C09-56DD-4F98-86D7-59BA2BC59B5A} -> C:\Program Files (x86)\Start Savin\FrameworkBHO64.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Start Savin BHO -> {181F2C09-56DD-4F98-86D7-59BA2BC59B5A} -> C:\Program Files (x86)\Start Savin\FrameworkBHO.dll ()
BHO-x32: AppEnable -> {23d4646c-263a-4e2d-a08c-6c704557973d} -> C:\Program Files (x86)\AppEnable\AppEnablebho.dll (AppEnable)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Hosts: 54.204.28.26 imfpmncmbojnbdhnogcegojocabhpbnh
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.0.100\IPSFF [2014-01-12]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-08]
CHR Extension: (Google Drive) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-08]
CHR Extension: (YouTube) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-08]
CHR Extension: (Pesquisa do Google) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-08]
CHR Extension: (AppEnable) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcejkfffdheooipdonddmccfmldmjbgb [2014-11-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-09]
CHR Extension: (Google Wallet) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]
CHR Extension: (Gmail) - C:\Users\Marcelo Almeida\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BAVSvc; C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BAVSvc.exe [2030544 2014-08-21] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BHipsSvc.exe [469144 2014-08-21] (Baidu, Inc.)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [435088 2013-07-02] (Nuance Communications, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-11] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MaintainerSvc4.00.5030318; C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe [123632 2014-11-13] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 Update AppEnable; C:\Program Files (x86)\AppEnable\updateAppEnable.exe [525552 2014-11-15] ()
R2 Util AppEnable; C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe [525552 2014-11-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
S2 Update WiseEnhance; "C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U3 BdApiUtil; C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BdApiUtil64.sys [148288 2014-08-21] (Baidu, Inc.)
U3 BdCameraProtect; C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BdCameraProtect64.sys [24704 2014-05-27] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [56640 2014-05-27] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [37696 2014-05-27] (Baidu, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [91616 2014-05-27] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [70912 2014-06-12] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [144960 2014-06-13] (Baidu, Inc.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [23368 2013-08-06] (ELAN Microelectronic Corp.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\IPSDefs\20141112.001\IDSvia64.sys [633560 2014-10-29] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 LgBttPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\drivers\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\system32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\VirusDefs\20141112.037\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\VirusDefs\20141112.037\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-26] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R1 {55bbc577-fb0b-4e77-8a51-e033716a9ead}Gw64; C:\Windows\System32\drivers\{55bbc577-fb0b-4e77-8a51-e033716a9ead}Gw64.sys [48776 2014-11-15] (StdLib)
R1 {60795004-05ce-4992-8494-ff332d4bc1e6}Gw64; C:\Windows\System32\drivers\{60795004-05ce-4992-8494-ff332d4bc1e6}Gw64.sys [48776 2014-11-09] (StdLib)
R1 {c5db642e-a4dc-48dc-a9f5-088bcf85b719}Gw64; C:\Windows\System32\drivers\{c5db642e-a4dc-48dc-a9f5-088bcf85b719}Gw64.sys [48776 2014-11-11] (StdLib)
S3 usbbus; \SystemRoot\System32\drivers\lgx64bus.sys [X]
S3 UsbDiag; \SystemRoot\system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; \SystemRoot\system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 11:50 - 2014-11-15 11:50 - 00024992 _____ () C:\Users\Marcelo Almeida\Desktop\FRST.txt
2014-11-15 11:49 - 2014-11-15 11:50 - 00000000 ____D () C:\FRST
2014-11-15 11:49 - 2014-11-15 11:49 - 02116608 _____ (Farbar) C:\Users\Marcelo Almeida\Desktop\FRST64.exe
2014-11-15 11:42 - 2014-11-15 02:32 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{55bbc577-fb0b-4e77-8a51-e033716a9ead}Gw64.sys
2014-11-12 10:09 - 2014-10-23 02:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 10:09 - 2014-10-23 02:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 03:43 - 2014-11-11 20:34 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{c5db642e-a4dc-48dc-a9f5-088bcf85b719}Gw64.sys
2014-11-11 23:42 - 2014-11-11 23:42 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-11-10 02:51 - 2014-11-13 18:51 - 00000000 ____D () C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009
2014-11-10 02:21 - 2014-11-09 16:32 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{60795004-05ce-4992-8494-ff332d4bc1e6}Gw64.sys
2014-11-09 22:35 - 2014-11-09 22:35 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2014-11-09 22:35 - 2014-11-09 22:35 - 00001149 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2014-11-09 22:35 - 2014-11-09 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2014-11-09 22:33 - 2014-11-09 22:38 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Roaming\BSplayer
2014-11-09 22:33 - 2014-11-09 22:33 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Roaming\BSplayer Pro
2014-11-09 22:33 - 2014-11-09 22:33 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-11-09 22:30 - 2014-11-09 22:30 - 00000009 _____ () C:\END
2014-11-09 22:29 - 2014-11-09 22:29 - 00771576 _____ (© 2014 ClientConnect Ltd.) C:\Users\Marcelo Almeida\Downloads\bsplayer267.1076.exe
2014-11-09 22:28 - 2014-11-09 22:28 - 00003544 _____ () C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2014-11-09 22:28 - 2014-11-09 22:28 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Roaming\Baidu
2014-11-09 22:28 - 2014-11-09 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-11-09 22:28 - 2014-11-09 22:28 - 00000000 ____D () C:\ProgramData\Baidu Security
2014-11-09 22:28 - 2014-11-09 22:28 - 00000000 ____D () C:\ProgramData\baidu
2014-11-09 22:28 - 2014-11-09 22:28 - 00000000 ____D () C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804
2014-11-09 22:28 - 2014-06-13 07:03 - 00144960 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bprotect.sys
2014-11-09 22:28 - 2014-06-12 23:11 - 00070912 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\bndef64.sys
2014-11-09 22:28 - 2014-05-27 03:19 - 00091616 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\bnbasex64.sys
2014-11-09 22:28 - 2014-05-27 03:19 - 00056640 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfilter.sys
2014-11-09 22:28 - 2014-05-27 03:19 - 00037696 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bfmon.sys
2014-11-09 22:21 - 2014-11-11 23:39 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-11-09 22:20 - 2014-11-15 11:46 - 00000000 ____D () C:\Program Files (x86)\AppEnable
2014-11-09 22:20 - 2014-11-09 22:20 - 24743106 _____ () C:\Users\Marcelo Almeida\Downloads\vlc-media-player-2-1-5-32-bits [1].exe
2014-11-09 22:20 - 2014-11-09 22:20 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2014-11-02 16:09 - 2014-11-02 16:09 - 00755891 _____ (Centro de Seleção e de Promoção de Eventos - CESPE\UNB ) C:\Users\Marcelo Almeida\Downloads\setup_CESPE (1).exe
2014-11-02 16:09 - 2014-11-02 16:09 - 00001280 _____ () C:\Users\Public\Desktop\CESPE - Autenticação Externa.lnk
2014-10-30 13:19 - 2014-09-03 20:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-30 13:19 - 2014-09-03 20:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-30 13:10 - 2014-09-03 21:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-30 11:10 - 2014-08-16 01:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-30 11:10 - 2014-08-16 01:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-30 11:10 - 2014-08-16 01:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-30 11:10 - 2014-08-16 00:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-30 11:10 - 2014-08-16 00:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-30 11:10 - 2014-08-16 00:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-30 11:10 - 2014-08-16 00:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-30 11:10 - 2014-08-16 00:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-30 11:10 - 2014-08-16 00:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-30 11:10 - 2014-08-15 22:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-30 11:10 - 2014-08-15 22:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-30 11:10 - 2014-08-15 21:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-30 11:10 - 2014-08-15 21:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-30 11:10 - 2014-08-15 21:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-30 11:10 - 2014-08-15 21:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-30 11:10 - 2014-08-15 21:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-30 11:10 - 2014-08-15 21:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-30 11:10 - 2014-08-15 21:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-30 11:10 - 2014-08-15 21:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-30 11:10 - 2014-08-15 21:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-30 11:10 - 2014-08-15 21:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-30 11:10 - 2014-08-15 21:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-30 11:10 - 2014-08-15 21:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-30 11:10 - 2014-08-15 21:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-30 11:10 - 2014-08-15 21:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-30 11:10 - 2014-08-15 21:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-30 11:10 - 2014-08-15 21:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-30 11:10 - 2014-08-15 21:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-30 11:10 - 2014-08-15 21:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-30 11:10 - 2014-08-15 21:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-30 11:10 - 2014-08-15 21:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-30 11:10 - 2014-08-15 21:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-30 11:10 - 2014-08-15 21:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-30 11:10 - 2014-08-15 21:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-30 11:10 - 2014-07-31 20:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-30 08:33 - 2014-09-27 19:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-30 08:33 - 2014-09-25 19:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-30 08:33 - 2014-09-25 19:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-30 08:33 - 2014-09-25 19:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-30 08:33 - 2014-09-25 19:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-30 08:33 - 2014-09-25 19:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-30 08:33 - 2014-09-25 19:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-30 08:33 - 2014-09-18 23:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-30 08:33 - 2014-09-18 22:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-30 08:33 - 2014-09-18 22:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-30 08:33 - 2014-09-18 22:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-30 08:33 - 2014-09-18 22:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-30 08:33 - 2014-09-18 22:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-30 08:33 - 2014-09-18 22:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-30 08:33 - 2014-09-18 22:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-30 08:33 - 2014-09-18 22:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-30 08:33 - 2014-09-18 22:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-30 08:33 - 2014-09-18 21:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-30 08:33 - 2014-09-18 21:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-30 08:33 - 2014-09-18 21:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-30 08:33 - 2014-09-18 21:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-30 08:33 - 2014-09-18 21:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-30 08:33 - 2014-09-18 21:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-30 08:33 - 2014-09-18 21:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-30 08:33 - 2014-09-18 21:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-30 08:33 - 2014-09-18 21:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-30 08:33 - 2014-09-18 21:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-30 08:33 - 2014-09-18 20:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-30 08:33 - 2014-09-18 20:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-30 08:33 - 2014-09-18 20:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-30 08:33 - 2014-09-18 20:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-30 08:33 - 2014-09-08 00:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-30 08:33 - 2014-09-07 22:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-30 08:33 - 2014-09-07 22:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-30 08:33 - 2014-09-07 21:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-30 08:33 - 2014-09-07 21:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-30 08:33 - 2014-09-07 21:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-30 08:33 - 2014-09-07 21:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-30 08:33 - 2014-09-07 21:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-30 08:33 - 2014-09-07 21:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-30 08:33 - 2014-09-07 21:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-30 08:33 - 2014-09-07 20:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-30 08:33 - 2014-09-07 20:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-30 08:33 - 2014-09-07 20:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-30 08:33 - 2014-09-07 20:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-30 08:32 - 2014-09-03 21:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-30 08:32 - 2014-09-03 21:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-30 08:30 - 2014-10-09 19:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-30 08:30 - 2014-10-08 19:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-30 08:30 - 2014-09-18 22:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-30 08:30 - 2014-09-13 03:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-30 08:30 - 2014-09-13 02:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-30 08:30 - 2014-08-28 22:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-30 08:30 - 2014-08-28 20:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-30 08:30 - 2014-08-28 20:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-29 13:42 - 2014-11-02 16:25 - 00000000 ____D () C:\Program Files (x86)\CESPE - Autenticação Externa
2014-10-29 13:42 - 2014-11-02 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CESPE - Autenticação Externa
2014-10-29 13:42 - 2014-10-29 13:42 - 00755891 _____ (Centro de Seleção e de Promoção de Eventos - CESPE\UNB ) C:\Users\Marcelo Almeida\Downloads\setup_CESPE.exe
2014-10-29 13:38 - 2014-10-29 13:39 - 50449456 _____ (Microsoft Corporation) C:\Users\Marcelo Almeida\Downloads\dotNetFx40_Full_x86_x64.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 11:50 - 2014-01-11 12:39 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3161253163-2864934560-918969146-1001
2014-11-15 11:49 - 2013-10-24 06:42 - 01337311 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 11:49 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-11-15 11:47 - 2013-08-22 12:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-15 11:46 - 2014-01-11 12:48 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{162B34B6-BB77-4F3D-BC63-1F166E60BDAC}
2014-11-15 11:46 - 2013-10-24 06:51 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 11:46 - 2013-08-22 10:25 - 00000269 _____ () C:\Windows\win.ini
2014-11-15 11:45 - 2014-02-06 03:40 - 00000000 ___RD () C:\Users\Marcelo Almeida\Dropbox
2014-11-15 11:45 - 2014-02-06 03:38 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox
2014-11-15 11:44 - 2014-02-06 03:39 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 11:42 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\system32\sru
2014-11-13 02:32 - 2014-04-29 14:16 - 00000380 _____ () C:\Windows\Tasks\bench-S-1-5-21-3161253163-2864934560-918969146-1001.job
2014-11-12 16:46 - 2013-10-24 06:51 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 16:41 - 2013-10-24 06:51 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 16:41 - 2013-10-24 06:51 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-11 23:47 - 2013-09-16 01:15 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-11 23:44 - 2013-08-22 10:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-11-11 23:42 - 2014-01-13 17:07 - 00000000 ___RD () C:\Users\Marcelo Almeida\Google Drive
2014-11-11 23:42 - 2014-01-11 13:18 - 00000000 ___DO () C:\Users\Marcelo Almeida\SkyDrive
2014-11-11 23:42 - 2013-10-24 06:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-11 23:42 - 2013-08-22 11:46 - 00043972 _____ () C:\Windows\setupact.log
2014-11-11 23:42 - 2013-08-22 11:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-11 23:41 - 2013-09-16 01:04 - 00021976 _____ () C:\Windows\PFRO.log
2014-11-11 23:41 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-11-11 23:41 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\FileManager
2014-11-11 23:41 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\Camera
2014-11-11 23:41 - 2013-08-22 10:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-11-11 22:12 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\rescache
2014-11-11 15:25 - 2014-04-29 14:16 - 00000380 _____ () C:\Windows\Tasks\bench-sys.job
2014-11-11 06:36 - 2013-08-22 12:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-09 22:48 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-06 14:39 - 2013-10-24 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-03 02:02 - 2014-04-29 14:16 - 00003250 _____ () C:\Windows\System32\Tasks\bench-sys
2014-11-03 02:02 - 2014-04-29 14:16 - 00003248 _____ () C:\Windows\System32\Tasks\bench-S-1-5-21-3161253163-2864934560-918969146-1001
2014-11-03 02:02 - 2014-04-29 14:16 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Local\Start Savin
2014-11-02 16:41 - 2014-04-27 02:34 - 00000000 ____D () C:\temp
2014-11-02 16:25 - 2013-08-22 11:44 - 00481968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-02 16:24 - 2014-07-10 19:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-02 16:24 - 2013-08-22 12:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-02 16:24 - 2013-08-22 12:36 - 00000000 ____D () C:\Windows\WinStore
2014-11-02 16:23 - 2014-01-18 01:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-02 16:19 - 2014-01-18 01:28 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-02 16:11 - 2014-02-10 19:30 - 00000000 ____D () C:\Users\Marcelo Almeida\AppData\Local\CrashDumps
2014-10-29 21:55 - 2013-08-22 12:38 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-29 21:55 - 2013-08-22 12:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-29 17:00 - 2014-01-11 12:34 - 00000000 ____D () C:\Users\Marcelo Almeida
Some content of TEMP:
====================
C:\Users\Marcelo Almeida\AppData\Local\Temp\dlLogic.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\dltr.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_ja2fv.dll
C:\Users\Marcelo Almeida\AppData\Local\Temp\file_to_run55131.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\GCVerifier.dll
C:\Users\Marcelo Almeida\AppData\Local\Temp\lowproc.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\stubhelper.dll
C:\Users\Marcelo Almeida\AppData\Local\Temp\vcredist9_x86.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\verifier.exe
C:\Users\Marcelo Almeida\AppData\Local\Temp\wmfdist.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-11 21:32
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Marcelo Almeida at 2014-11-15 11:50:42
Running from C:\Users\Marcelo Almeida\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Connect Add-in (HKU\S-1-5-21-3161253163-2864934560-918969146-1001\...\Adobe Connect Add-in) (Version: - )
Adobe Reader XI (11.0.09) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AppEnable (HKLM\...\AppEnable) (Version: 2014.11.09.202144 - AppEnable) <==== ATTENTION
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 4.4.4.82804 - Baidu, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
CESPE - Autenticação Externa versão 1.0 (HKLM-x32\...\{7D44DD33-0C65-48E3-8F05-3198A78949FE}_is1) (Version: 1.0 - Centro de Seleção e de Promoção de Eventos - CESPE\UNB)
Dragon Assistant Application en-US version 1.5.11 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service version 1.1.12 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.12 - Nuance Communications, Inc.)
Dragon Assistant Installer version 1.5.11 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Language Data en-US version 1.1.4 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.4 - Nuance Communications, Inc.)
Dropbox (HKU\S-1-5-21-3161253163-2864934560-918969146-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
ETDWare PS/2_SMBus-X64 11.8.13.3_WHQL (HKLM\...\Elantech) (Version: 11.8.13.3 - ELAN Microelectronic Corp.)
Genesys Logic USB2.0 Card Reader (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{38561F82-2984-4C99-ADD7-D1166BC3D552}) (Version: 3.0.1335.05 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{72814a2c-2e03-4a50-b30a-43e7884b3934}) (Version: 16.5.1 - Intel Corporation)
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.80.20121017 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LG USB Modem Drivers (HKLM-x32\...\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}) (Version: 4.9.7 - LG Electronics)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Prezi (HKLM-x32\...\{BD44409B-A691-4B97-B33D-F07E1DE791F3}) (Version: 5.1.1 - Prezi.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7026 - Realtek Semiconductor Corp.)
Start Savin (HKLM-x32\...\35450_Start Savin) (Version: 1.0 - Gratifying Apps)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.1C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.9C - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.20 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3161253163-2864934560-918969146-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
10-10-2014 22:25:13 Installed LG USB Modem Drivers.
30-10-2014 13:48:49 Windows Update
02-11-2014 19:18:42 Windows Update
12-11-2014 00:32:47 Windows Update
15-11-2014 14:42:46 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 10:25 - 2014-11-03 02:02 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
54.204.28.26 imfpmncmbojnbdhnogcegojocabhpbnh
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {07EE3E0D-D07A-4F52-928B-AD85532C847C} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {56B67DC6-CF1D-47FC-BBF1-237B11CA0C80} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-23] (Realtek Semiconductor)
Task: {70CEB282-A3AF-4431-BD39-D836056C1FF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-24] (Google Inc.)
Task: {72607300-DB12-4A4D-95C7-7E15B5328D92} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {8246F48F-42C9-4D53-A8E6-75BCC85B32C5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3161253163-2864934560-918969146-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {83AA8F3E-EF4F-4CB1-A013-C6C1FAD9F5B7} - System32\Tasks\bench-S-1-5-21-3161253163-2864934560-918969146-1001 => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-04-04] () <==== ATTENTION
Task: {8AF60CDF-1A56-4B61-A79C-861CB0A2AC6B} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-04-04] () <==== ATTENTION
Task: {9599A92B-7FF4-491F-8513-D9CA620A9ED5} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)
Task: {982DB6E9-6012-4C9A-BF7E-87A044876570} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3161253163-2864934560-918969146-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {A107E28D-9420-4896-8779-2FFF096AF708} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {A7692323-0198-498D-8A62-C5467DDD519C} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C7562E6A-51EF-4B07-ABEA-0CA2AD35374A} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {D334887D-61F8-40A1-A418-915AF6F5CB08} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {D89F52ED-FA8B-4CAD-BFC6-9D68A67104FB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-02] (Microsoft Corporation)
Task: {E386E6E2-DBD7-49ED-96E7-547804C385F2} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe <==== ATTENTION
Task: {E4F9B634-D3C1-4DF5-A5D5-E59516345010} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {EEEF2CF9-65B5-4F0F-AF24-9615246587D4} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-08] ()
Task: {F2CC6F42-A4CA-4BB5-A49C-E75B9424BE18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-24] (Google Inc.)
Task: C:\Windows\Tasks\bench-S-1-5-21-3161253163-2864934560-918969146-1001.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-10 16:54 - 2013-09-10 16:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-08-12 23:06 - 2013-08-12 23:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-12 23:06 - 2013-08-12 23:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-12 23:06 - 2013-08-12 23:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2010-01-30 07:40 - 2010-01-30 07:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-25 02:38 - 2010-03-25 02:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-01 18:24 - 2013-08-01 18:24 - 00438112 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2013-10-24 06:44 - 2013-08-08 23:08 - 00065536 _____ () C:\Windows\SysWOW64\UMonit64.exe
2014-11-03 01:18 - 2014-11-03 01:18 - 00264024 _____ () C:\Program Files (x86)\Start Savin\FrameworkEngine.exe
2013-08-22 04:19 - 2013-08-22 03:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 04:19 - 2013-08-22 03:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 04:19 - 2013-08-22 03:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-11-09 23:35 - 2014-11-13 18:51 - 00123632 _____ () C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
2014-11-09 17:25 - 2014-11-15 11:43 - 00525552 _____ () C:\Program Files (x86)\AppEnable\updateAppEnable.exe
2014-11-10 02:20 - 2014-11-15 11:46 - 00525552 _____ () C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe
2014-11-10 02:21 - 2014-11-15 02:32 - 00353008 _____ () C:\Program Files (x86)\AppEnable\bin\AppEnable.PurBrowse64.exe
2014-11-10 02:21 - 2014-11-15 07:31 - 00098544 _____ () C:\Program Files (x86)\AppEnable\bin\AppEnable.BrowserAdapter.exe
2014-11-10 02:21 - 2014-11-15 07:31 - 00114928 _____ () C:\Program Files (x86)\AppEnable\bin\AppEnable.BrowserAdapter64.exe
2014-11-15 11:49 - 2014-11-13 20:25 - 01649904 _____ () C:\Program Files (x86)\AppEnable\bin\AppEnable.BOASHelper.exe
2014-11-15 11:49 - 2014-11-13 20:25 - 01786608 _____ () C:\Program Files (x86)\AppEnable\bin\AppEnable.BOASPRT.exe
2014-11-15 11:49 - 2014-11-13 20:25 - 01791216 _____ () C:\Program Files (x86)\AppEnable\bin\AppEnable.BOAS.exe
2014-11-09 22:28 - 2014-08-21 23:46 - 00208744 _____ () C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\BavDllFilter.dll
2014-11-09 22:28 - 2014-08-21 23:45 - 00541032 _____ () C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\sqlite.dll
2013-10-24 06:50 - 2013-07-02 18:30 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2013-10-24 06:50 - 2013-07-02 18:30 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2013-10-24 06:50 - 2013-07-02 18:30 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2013-10-24 06:50 - 2013-07-02 18:30 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2013-10-24 06:50 - 2013-07-02 18:30 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2013-10-24 06:50 - 2013-07-02 18:30 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2013-10-24 06:50 - 2013-07-02 18:29 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2014-11-11 23:42 - 2014-11-11 23:42 - 00098816 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32api.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00110080 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\pywintypes27.dll
2014-11-11 23:42 - 2014-11-11 23:42 - 00364544 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\pythoncom27.dll
2014-11-11 23:42 - 2014-11-11 23:42 - 00045568 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\_socket.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 01160704 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\_ssl.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00320512 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32com.shell.shell.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00713216 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\_hashlib.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 01175040 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._core_.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00805888 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._gdi_.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00811008 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._windows_.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 01062400 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._controls_.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00735232 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._misc_.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00128512 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\_elementtree.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00127488 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\pyexpat.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00557056 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\pysqlite2._sqlite.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00087552 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\_ctypes.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00119808 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32file.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00108544 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32security.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00007168 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\hashobjs_ext.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00167936 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32gui.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00018432 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32event.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00038912 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32inet.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00011264 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32crypt.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00070656 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._html2.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00027136 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\_multiprocessing.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00035840 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32process.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00686080 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\unicodedata.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00122368 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._wizard.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00024064 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32pipe.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00025600 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32pdh.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00525640 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\windows._lib_cacheinvalidation.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00010240 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\select.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00017408 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32profile.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00022528 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\win32ts.pyd
2014-11-11 23:42 - 2014-11-11 23:42 - 00078336 _____ () C:\Users\Marcelo Almeida\AppData\Local\Temp\_MEI60562\wx._animate.pyd
2013-10-24 06:30 - 2013-09-03 20:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-03 01:18 - 2014-11-03 01:18 - 00356584 _____ () C:\Program Files (x86)\Start Savin\FrameworkBHO.dll
2014-11-15 11:45 - 2014-11-15 11:45 - 00043008 _____ () c:\Users\Marcelo Almeida\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_ja2fv.dll
2013-08-23 16:01 - 2013-08-23 16:01 - 25100288 _____ () C:\Users\Marcelo Almeida\AppData\Roaming\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Marcelo Almeida\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3161253163-2864934560-918969146-500 - Administrator - Disabled)
Guest (S-1-5-21-3161253163-2864934560-918969146-501 - Limited - Disabled)
Marcelo Almeida (S-1-5-21-3161253163-2864934560-918969146-1001 - Administrator - Enabled) => C:\Users\Marcelo Almeida
==================== Faulty Device Manager Devices =============
Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2014 11:06:55 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/12/2014 06:49:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/12/2014 00:27:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17344, time stamp: 0x541b6f63
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x2554
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (11/11/2014 11:42:38 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (11/11/2014 10:02:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume System was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (11/11/2014 09:45:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/08/2014 08:00:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/07/2014 10:14:08 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/06/2014 05:48:49 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/05/2014 02:54:44 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
System errors:
=============
Error: (11/15/2014 11:49:04 AM) (Source: DCOM) (EventID: 10016) (User: MARCELO)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MarceloMarcelo AlmeidaS-1-5-21-3161253163-2864934560-918969146-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (11/13/2014 06:57:25 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
Error: (11/12/2014 04:41:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
Error: (11/12/2014 10:06:36 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
Error: (11/11/2014 11:42:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update WiseEnhance service failed to start due to the following error:
%%2
Error: (11/11/2014 11:25:48 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (11/09/2014 10:28:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Baidu Hips Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (11/09/2014 10:28:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Baidu Antivirus Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (11/02/2014 04:25:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update WiseEnhance service failed to start due to the following error:
%%2
Error: (11/02/2014 04:23:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB2998174).
Microsoft Office Sessions:
=========================
Error: (11/12/2014 11:06:55 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/12/2014 06:49:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/12/2014 00:27:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17344541b6f63ntdll.dll6.3.9600.1727853eeb4a3c0000374000debd8255401cffe26799acca2C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dllc7d5f128-6a1b-11e4-82cb-5c514f76d7bf
Error: (11/11/2014 11:42:38 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)
Error: (11/11/2014 10:02:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: SystemThe parameter is incorrect. (0x80070057)
Error: (11/11/2014 09:45:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/08/2014 08:00:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/07/2014 10:14:08 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/06/2014 05:48:49 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/05/2014 02:54:44 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
CodeIntegrity Errors:
===================================
Date: 2014-04-25 22:07:46.014
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 22:07:45.951
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 21:30:05.260
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 21:30:05.182
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 21:25:09.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 21:25:09.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 20:39:23.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-25 20:39:23.673
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 47%
Total physical RAM: 6057.09 MB
Available physical RAM: 3198.54 MB
Total Pagefile: 7209.09 MB
Available Pagefile: 3727.46 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (TI10676500D) (Fixed) (Total:688.38 GB) (Free:623.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 11.2 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================