[Resolvido] Após a autenticação do usuário apresenta tela preta

Eduardo Moreira dos Santos · Janeiro 15, 2015

O computador liga normalmente, carrega a tela de login dos usuários cadastrados, porém após a autenticação não aparece a área de trabalho, aparece apenas uma tela preta e fica com o cursor rodando. Se aperto ctrl + alt + del, aparece normalmente a tela com as opções de bloquear o computador, trocar de usuário, alterar senha, iniciar o gerenciador de tarefas, entre outras.

Segue o log do hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:40:40, on 15/01/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

Boot mode: Normal

Running processes:

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll

O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\Run: [soundTouch Music Server] "C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000001" /M "L355 Series"

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5067CAB4F02DB410F3160A138613072A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Enviar para Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Enviar para Dispositivo &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O17 - HKLM\System\CCS\Services\Tcpip\..\{E018D7A9-43FB-4DF9-8760-A0A42D090F7E}: NameServer = 200.175.5.139,200.175.182.139

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Panda Antivirus Pro 2015 Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 16610 bytes

:sick:

DigRam · Janeiro 16, 2015

/!\ Bom Dia! Eduardo Moreira dos Santos /!\

> Seus problemas,aparentemente,não estão associados à malwares.

> Baixe: <

> ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< Farbar Recovery Scan Tool 64-Bit >

> No link àcima,é para sistemas 64bits!

> Salve-o no desktop! (Área de trabalho ...)

> Execute a ferramenta! Clique "Yes" >> "Scan".

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.

> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".

> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

> Poste os relatórios! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à

>

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

A+

Eduardo Moreira dos Santos · Janeiro 24, 2015

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01

Ran by Eduardo (administrator) on PAISNB on 24-01-2015 18:25:22

Running from C:\Users\Eduardo\Desktop

Loaded Profiles: Eduardo (Available profiles: Eduardo & Andréa & Vitor & Arthur)

Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: Português (Brasil)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe

(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe

(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE

(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe

(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe

(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe

(SEIKO EPSON CORPORATION) C:\WINDOWS\System32\spool\drivers\x64\3\E_YATII4E.EXE

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

(Bose Corporation) C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

() C:\Program Files (x86)\Google\Update\Install\{7A6177DB-61AA-4A47-BCFD-C39E6C53744D}\40.0.2214.91_39.0.2171.95_chrome_updater.exe

(Google Inc.) C:\WINDOWS\Temp\CR_7F3F0.tmp\setup.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Microsoft Corporation) C:\Program Files\Zune\ZuneNss.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [305664 2009-01-23] (Alps Electric Co., Ltd.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)

HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)

HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)

HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)

HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [494064 2009-06-18] ()

HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [soundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch music server.exe [1323008 2014-02-07] (Bose Corporation)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)

HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-10-26] (RealNetworks, Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM-x32\...\RunOnce: [sTToasterLauncher] => C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [120048 2009-09-17] ()

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]

Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)

HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Run: [Google Update] => C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-26] (Google Inc.)

HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308616 2014-12-22] (Google)

HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Run: [GoogleChromeAutoLaunch_5067CAB4F02DB410F3160A138613072A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-05] (Google Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk

ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/

HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/5

SearchScopes: HKLM -> DefaultScope {27A4967B-CAE4-49E5-A10D-9BD141C88457} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM -> {27A4967B-CAE4-49E5-A10D-9BD141C88457} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {3C126144-FC3B-4892-A5F3-506FB585C527} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 -> {3C126144-FC3B-4892-A5F3-506FB585C527} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000 -> DefaultScope {27A4967B-CAE4-49E5-A10D-9BD141C88457} URL =

SearchScopes: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000 -> {27A4967B-CAE4-49E5-A10D-9BD141C88457} URL =

SearchScopes: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000 -> {3C126144-FC3B-4892-A5F3-506FB585C527} URL =

BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Auxiliar de Conexão do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)

Toolbar: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

Toolbar: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000 -> No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)

Tcpip\Parameters: [DhcpNameServer] 192.168.25.1

Tcpip\..\Interfaces\{E018D7A9-43FB-4DF9-8760-A0A42D090F7E}: [NameServer] 200.175.5.139,200.175.182.139

FireFox:

========

FF ProfilePath: C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\5exfm9g3.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=17.0.12.0 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.12 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=17.0.12.0 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1933302284-1054454040-2067432904-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-1933302284-1054454040-2067432904-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-1933302284-1054454040-2067432904-1000: gastecnologia.com.br/sf/bb -> C:\Users\Eduardo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml

FF HKLM-x32\...\Firefox\Extensions: [{7C9C2591-51ED-44FA-8D03-450B92643F95}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-10-26]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on

FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-01-11]

FF HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Eduardo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi

FF Extension: GBBD Banco do Brasil - C:\Users\Eduardo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-05-15]

Chrome:

=======

CHR HomePage: Default -> hxxp://www.google.com.br/ig#m_79

CHR StartupUrls: Default -> "https://www.google.com/webhp?hl=pt-BR&tab=Xw"

CHR Profile: C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Tradutor) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-04-29]

CHR Extension: (Bejeweled) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-04-29]

CHR Extension: (Google Docs) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-29]

CHR Extension: (Google Drive) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-29]

CHR Extension: (YouTube) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-29]

CHR Extension: (Google Cast) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-26]

CHR Extension: (Pesquisa do Google) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-29]

CHR Extension: (Google Agenda) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-04-29]

CHR Extension: (4chan Cooliris Integration) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elimjgnimahhgogooiepdenfooodofmj [2013-04-29]

CHR Extension: (EXAME.com para Chrome) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjeomhheecfjcmhkncjhoedhchbahmpg [2013-04-29]

CHR Extension: (Band Radios) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjaidcecabohmejaemhellkghiimbbb [2013-04-29]

CHR Extension: (Pocket Website) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2013-04-29]

CHR Extension: (Calculadora) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2013-04-29]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-20]

CHR Extension: (Google Maps) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-04-29]

CHR Extension: (Download Master) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2013-04-29]

CHR Extension: (Google Dictionary (by Google)) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-04-29]

CHR Extension: (Verificador de mensagens do Google) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-04-29]

CHR Extension: (Google Play Books) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-04-29]

CHR Extension: (Google Wallet) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]

CHR Extension: (Songspin Radio) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obfcabpfnamnfmjiaimnnkajbgiblgcg [2013-04-29]

CHR Extension: (Meu tema do Chrome) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-04-29]

CHR Extension: (Rolagem rápida do Google) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2013-04-29]

CHR Extension: (Picasa) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2013-04-29]

CHR Extension: (Google Calendar Checker (do Google)) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2013-04-29]

CHR Extension: (GBBD Banco do Brasil) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh [2014-05-15]

CHR Extension: (Gmail) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-29]

CHR HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

CHR HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\Chrome\Extension: [pgacfjdigcddmmncljpflgcfpfahebkh] - C:\Users\Eduardo\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx [2014-05-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]

S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)

R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)

R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)

R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)

R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-24] ()

R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-10-26] (RealNetworks, Inc.)

R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-24] () [File not signed]

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)

R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)

R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)

R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)

R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)

R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)

R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)

R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)

R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)

R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)

R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)

R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)

R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)

R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)

R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)

R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)

R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)

R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)

R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)

S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 18:25 - 2015-01-24 18:26 - 00029111 _____ () C:\Users\Eduardo\Desktop\FRST.txt

2015-01-24 18:25 - 2015-01-24 18:25 - 00000000 ____D () C:\FRST

2015-01-24 18:23 - 2015-01-24 18:24 - 02129920 _____ (Farbar) C:\Users\Eduardo\Desktop\FRST64.exe

2015-01-15 00:18 - 2014-03-25 11:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys

2015-01-15 00:12 - 2015-01-15 00:12 - 00002985 _____ () C:\Users\Eduardo\Desktop\HiJackThis.lnk

2015-01-15 00:12 - 2015-01-15 00:12 - 00000000 ____D () C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2015-01-15 00:12 - 2015-01-15 00:12 - 00000000 ____D () C:\Program Files (x86)\Trend Micro

2015-01-15 00:08 - 2015-01-15 00:08 - 00000000 ____D () C:\HijackThis

2015-01-14 12:59 - 2014-12-19 01:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-01-14 12:59 - 2014-12-18 23:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2015-01-14 12:58 - 2014-12-12 03:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-01-14 12:58 - 2014-12-12 03:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-01-14 12:58 - 2014-12-12 03:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-01-14 12:58 - 2014-12-12 03:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-01-14 12:58 - 2014-12-12 03:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-01-14 12:58 - 2014-12-12 03:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-01-14 12:58 - 2014-12-12 03:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-01-12 23:45 - 2015-01-12 23:46 - 00000000 ____D () C:\Users\Eduardo\AppData\Local\Windows Live Writer

2015-01-12 23:45 - 2015-01-12 23:45 - 00000000 ____D () C:\Users\Eduardo\AppData\Roaming\Windows Live Writer

2014-12-25 11:26 - 2014-12-13 03:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-25 11:26 - 2014-12-13 01:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-12-25 11:15 - 2014-12-25 11:15 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 18:25 - 2009-07-14 03:10 - 01168669 _____ () C:\Windows\WindowsUpdate.log

2015-01-24 18:18 - 2014-04-27 21:49 - 00000000 ___RD () C:\Users\Eduardo\Google Drive

2015-01-24 18:17 - 2009-07-14 15:55 - 00706008 _____ () C:\Windows\system32\prfh0416.dat

2015-01-24 18:17 - 2009-07-14 15:55 - 00147848 _____ () C:\Windows\system32\prfc0416.dat

2015-01-24 18:17 - 2009-07-14 03:13 - 01635826 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-01-24 18:16 - 2009-12-30 00:35 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2015-01-24 18:15 - 2013-04-29 01:04 - 00000071 _____ () C:\Windows\SysWOW64\ToasterLauncherLog.log

2015-01-24 18:10 - 2014-01-26 17:50 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933302284-1054454040-2067432904-1000UA.job

2015-01-24 18:09 - 2013-04-29 01:13 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-01-24 18:09 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-01-24 18:08 - 2009-07-14 02:51 - 00087102 _____ () C:\Windows\setupact.log

2015-01-24 18:02 - 2013-04-29 01:13 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-01-24 17:58 - 2013-06-07 22:09 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-01-24 16:38 - 2009-07-14 02:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-01-24 16:38 - 2009-07-14 02:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-01-15 00:12 - 2013-04-29 01:04 - 00000000 ____D () C:\Users\Eduardo\AppData\Local\VirtualStore

2015-01-14 23:34 - 2013-07-27 18:36 - 00000000 ____D () C:\Windows\system32\MRT

2015-01-14 23:21 - 2013-04-30 00:57 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-01-14 22:59 - 2014-04-27 21:48 - 00002044 _____ () C:\Users\Public\Desktop\Google Slides.lnk

2015-01-14 22:59 - 2014-04-27 21:48 - 00002042 _____ () C:\Users\Public\Desktop\Google Sheets.lnk

2015-01-14 22:59 - 2014-04-27 21:48 - 00002032 _____ () C:\Users\Public\Desktop\Google Docs.lnk

2015-01-14 22:59 - 2014-04-27 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-01-14 16:31 - 2014-01-26 17:50 - 00001034 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933302284-1054454040-2067432904-1000Core.job

2015-01-14 13:52 - 2013-06-07 22:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-14 13:52 - 2013-06-07 22:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-01-14 13:52 - 2013-06-07 22:09 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-01-13 22:10 - 2014-01-13 16:37 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin

2015-01-13 22:10 - 2014-01-13 16:37 - 00000000 ____D () C:\ProgramData\GbPlugin

2015-01-12 23:57 - 2013-10-21 20:51 - 00000000 ____D () C:\Users\Andréa\AppData\Local\Adobe

2015-01-12 23:56 - 2009-12-30 00:54 - 00000000 ____D () C:\Users\Todos os Usuários\McAfee

2015-01-12 23:56 - 2009-12-30 00:54 - 00000000 ____D () C:\ProgramData\McAfee

2015-01-12 23:51 - 2009-07-14 03:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2015-01-12 23:50 - 2013-05-18 01:14 - 00000000 ____D () C:\Users\Andréa\AppData\Local\SoftThinks

2015-01-12 23:45 - 2013-04-30 00:26 - 00000000 ____D () C:\Users\Eduardo\AppData\Local\Windows Live

2015-01-12 23:03 - 2014-03-30 20:30 - 00000000 ____D () C:\Users\Eduardo\AppData\Roaming\Epson

2015-01-12 23:03 - 2014-03-29 15:53 - 00000000 ____D () C:\Users\Todos os Usuários\EPSON

2015-01-12 23:03 - 2014-03-29 15:53 - 00000000 ____D () C:\ProgramData\EPSON

2015-01-12 22:52 - 2013-04-29 00:02 - 00000000 ____D () C:\Users\Eduardo\AppData\Local\SoftThinks

2015-01-11 22:38 - 2014-03-29 15:54 - 00000000 ____D () C:\Program Files (x86)\EPSON Software

2015-01-06 04:36 - 2013-04-29 09:40 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-01-13 16:36 - 2014-05-15 19:03 - 0036310 _____ () C:\Users\Eduardo\AppData\Roaming\unins000.dat

2014-05-15 19:03 - 2014-05-15 19:03 - 0815314 _____ () C:\Users\Eduardo\AppData\Roaming\unins000.exe

Some content of TEMP:

====================

C:\Users\Arthur\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Eduardo\AppData\Local\Temp\0088861367234534mcinst.exe

C:\Users\Eduardo\AppData\Local\Temp\APNSetup.exe

C:\Users\Eduardo\AppData\Local\Temp\i4jdel0.exe

C:\Users\Eduardo\AppData\Local\Temp\IminentSetup.exe

C:\Users\Eduardo\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Eduardo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Eduardo\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Eduardo\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Eduardo\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Eduardo\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Eduardo\AppData\Local\Temp\msg3D7C.exe

C:\Users\Eduardo\AppData\Local\Temp\msg4AC6.exe

C:\Users\Eduardo\AppData\Local\Temp\{7D79074A-21BC-4EC7-A8A6-454C612B7E01}.exe

C:\Users\Vitor\AppData\Local\Temp\i4jdel0.exe

C:\Users\Vitor\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Vitor\AppData\Local\Temp\libProcessAccess642837803545477754452.dll

C:\Users\Vitor\AppData\Local\Temp\libProcessAccess643350634053849364820.dll

C:\Users\Vitor\AppData\Local\Temp\libProcessAccess645063289272450446891.dll

C:\Users\Vitor\AppData\Local\Temp\libProcessAccess645974868624934834787.dll

C:\Users\Vitor\AppData\Local\Temp\stubhelper.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-22 12:49

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01

Ran by Eduardo at 2015-01-24 18:27:11

Running from C:\Users\Eduardo\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Antivirus Pro 2015 (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}

AS: Panda Antivirus Pro 2015 (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Panda Firewall (Enabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)

ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)

Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)

Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

ChromecastApp (HKU\S-1-5-21-1933302284-1054454040-2067432904-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.31 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.44 - Dell)

Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (Software de Suporte) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.115.102 - Alps Electric)

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)

Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)

Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)

Epson Easy Photo Print 2 (HKLM-x32\...\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)

Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM-x32\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation)

Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (x32 Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden

Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)

Epson E-Web Print (HKLM-x32\...\{682A3328-9621-4BAD-91FA-873A076610C4}) (Version: 1.21.0000 - SEIKO EPSON CORPORATION)

EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Drive (HKLM-x32\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )

HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)

IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2013) (Version: 1.2 - Receita Federal do Brasil)

IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.3 - Receita Federal do Brasil)

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Java 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)

Java 6 Update 14 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil)) (HKLM-x32\...\{95120000-00AF-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{EE5B6291-45EF-4705-A20E-89A3C5D2F87E}) (Version: 9.7.0621 - Microsoft Corporation)

Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.8.0.1 - )

Mozilla Firefox 26.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 pt-BR)) (Version: 26.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)

Pacote de Compatibilidade para o sistema Office 2007 (HKLM-x32\...\{90120000-0020-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Panda Antivirus Pro 2015 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)

Panda Antivirus Pro 2015 (Version: 7.23.00.0000 - Panda Security) Hidden

Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)

Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden

PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version: - )

PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)

RealDownloader (x32 Version: 17.0.12 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.12 - RealNetworks)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)

Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)

Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)

Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)

Software WIDCOMM Bluetooth (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)

Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)

SoundTouch (HKLM-x32\...\{CA42687C-8D10-438B-B674-2CEC5B28DEE8}) (Version: 4.0.18.6104 - BOSE)

Suporte para Aplicativos Apple (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden

Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}) (Version: 14.0.8089.726 - Microsoft Corporation)

Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1933302284-1054454040-2067432904-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eduardo\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

18-11-2014 18:38:16 Windows Update

20-11-2014 15:06:48 Windows Update

20-11-2014 16:04:53 Installed Java 7 Update 71

25-11-2014 16:32:42 Windows Update

02-12-2014 21:02:50 Windows Update

08-12-2014 11:00:09 Windows Update

19-12-2014 20:38:25 Windows Update

22-12-2014 14:25:50 Windows Update

30-12-2014 22:06:49 Windows Update

11-01-2015 22:44:14 Windows Update

14-01-2015 23:20:20 Windows Update

15-01-2015 00:11:10 Installed HiJackThis

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 00:34 - 2009-06-10 19:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00E62FA8-E673-4746-9B69-7FDECEE28D3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)

Task: {01FC99FE-ED8E-460E-8E31-C1366ABB63FC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1933302284-1054454040-2067432904-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-24] (RealNetworks, Inc.)

Task: {10E1CE61-1CA9-4170-830A-0E445F1FF3B0} - System32\Tasks\DJC3HTL1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)

Task: {38781B1A-FD04-4078-88C3-FB782B7522EB} - System32\Tasks\{15C913E4-267A-4BEF-B99E-AEA7BCE106BA} => Chrome.exe http://ui.skype.com/ui/0/6.3.73.105.457/pt/go/help.faq.installer?LastError=1618

Task: {42D12E8C-5493-4008-B630-C1E90E481A52} - System32\Tasks\{D7B3B8C0-DC9C-40A1-8B59-5396F95FB863} => pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2013\IRPF2013.exe" -d "C:\Arquivos de Programas RFB\IRPF2013"

Task: {61C4E24A-2FBC-474C-8C80-D2D3A454980F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1933302284-1054454040-2067432904-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-24] (RealNetworks, Inc.)

Task: {75B0D7ED-CEBC-4971-B4A8-15640657EB0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)

Task: {7E3A9B4D-924B-4144-8515-F59A5803D748} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1933302284-1054454040-2067432904-1000UA => C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-26] (Google Inc.)

Task: {8780CB39-0630-4AF2-B170-B1D0136A5628} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {8B1CAE41-CE7B-4486-9C92-3B5A46C7FE46} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A6857E54-1764-41CD-A0DD-E658E171AAAE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1933302284-1054454040-2067432904-1000Core => C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-26] (Google Inc.)

Task: {D88B9EAC-9817-4A24-836B-2D40D4B14984} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933302284-1054454040-2067432904-1000Core.job => C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1933302284-1054454040-2067432904-1000UA.job => C:\Users\Eduardo\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-12-30 00:27 - 2009-07-17 15:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

2009-12-30 00:27 - 2009-07-17 15:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll

2014-07-24 12:47 - 2014-07-24 12:47 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

2014-07-24 15:06 - 2014-07-24 15:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

2009-06-18 21:46 - 2009-06-18 21:46 - 00494064 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

2009-07-01 18:54 - 2009-07-01 18:54 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll

2015-01-24 18:17 - 2015-01-21 16:51 - 07379024 _____ () C:\Program Files (x86)\Google\Update\Install\{7A6177DB-61AA-4A47-BCFD-C39E6C53744D}\40.0.2214.91_39.0.2171.95_chrome_updater.exe

2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-04-12 15:23 - 2013-04-12 15:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

2014-10-26 12:35 - 2014-10-26 12:35 - 00861784 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Plugins\cldplin.dll

2009-12-30 00:35 - 2009-09-17 13:04 - 00115952 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00128240 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00025840 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00025840 _____ () C:\program files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00025840 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll

2009-12-30 00:35 - 2009-09-17 13:04 - 01123568 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00079088 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00121072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00234736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00074992 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

2009-12-30 00:35 - 2009-09-17 13:05 - 00111856 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

2014-12-19 17:27 - 2014-12-05 23:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll

2014-12-19 17:27 - 2014-12-05 23:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll

2014-12-19 17:27 - 2014-12-05 23:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll

2014-12-19 17:27 - 2014-12-05 23:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

2015-01-24 18:16 - 2015-01-24 18:16 - 00098816 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32api.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00110080 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\pywintypes27.dll

2015-01-24 18:16 - 2015-01-24 18:16 - 00364544 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\pythoncom27.dll

2015-01-24 18:16 - 2015-01-24 18:16 - 00045568 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\_socket.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 01160704 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\_ssl.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00320512 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32com.shell.shell.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00713216 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\_hashlib.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 01175040 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._core_.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00805888 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._gdi_.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00811008 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._windows_.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 01062400 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._controls_.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00735232 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._misc_.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00557056 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\pysqlite2._sqlite.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00128512 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\_elementtree.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00127488 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\pyexpat.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00087552 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\_ctypes.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00119808 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32file.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00108544 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32security.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00007168 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\hashobjs_ext.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00167936 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32gui.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00018432 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32event.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00038912 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32inet.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00011264 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32crypt.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00070656 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._html2.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00027136 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\_multiprocessing.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00035840 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32process.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00686080 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\unicodedata.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00122368 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._wizard.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00024064 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32pipe.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00025600 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32pdh.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00525640 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\windows._lib_cacheinvalidation.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00010240 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\select.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00017408 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32profile.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00022528 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\win32ts.pyd

2015-01-24 18:16 - 2015-01-24 18:16 - 00078336 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI35482\wx._animate.pyd

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\System32:6F727C47_Bb.gbp

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrador (S-1-5-21-1933302284-1054454040-2067432904-500 - Administrator - Disabled)

Andréa (S-1-5-21-1933302284-1054454040-2067432904-1001 - Administrator - Enabled) => C:\Users\Andréa

Arthur (S-1-5-21-1933302284-1054454040-2067432904-1003 - Administrator - Enabled) => C:\Users\Arthur

Convidado (S-1-5-21-1933302284-1054454040-2067432904-501 - Limited - Disabled)

Eduardo (S-1-5-21-1933302284-1054454040-2067432904-1000 - Administrator - Enabled) => C:\Users\Eduardo

Vitor (S-1-5-21-1933302284-1054454040-2067432904-1002 - Administrator - Enabled) => C:\Users\Vitor

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (01/24/2015 04:44:12 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: O programa chrome.exe versão 39.0.2171.95 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: fb4

Hora de Início: 01d0380418dd423b

Hora de Término: 16

Caminho do Aplicativo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Id do Relatório: 934eeeb6-a3f8-11e4-a756-002564525a7e

Error: (01/14/2015 10:56:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 23096635

Error: (01/14/2015 10:56:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 23096635

Error: (01/14/2015 10:56:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/14/2015 04:31:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 9953

Error: (01/14/2015 04:31:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 9953

Error: (01/14/2015 04:31:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/14/2015 04:31:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8846

Error: (01/14/2015 04:31:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8846

Error: (01/14/2015 04:31:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

System errors:

=============

Error: (01/24/2015 06:22:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: Serviço Windows Update suspenso ao iniciar.

Error: (01/24/2015 06:15:35 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: A chamada ScRegSetValueExW falhou para FailureActions com o seguinte erro:

%%5

Error: (01/24/2015 06:08:58 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: O desligamento anterior do sistema em 18:07:03 às ‎24/‎01/‎2015 não era esperado.

Error: (01/24/2015 06:06:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Relatórios de Erro do Windows.

Error: (01/24/2015 06:04:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Relatórios de Erro do Windows.

Error: (01/24/2015 06:01:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Relatórios de Erro do Windows.

Error: (01/24/2015 05:59:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Não foi possível iniciar o serviço iPod Service devido ao seguinte erro:

%%1053

Error: (01/24/2015 05:59:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço iPod Service.

Error: (01/24/2015 05:59:22 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (01/24/2015 05:56:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Serviço de Relatórios de Erro do Windows.

Microsoft Office Sessions:

=========================

==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz

Percentage of memory in use: 73%

Total physical RAM: 3032.36 MB

Available physical RAM: 796.99 MB

Total Pagefile: 6062.91 MB

Available Pagefile: 3789.04 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:456.56 GB) (Free:216.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F8000000)

Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)

Partition 2: (Active) - (Size=9.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=456.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01