Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017
Ran by Célio Pereira (administrator) on CÉLIO (11-01-2017 19:23:00)
Running from C:\Users\Célio Pereira\Desktop
Loaded Profiles: Célio Pereira (Available Profiles: Célio Pereira)
Platform: Windows 8.1 Pro (Update) (X64) Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\ProgramData\service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
() C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
(Microsoft Corporation) C:\Program Files\XBox\XBLive.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\Célio Pereira\Downloads\ZA-Scan.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.17930_none_6a5f9ae878329b5c\notepad.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.17930_none_6a5f9ae878329b5c\notepad.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.17930_none_6a5f9ae878329b5c\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.18438_none_06b6b29657458c14\wmplayer.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {00421bc9-a1ba-11e5-8269-2089845db180} - "D:\autorun.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {1330ab64-9e75-11e5-8268-2089845db180} - "F:\FarCryAutoCD.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {9a7d4bf4-8097-11e5-825d-2089845db180} - "D:\autorun.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {b03b3c3e-8756-11e6-82a9-2089845db180} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {b232e616-be0b-11e6-82b1-2089845db180} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {fa9e312c-a38f-11e5-826a-2089845db180} - "F:\autorun.exe"
HKLM\...\Providers\u0o1kbtx: C:\Program Files (x86)\Pervetainuserent Adapter\local64spl.dll [291328 2017-01-10] ()
ShellExecuteHooks: No Name - {8F3A9CCC-D3F4-11E6-AF41-64006A5CFC35} - C:\Users\Célio Pereira\AppData\Roaming\Puziknehation\Tejerck.dll [148480 2017-01-10] ()
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1985691564-1225726452-1134471747-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1985691564-1225726452-1134471747-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [S-1-5-21-1985691564-1225726452-1134471747-1001] => hxxp://un-stop.info/wpad.dat?1a71a95330eb806792178d59077c53a211370778
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{8F864149-DC17-4EA2-A666-246456149A09}: [DhcpNameServer] 10.1.1.1
ManualProxies: 0hxxp://un-stop.info/wpad.dat?1a71a95330eb806792178d59077c53a211370778
Internet Explorer:
==================
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-08] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-08] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-08] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-03-04] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-11-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-11-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://search.etype.com/?smart=1
CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-11] <==== ATTENTION
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (Google Docs) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-30]
CHR Extension: (Google Drive) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Google Search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Documentos Google off-line) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (Gmail) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-30]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-11]
CHR Extension: (Google Docs) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-11]
CHR Extension: (Tree Branches) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgdeemcfmmabkdhbnhmkhpadancpkgol [2017-01-11]
CHR Extension: (Adblock Plus) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-11]
CHR Extension: (Gun Blood) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2017-01-11]
CHR Extension: (Planilhas do Google) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-11]
CHR Extension: (Documentos Google off-line) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-11]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (Bloxorz Block Puzzle) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2017-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-11]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-01-11]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-01-11]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (Bloxorz Block Puzzle) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2016-06-12]
CHR Extension: (Gmail) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-12]
CHR Extension: (Chrome Media Router) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 1ed4e2375a10448b2befe3b252645eff; C:\Program Files\1ed4e2375a10448b2befe3b252645eff\de7f6177a8e97d3dea3ef903e50320c9.exe [5676032 2017-01-06] () [File not signed] <==== ATTENTION
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [412672 2017-01-11] (TODO: <公司名>) [File not signed]
S2 Bqryclawut; C:\Program Files (x86)\Wiqesewonisy\srtprovider.dll [178176 2017-01-10] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 GoogleChromeUpService; C:\ProgramData\service.exe [1620992 2017-01-11] () [File not signed] <==== ATTENTION
R2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [131072 2017-01-11] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 IntelSony; C:\Program Files (x86)\Sony\IntelSony.dll [225792 2017-01-11] () [File not signed]
S3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [519680 2017-01-11] () [File not signed] <==== ATTENTION
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2015-11-26] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2015-12-28] (Dritek System INC.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-28] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1265664 2016-10-26] (Microsoft Corporation) [File not signed] <==== ATTENTION
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [508928 2017-01-11] () [File not signed]
R2 WMPNetworkAcSvc; C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [5091840 2016-11-10] () [File not signed] <==== ATTENTION
R2 XBox; C:\Program Files\XBox\XBLive.exe [6342584 2016-06-13] (Microsoft Corporation) <==== ATTENTION
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 6ee0da6814863fcff6e147fe6702917a; C:\Windows\system32\drivers\6ee0da6814863fcff6e147fe6702917a.sys [95040 2017-01-06] (9M5RAE) <==== ATTENTION
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-31] (Disc Soft Ltd)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-11] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2015-11-26] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2015-11-26] (Dritek System Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-04-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-10-08] (Basil Projects)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-01-11] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R2 zdwfp; C:\Windows\system32\Drivers\zdwfp64.sys [46352 2016-12-14] (zdengine)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
R4 KuaiZipDrive; \??\C:\Windows\system32\drivers\KuaiZipDrive.sys [X]
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 19:23 - 2017-01-11 19:23 - 00022081 _____ C:\Users\Célio Pereira\Desktop\FRST.txt
2017-01-11 19:23 - 2017-01-11 19:23 - 00000000 ____D C:\Users\Célio Pereira\Desktop\Nova pasta (2)
2017-01-11 19:19 - 2017-01-11 19:20 - 00046017 _____ C:\Users\Célio Pereira\Downloads\Addition.txt
2017-01-11 19:18 - 2017-01-11 19:23 - 00000000 ____D C:\FRST
2017-01-11 19:18 - 2017-01-11 19:20 - 00064264 _____ C:\Users\Célio Pereira\Downloads\FRST.txt
2017-01-11 19:17 - 2017-01-11 19:17 - 02419200 _____ (Farbar) C:\Users\Célio Pereira\Desktop\FRST64.exe
2017-01-11 19:16 - 2017-01-11 19:16 - 01761280 _____ (Farbar) C:\Users\Célio Pereira\Desktop\FRST.exe
2017-01-11 19:08 - 2017-01-11 19:08 - 00003145 _____ C:\Users\Célio Pereira\Desktop\FSS.txt
2017-01-11 19:07 - 2017-01-11 19:07 - 00899584 _____ (Farbar) C:\Users\Célio Pereira\Desktop\FSS.exe
2017-01-11 19:06 - 2017-01-11 19:07 - 00000512 _____ C:\Users\Célio Pereira\Downloads\Dump_Hdd0_DR0.mbr
2017-01-11 19:06 - 2017-01-11 19:06 - 00147456 _____ (Eric_71) C:\Users\Célio Pereira\Downloads\MbrScan.exe
2017-01-11 19:06 - 2017-01-11 19:06 - 00016492 _____ C:\Users\Célio Pereira\Desktop\ZA-Scan.txt
2017-01-11 19:05 - 2017-01-11 19:05 - 00016492 _____ C:\ZA-Scan.txt
2017-01-11 18:44 - 2017-01-11 19:05 - 00000588 _____ C:\runcheck.txt
2017-01-11 18:43 - 2017-01-11 18:43 - 01370112 _____ C:\Users\Célio Pereira\Downloads\ZA-Scan.exe
2017-01-11 18:43 - 2017-01-11 18:43 - 00000000 ____D C:\zoek_backup
2017-01-11 17:54 - 2017-01-11 17:54 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\GeoLocator
2017-01-11 17:46 - 2017-01-11 17:46 - 00000000 ____D C:\Program Files (x86)\WinArcher
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\WinSnare
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\ProgramData\WinSAPSvc
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.0.4)
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\Program Files (x86)\Gubed
2017-01-11 17:43 - 2017-01-11 17:43 - 00000000 ____D C:\Program Files\u0o1kbtx
2017-01-11 02:27 - 2017-01-11 02:27 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2017-01-11 01:10 - 2017-01-11 15:38 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1985691564-1225726452-1134471747-1001
2017-01-11 01:07 - 2017-01-11 01:07 - 00000000 ____D C:\Users\Célio Pereira\AppData\LocalLow\uTorrent
2017-01-11 00:57 - 2017-01-11 00:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Célio Pereira\Downloads\revosetup.exe
2017-01-11 00:41 - 2017-01-11 00:55 - 00000986 __RSH C:\ProgramData\ntuser.pol
2017-01-11 00:34 - 2017-01-11 00:34 - 00000146 _____ C:\Users\Célio Pereira\Desktop\Windows Defender - Atalho.lnk
2017-01-11 00:18 - 2017-01-11 00:18 - 11335348 _____ C:\Users\Célio Pereira\Downloads\Revo Uninstaller Pro 3.1.6 Setup + Activator.rar
2017-01-11 00:14 - 2017-01-11 00:14 - 00018017 _____ C:\Users\Célio Pereira\Downloads\RUP_3.1.x_Registrator.7z
2017-01-11 00:11 - 2017-01-11 02:50 - 00001232 _____ C:\Users\Célio Pereira\Desktop\Google Chrome.lnk
2017-01-11 00:07 - 2017-01-11 00:28 - 00000000 ____D C:\ProgramData\ProductData
2017-01-11 00:07 - 2017-01-11 00:10 - 00000000 ____D C:\Users\Célio Pereira\AppData\LocalLow\IObit
2017-01-11 00:07 - 2017-01-11 00:07 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-01-11 00:07 - 2017-01-11 00:07 - 00000000 ____D C:\Windows\IObit
2017-01-11 00:07 - 2017-01-11 00:07 - 00000000 ____D C:\ProgramData\IObit
2017-01-11 00:06 - 2017-01-11 00:07 - 00001113 _____ C:\Users\Célio Pereira\Desktop\AutoTime.lnk
2017-01-11 00:06 - 2017-01-11 00:06 - 01620992 _____ C:\ProgramData\service.exe
2017-01-11 00:06 - 2017-01-11 00:06 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\IObit
2017-01-11 00:05 - 2017-01-11 00:30 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\UCBrowser
2017-01-11 00:05 - 2017-01-11 00:05 - 00000000 ____D C:\Program Files\XBox
2017-01-11 00:04 - 2017-01-11 00:04 - 00010368 _____ C:\Windows\SysWOW64\zdengineOff.ini
2017-01-11 00:04 - 2017-01-11 00:04 - 00010368 _____ C:\Windows\system32\zdengineOff.ini
2017-01-11 00:04 - 2017-01-11 00:04 - 00000002 _____ C:\END
2017-01-11 00:04 - 2016-12-14 09:01 - 00046352 _____ (zdengine) C:\Windows\system32\Drivers\zdwfp64.sys
2017-01-11 00:02 - 2017-01-11 00:32 - 00000986 _____ C:\Users\Célio Pereira\Desktop\¿ìѹ.lnk
2017-01-11 00:02 - 2017-01-11 00:13 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\KuaiZip
2017-01-11 00:02 - 2017-01-11 00:02 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Softlink
2017-01-10 23:59 - 2017-01-10 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer
2017-01-10 23:58 - 2017-01-11 02:29 - 00000000 ____D C:\Program Files\1ed4e2375a10448b2befe3b252645eff
2017-01-10 23:58 - 2017-01-11 01:12 - 00000000 ____D C:\Windows\system32\SSL
2017-01-10 23:58 - 2017-01-10 23:58 - 00000000 ____D C:\ProgramData\Avira
2017-01-10 23:58 - 2017-01-10 23:58 - 00000000 ____D C:\ProgramData\Avg
2017-01-10 23:58 - 2017-01-10 23:58 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-10 23:57 - 2017-01-11 00:03 - 00000000 ____D C:\Users\C←lio Pereira\AppData\Local\Kersashherberry
2017-01-10 23:57 - 2017-01-10 23:57 - 00000000 ____D C:\Users\C←lio Pereira
2017-01-10 23:57 - 2017-01-10 23:57 - 00000000 ____D C:\Program Files (x86)\Pervetainuserent Adapter
2017-01-10 23:56 - 2017-01-11 17:45 - 00000000 ____D C:\Program Files (x86)\Wiqesewonisy
2017-01-10 23:56 - 2017-01-10 23:56 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Puziknehation
2017-01-10 23:56 - 2017-01-10 23:56 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\Kersashherberry
2017-01-10 23:55 - 2017-01-11 00:00 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\1055DE88-1484092521-E211-9E12-2089845DB180
2017-01-10 23:55 - 2017-01-10 23:55 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Links2
2017-01-10 23:55 - 2017-01-10 23:55 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2017-01-10 23:54 - 2017-01-10 23:54 - 00000000 _____ C:\TOSTACK
2017-01-10 23:53 - 2017-01-11 17:54 - 00000000 ____D C:\ProgramData\vCore
2017-01-10 23:53 - 2017-01-11 15:33 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2017-01-10 23:53 - 2017-01-11 01:10 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc
2017-01-10 23:53 - 2017-01-10 23:53 - 00000000 ____D C:\ProgramData\Windows Security
2017-01-10 22:55 - 2014-01-17 15:55 - 00000804 _____ C:\Users\Célio Pereira\Downloads\Leia-me.txt
2017-01-10 22:55 - 2014-01-13 12:06 - 03867432 _____ C:\Users\Célio Pereira\Downloads\m4.txd
2017-01-10 22:55 - 2014-01-13 11:53 - 00717038 _____ C:\Users\Célio Pereira\Downloads\m4.dff
2017-01-10 22:55 - 2013-09-10 00:26 - 00000160 _____ C:\Users\Célio Pereira\Downloads\Tutoriais - GTA San Andreas.url
2017-01-10 22:55 - 2013-09-10 00:26 - 00000123 _____ C:\Users\Célio Pereira\Downloads\Mods GTA San Andreas.url
2017-01-10 21:38 - 2017-01-10 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\www.GameModding.net
2017-01-10 21:15 - 2017-01-10 21:15 - 00244436 _____ C:\Users\Célio Pereira\Downloads\ImgTool.rar
2017-01-10 21:09 - 2017-01-10 21:09 - 00007911 _____ C:\Windows\unins000.dat
2017-01-10 21:09 - 2017-01-10 21:08 - 01204011 _____ C:\Windows\unins000.exe
2017-01-10 21:07 - 2017-01-10 21:07 - 00894870 _____ (Seemann, Deji, Alien ) C:\Users\Célio Pereira\Downloads\CLEO4_setup.exe
2017-01-10 19:33 - 2017-01-10 20:48 - 00000000 ____D C:\Users\Célio Pereira\Documents\GTA San Andreas User Files
2017-01-10 19:33 - 2017-01-10 19:33 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\modloader
2017-01-10 19:33 - 2017-01-10 19:33 - 00000000 ____D C:\ProgramData\modloader
2017-01-10 19:31 - 2017-01-10 19:31 - 00001237 _____ C:\Users\Célio Pereira\Desktop\gta_sa.exe - Atalho.lnk
2017-01-10 18:56 - 2017-01-10 23:51 - 00000000 ____D C:\Users\Célio Pereira\Downloads\san andreas
2017-01-10 18:28 - 2017-01-10 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-01-10 18:28 - 2017-01-10 18:28 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-01-09 19:54 - 2017-01-09 19:54 - 00014507 _____ C:\Users\Célio Pereira\Downloads\FlatOut.2 - RELOADED.torrent
2017-01-09 17:31 - 2017-01-10 13:24 - 00000000 ____D C:\Users\Célio Pereira\Downloads\GTA San Andreas Completo
2017-01-09 17:30 - 2017-01-09 17:30 - 00125355 _____ C:\Users\Célio Pereira\Downloads\Grand-Theft-Auto-GTA-San-Andreas-PC-www.jogoscompletostorrent.com_.rar
2017-01-09 17:14 - 2017-01-09 17:14 - 00000000 ____D C:\Programme
2017-01-06 17:55 - 2017-01-06 17:55 - 02185908 _____ C:\Windows\e08092a8deea03a2772034ed51cc4b44.exe
2017-01-06 17:50 - 2017-01-06 17:50 - 00095040 _____ (9M5RAE) C:\Windows\system32\Drivers\6ee0da6814863fcff6e147fe6702917a.sys
2016-12-14 23:52 - 2016-12-14 23:52 - 00001233 _____ C:\Users\Célio Pereira\Desktop\pun.exe - Atalho.lnk
2016-12-14 23:51 - 2016-12-14 23:51 - 00001421 _____ C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pun.lnk
2016-12-14 23:49 - 2017-01-09 19:25 - 00000000 ____D C:\Users\Célio Pereira\Desktop\tr punisher
2016-12-14 19:50 - 2016-12-14 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-12-14 19:50 - 2016-12-14 19:50 - 00000000 ____D C:\Program Files (x86)\THQ
2016-12-14 19:09 - 2016-12-14 19:09 - 00031334 _____ C:\Users\Célio Pereira\Downloads\1366x768-data-out-45-36279116-chicago-bulls-wallpaper.jpg
2016-12-14 17:22 - 2016-11-30 04:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-14 17:22 - 2016-11-30 04:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-14 16:44 - 2016-12-14 19:54 - 00000000 ____D C:\Users\Célio Pereira\Downloads\The Punisher
2016-12-14 16:20 - 2016-11-12 17:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 16:20 - 2016-11-12 16:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 16:20 - 2016-11-12 15:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 16:20 - 2016-11-12 15:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 16:19 - 2016-11-19 19:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 16:19 - 2016-11-19 19:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 16:19 - 2016-11-19 17:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 16:19 - 2016-11-19 16:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 16:19 - 2016-11-19 15:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 16:19 - 2016-11-19 15:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 16:19 - 2016-11-16 19:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 16:19 - 2016-11-12 19:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-14 16:19 - 2016-11-12 17:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-14 16:19 - 2016-11-12 17:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 16:19 - 2016-11-12 17:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 16:19 - 2016-11-12 16:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 16:19 - 2016-11-12 16:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 16:19 - 2016-11-12 16:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-14 16:19 - 2016-11-12 16:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 16:19 - 2016-11-12 16:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 16:19 - 2016-11-12 15:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-14 16:19 - 2016-11-12 15:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 16:19 - 2016-11-12 15:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 16:19 - 2016-11-12 15:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 16:19 - 2016-11-12 15:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 16:19 - 2016-11-12 15:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 16:19 - 2016-11-12 15:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 16:19 - 2016-11-12 15:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 16:19 - 2016-11-12 15:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 16:19 - 2016-11-11 00:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 16:19 - 2016-11-09 15:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 16:19 - 2016-11-05 18:46 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-12-14 16:19 - 2016-11-05 16:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 16:19 - 2016-11-05 15:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 16:19 - 2016-11-05 15:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 16:19 - 2016-11-05 13:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 16:19 - 2016-11-05 13:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 16:19 - 2016-10-28 00:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 16:19 - 2016-10-27 12:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 16:19 - 2016-10-12 19:49 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-12-14 16:19 - 2016-10-12 19:11 - 00922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-12-14 16:19 - 2016-10-11 14:45 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-12-14 16:19 - 2016-10-10 21:31 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-12-14 16:19 - 2016-10-10 16:18 - 00069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 16:19 - 2016-10-10 16:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2016-12-14 16:19 - 2016-10-09 12:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-12-14 16:19 - 2016-10-09 12:08 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-12-14 16:19 - 2016-10-09 12:08 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-12-14 16:19 - 2016-10-08 20:24 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-12-14 16:19 - 2016-10-08 19:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-12-14 16:19 - 2016-10-08 19:10 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-12-14 16:19 - 2016-10-05 12:01 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-12-14 16:19 - 2016-10-05 12:00 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-12-14 16:19 - 2016-10-05 12:00 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-12-14 16:19 - 2016-10-05 11:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 16:19 - 2016-10-05 11:52 - 00513456 _____ C:\Windows\system32\locale.nls
2016-12-14 16:19 - 2016-10-05 02:15 - 01969944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 16:19 - 2016-10-05 02:15 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 16:19 - 2016-10-05 02:15 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 16:19 - 2016-10-05 02:15 - 00245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 16:19 - 2016-09-27 18:16 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-14 16:19 - 2016-09-20 20:30 - 02462040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-11-30 07:50 - 2016-11-02 18:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-30 07:50 - 2016-11-02 18:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-30 07:50 - 2016-10-27 16:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-30 07:50 - 2016-10-27 15:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-30 07:50 - 2016-10-27 15:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-30 07:50 - 2016-10-27 15:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-30 07:50 - 2016-10-22 15:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-30 07:50 - 2016-10-22 14:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-30 07:50 - 2016-10-22 14:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-30 07:50 - 2016-10-22 14:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-30 07:50 - 2016-10-13 17:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-30 07:50 - 2016-10-13 17:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-30 07:50 - 2016-10-11 18:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-30 07:50 - 2016-10-11 18:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-30 07:50 - 2016-10-11 16:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-30 07:50 - 2016-10-11 15:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-30 07:50 - 2016-10-11 14:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-30 07:50 - 2016-10-10 19:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-30 07:50 - 2016-10-10 19:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-30 07:50 - 2016-10-09 20:59 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-30 07:50 - 2016-10-08 20:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-30 07:50 - 2016-10-08 20:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-30 07:50 - 2016-10-08 20:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-30 07:50 - 2016-10-08 19:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-30 07:50 - 2016-10-08 19:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-30 07:50 - 2016-10-07 23:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-30 07:50 - 2016-10-07 23:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-30 07:50 - 2016-10-04 18:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-30 07:50 - 2016-10-04 18:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-30 07:50 - 2016-10-04 18:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-30 07:50 - 2016-10-04 18:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-30 07:50 - 2016-09-09 20:14 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-30 07:50 - 2016-09-09 12:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-30 07:50 - 2016-09-09 12:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-30 07:50 - 2016-09-09 12:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-30 07:50 - 2016-09-09 12:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-30 07:50 - 2016-09-09 12:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-30 07:50 - 2016-09-03 16:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-11-30 07:50 - 2016-09-03 16:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-11-30 07:50 - 2016-09-03 15:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-11-30 07:50 - 2016-09-03 15:18 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-11-30 07:50 - 2016-09-03 14:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-30 07:50 - 2016-09-03 14:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-30 07:50 - 2016-09-03 13:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-30 07:50 - 2016-09-02 12:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-11-30 07:50 - 2016-09-02 12:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-11-30 07:50 - 2016-09-01 12:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-11-30 07:50 - 2016-09-01 12:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-11-30 07:50 - 2016-09-01 12:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-11-30 07:50 - 2016-08-30 12:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-30 07:50 - 2016-08-30 00:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-11-30 07:50 - 2016-08-30 00:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-11-30 07:50 - 2016-08-30 00:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-11-30 07:50 - 2016-08-22 11:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-30 07:49 - 2016-11-02 12:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-30 07:49 - 2016-11-02 12:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-30 07:49 - 2016-10-27 16:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-30 07:49 - 2016-10-27 16:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-30 07:49 - 2016-10-27 16:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-30 07:49 - 2016-10-27 15:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-30 07:49 - 2016-10-22 15:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-30 07:49 - 2016-10-22 14:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-30 07:49 - 2016-10-22 14:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-30 07:49 - 2016-10-22 14:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-30 07:49 - 2016-10-08 20:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-11-30 07:49 - 2016-08-30 00:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-11-29 08:44 - 2016-11-29 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-11-29 08:44 - 2016-11-29 08:44 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-11-11 13:43 - 2016-11-11 13:43 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2016-11-06 13:09 - 2016-11-06 13:17 - 39722470 _____ C:\Users\Célio Pereira\Downloads\Screaman-1.05.rar
2016-11-06 13:07 - 2016-12-14 16:55 - 206689270 _____ C:\Users\Célio Pereira\Downloads\PlayWithMe.zip
2016-11-04 21:20 - 2016-11-06 22:26 - 3429552128 _____ C:\Users\Célio Pereira\Downloads\vol1-m2twg.iso
2016-11-04 21:19 - 2016-11-06 12:48 - 00000000 ____D C:\Users\Célio Pereira\Downloads\Lord of the Rings - Battle for middle earth II + Witch King Expansion (2006)
2016-10-18 20:28 - 2016-09-12 21:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-18 20:28 - 2016-09-09 11:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-18 20:28 - 2016-08-27 17:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-18 20:28 - 2016-08-27 17:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-18 20:28 - 2016-08-27 17:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-18 20:28 - 2016-08-27 16:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-18 20:28 - 2016-08-27 16:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-18 20:28 - 2016-08-27 16:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-18 20:28 - 2016-08-27 14:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-18 20:28 - 2016-08-27 13:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-18 20:02 - 2016-09-30 22:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-18 20:02 - 2016-09-13 23:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-18 20:02 - 2016-09-08 12:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-18 20:02 - 2016-09-08 12:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-18 20:02 - 2016-09-07 20:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-18 20:02 - 2016-09-07 19:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-18 20:02 - 2016-09-07 19:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-18 20:02 - 2016-09-07 19:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-18 20:02 - 2016-08-27 14:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-18 20:02 - 2016-08-27 14:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-18 20:02 - 2016-08-25 18:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-18 20:02 - 2016-08-25 17:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-18 20:02 - 2016-08-12 19:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-18 20:02 - 2016-08-12 18:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-18 20:02 - 2016-08-11 23:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-18 20:02 - 2016-08-11 23:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-18 20:02 - 2016-08-11 15:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-18 20:02 - 2016-08-03 13:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-18 20:02 - 2016-08-03 13:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-18 20:02 - 2016-07-30 15:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-18 20:02 - 2016-07-30 14:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-18 20:02 - 2016-07-23 16:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-18 20:01 - 2016-09-17 16:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-18 20:01 - 2016-09-17 15:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-18 20:01 - 2016-09-13 23:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-18 20:01 - 2016-09-13 23:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-18 20:01 - 2016-09-13 23:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-18 20:01 - 2016-09-12 20:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-18 20:01 - 2016-09-12 19:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-18 20:01 - 2016-09-08 18:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-18 20:01 - 2016-09-07 19:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-18 20:01 - 2016-08-12 22:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-18 20:01 - 2016-08-12 22:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-18 20:01 - 2016-08-12 22:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-18 20:01 - 2016-08-12 22:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-18 20:01 - 2016-08-12 20:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-18 20:01 - 2016-08-12 20:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-18 20:01 - 2016-08-12 19:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-18 20:01 - 2016-08-11 16:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-18 20:01 - 2016-08-11 16:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-18 20:01 - 2016-08-11 16:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-18 20:01 - 2016-08-03 13:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-18 20:01 - 2016-08-03 13:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-18 20:01 - 2016-07-26 11:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-18 20:01 - 2016-07-26 11:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-18 20:01 - 2016-07-23 16:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-18 19:52 - 2016-10-18 19:52 - 00000000 ____D C:\MagicPlusMini
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 15:37 - 2015-10-07 23:13 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{40AE15D8-C4D8-4A60-BFA1-DC704BC4F559}
2017-01-11 15:33 - 2015-10-16 09:27 - 00000000 __SHD C:\Users\Célio Pereira\IntelGraphicsProfiles
2017-01-11 02:59 - 2015-10-31 12:55 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\uTorrent
2017-01-11 02:48 - 2015-11-15 18:08 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Skype
2017-01-11 02:25 - 2015-12-15 23:28 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\Spotify
2017-01-11 02:03 - 2015-12-15 23:15 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Spotify
2017-01-11 01:19 - 2016-03-21 16:35 - 00002413 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-11 01:15 - 2016-03-21 16:35 - 00002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-11 01:07 - 2016-03-27 16:24 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\LogMeIn Hamachi
2017-01-11 01:06 - 2015-10-14 16:21 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-01-11 01:06 - 2015-10-08 13:31 - 00000000 ____D C:\Program Files\KMSpico
2017-01-11 01:05 - 2016-08-23 16:40 - 00000000 ____D C:\Program Files (x86)\Sony
2017-01-11 01:05 - 2015-10-14 16:30 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-01-11 01:04 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-11 01:03 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-11 00:37 - 2013-08-22 13:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-11 00:20 - 2016-04-24 01:54 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\ElevatedDiagnostics
2017-01-11 00:11 - 2015-10-07 22:03 - 00001054 _____ C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-11 00:05 - 2015-10-07 22:03 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Adobe
2017-01-10 23:58 - 2016-04-06 21:01 - 00000000 ____D C:\Program Files (x86)\Apowersoft
2017-01-10 23:58 - 2015-12-05 20:17 - 00000000 ____D C:\Games
2017-01-10 23:58 - 2015-11-30 10:46 - 00000000 ____D C:\BancoBrasil
2017-01-10 23:58 - 2015-10-14 17:09 - 00000000 ____D C:\Intel
2017-01-10 23:58 - 2015-10-09 13:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-10 23:55 - 2016-03-23 23:33 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-10 23:55 - 2016-03-23 23:33 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-10 23:53 - 2015-11-26 08:09 - 00000000 ____D C:\ProgramData\Intel
2017-01-10 18:58 - 2016-04-21 14:09 - 00000000 ____D C:\Users\Célio Pereira\Downloads\Far Cry
2017-01-10 18:28 - 2015-10-22 12:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-01 19:02 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-01 15:14 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-12-28 12:37 - 2015-11-26 10:20 - 00000000 ____D C:\Users\Célio Pereira\Documents\Arquivos do Outlook
2016-12-18 04:10 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache
2016-12-18 03:56 - 2014-11-18 14:10 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{137aad10-ae7e-11e3-80bb-90b11c1ccb90}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 03:56 - 2014-11-18 14:10 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{137aad10-ae7e-11e3-80bb-90b11c1ccb90}.TM.blf
2016-12-17 04:10 - 2014-11-18 14:10 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{137aad10-ae7e-11e3-80bb-90b11c1ccb90}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 03:07 - 2013-08-22 13:31 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-16 23:29 - 2013-08-22 13:36 - 00000000 __RSD C:\Windows\assembly
2016-12-16 14:49 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\WinSxS
2016-12-16 14:47 - 2013-08-22 12:44 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-16 12:43 - 2014-11-18 14:10 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 12:43 - 2014-11-18 14:10 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\pt-BR
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\pt-BR
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\en-US
2016-12-16 12:40 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\wbem
2016-12-16 12:40 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\oobe
2016-12-16 12:39 - 2015-10-08 13:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-16 12:38 - 2015-10-08 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-16 12:37 - 2015-10-30 07:42 - 00000000 ____D C:\Windows\system32\MRT
2016-12-16 12:35 - 2015-10-07 22:00 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 23:51 - 2015-10-07 22:03 - 00000564 ___SH C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 23:51 - 2015-10-07 22:03 - 00000000 ___RD C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-14 17:32 - 2013-08-22 11:25 - 00000167 _____ C:\Windows\win.ini
2016-12-14 17:28 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
==================== Files in the root of some directories =======
2016-02-12 15:54 - 2016-02-12 15:54 - 0053246 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2017-01-11 00:06 - 2017-01-11 00:06 - 1620992 _____ () C:\ProgramData\service.exe
Files to move or delete:
====================
C:\ProgramData\service.exe
Some files in TEMP:
====================
C:\Users\Célio Pereira\AppData\Local\Temp\0Uninst.exe
C:\Users\Célio Pereira\AppData\Local\Temp\1Uninst.exe
C:\Users\Célio Pereira\AppData\Local\Temp\2Uninst.exe
C:\Users\Célio Pereira\AppData\Local\Temp\46D.tmp.exe
C:\Users\Célio Pereira\AppData\Local\Temp\4BCY598UDT.exe
C:\Users\Célio Pereira\AppData\Local\Temp\69610890-b374-4a70-aa1d-013c08cbf771.exe
C:\Users\Célio Pereira\AppData\Local\Temp\7za.exe
C:\Users\Célio Pereira\AppData\Local\Temp\aDUB8AeBGj.exe
C:\Users\Célio Pereira\AppData\Local\Temp\aoe3-114-english.exe
C:\Users\Célio Pereira\AppData\Local\Temp\AutoTime51495.exe
C:\Users\Célio Pereira\AppData\Local\Temp\Browser_V6.0.1121.13_r_4727_(Build1612191708).exe
C:\Users\Célio Pereira\AppData\Local\Temp\CmdLineExt.dll
C:\Users\Célio Pereira\AppData\Local\Temp\DBUpdater.exe
C:\Users\Célio Pereira\AppData\Local\Temp\DivXSetup.exe
C:\Users\Célio Pereira\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Célio Pereira\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Célio Pereira\AppData\Local\Temp\drm_dyndata_7300014.dll
C:\Users\Célio Pereira\AppData\Local\Temp\fsdC538.exe
C:\Users\Célio Pereira\AppData\Local\Temp\hijackthis.exe
C:\Users\Célio Pereira\AppData\Local\Temp\jg3.6.0.exe
C:\Users\Célio Pereira\AppData\Local\Temp\JGO7U54S5B.exe
C:\Users\Célio Pereira\AppData\Local\Temp\JNX506X0NQ.exe
C:\Users\Célio Pereira\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Célio Pereira\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Célio Pereira\AppData\Local\Temp\mininewsrepair.exe
C:\Users\Célio Pereira\AppData\Local\Temp\NirCmd.exe
C:\Users\Célio Pereira\AppData\Local\Temp\nshC793.tmp.exe
C:\Users\Célio Pereira\AppData\Local\Temp\PEVZ.EXE
C:\Users\Célio Pereira\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Célio Pereira\AppData\Local\Temp\remove.exe
C:\Users\Célio Pereira\AppData\Local\Temp\sdf3ADC.exe
C:\Users\Célio Pereira\AppData\Local\Temp\sdf55B7.exe
C:\Users\Célio Pereira\AppData\Local\Temp\sed.exe
C:\Users\Célio Pereira\AppData\Local\Temp\setup.exe
C:\Users\Célio Pereira\AppData\Local\Temp\shortcut.exe
C:\Users\Célio Pereira\AppData\Local\Temp\SIntf16.dll
C:\Users\Célio Pereira\AppData\Local\Temp\SIntf32.dll
C:\Users\Célio Pereira\AppData\Local\Temp\SIntfNT.dll
C:\Users\Célio Pereira\AppData\Local\Temp\standalonepatcher.exe
C:\Users\Célio Pereira\AppData\Local\Temp\start.exe
C:\Users\Célio Pereira\AppData\Local\Temp\swreg.exe
C:\Users\Célio Pereira\AppData\Local\Temp\swxcacls.exe
C:\Users\Célio Pereira\AppData\Local\Temp\TV7U7UZ7CP.exe
C:\Users\Célio Pereira\AppData\Local\Temp\updengine.exe
C:\Users\Célio Pereira\AppData\Local\Temp\VDcxiAIYEV.exe
C:\Users\Célio Pereira\AppData\Local\Temp\VideoBox.exe
C:\Users\Célio Pereira\AppData\Local\Temp\wajam_install.exe
C:\Users\Célio Pereira\AppData\Local\Temp\wget.exe
C:\Users\Célio Pereira\AppData\Local\Temp\zLJD6ZcCTY.exe
C:\Users\Célio Pereira\AppData\Local\Temp\zoek-delete.exe
C:\Users\Célio Pereira\AppData\Local\Temp\{E827D32C-602B-4FB9-92F7-726718ACFC14}-53.0.2785.116_52.0.2743.116_chrome_updater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-09 19:37
==================== End of FRST.txt ============================
Ran by Célio Pereira (administrator) on CÉLIO (11-01-2017 19:23:00)
Running from C:\Users\Célio Pereira\Desktop
Loaded Profiles: Célio Pereira (Available Profiles: Célio Pereira)
Platform: Windows 8.1 Pro (Update) (X64) Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\ProgramData\service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
() C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe
(Microsoft Corporation) C:\Program Files\XBox\XBLive.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\Célio Pereira\Downloads\ZA-Scan.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.17930_none_6a5f9ae878329b5c\notepad.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.17930_none_6a5f9ae878329b5c\notepad.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.3.9600.17930_none_6a5f9ae878329b5c\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.18438_none_06b6b29657458c14\wmplayer.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {00421bc9-a1ba-11e5-8269-2089845db180} - "D:\autorun.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {1330ab64-9e75-11e5-8268-2089845db180} - "F:\FarCryAutoCD.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {9a7d4bf4-8097-11e5-825d-2089845db180} - "D:\autorun.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {b03b3c3e-8756-11e6-82a9-2089845db180} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {b232e616-be0b-11e6-82b1-2089845db180} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\...\MountPoints2: {fa9e312c-a38f-11e5-826a-2089845db180} - "F:\autorun.exe"
HKLM\...\Providers\u0o1kbtx: C:\Program Files (x86)\Pervetainuserent Adapter\local64spl.dll [291328 2017-01-10] ()
ShellExecuteHooks: No Name - {8F3A9CCC-D3F4-11E6-AF41-64006A5CFC35} - C:\Users\Célio Pereira\AppData\Roaming\Puziknehation\Tejerck.dll [148480 2017-01-10] ()
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1985691564-1225726452-1134471747-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1985691564-1225726452-1134471747-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [S-1-5-21-1985691564-1225726452-1134471747-1001] => hxxp://un-stop.info/wpad.dat?1a71a95330eb806792178d59077c53a211370778
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{8F864149-DC17-4EA2-A666-246456149A09}: [DhcpNameServer] 10.1.1.1
ManualProxies: 0hxxp://un-stop.info/wpad.dat?1a71a95330eb806792178d59077c53a211370778
Internet Explorer:
==================
HKU\S-1-5-21-1985691564-1225726452-1134471747-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-08] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-08] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-08] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-03-04] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-11-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-11-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://search.etype.com/?smart=1
CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-11] <==== ATTENTION
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (Google Docs) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-30]
CHR Extension: (Google Drive) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Google Search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Documentos Google off-line) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (Gmail) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-30]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-11]
CHR Extension: (Google Docs) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-11]
CHR Extension: (Tree Branches) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgdeemcfmmabkdhbnhmkhpadancpkgol [2017-01-11]
CHR Extension: (Adblock Plus) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-11]
CHR Extension: (Gun Blood) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpbkahmbgcfjocgliikbkfiieemcjkoj [2017-01-11]
CHR Extension: (Planilhas do Google) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-11]
CHR Extension: (Documentos Google off-line) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-11]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (Bloxorz Block Puzzle) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2017-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-11]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-01-11]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Profile: C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-01-11]
CHR Extension: (Fast search) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-10]
CHR Extension: (Bloxorz Block Puzzle) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2016-06-12]
CHR Extension: (Gmail) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-12]
CHR Extension: (Chrome Media Router) - C:\Users\Célio Pereira\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 1ed4e2375a10448b2befe3b252645eff; C:\Program Files\1ed4e2375a10448b2befe3b252645eff\de7f6177a8e97d3dea3ef903e50320c9.exe [5676032 2017-01-06] () [File not signed] <==== ATTENTION
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [412672 2017-01-11] (TODO: <公司名>) [File not signed]
S2 Bqryclawut; C:\Program Files (x86)\Wiqesewonisy\srtprovider.dll [178176 2017-01-10] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 GoogleChromeUpService; C:\ProgramData\service.exe [1620992 2017-01-11] () [File not signed] <==== ATTENTION
R2 GubedZL; C:\Program Files (x86)\Gubed\GubedZL.dll [131072 2017-01-11] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 IntelSony; C:\Program Files (x86)\Sony\IntelSony.dll [225792 2017-01-11] () [File not signed]
S3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [519680 2017-01-11] () [File not signed] <==== ATTENTION
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2015-11-26] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2015-12-28] (Dritek System INC.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-28] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1265664 2016-10-26] (Microsoft Corporation) [File not signed] <==== ATTENTION
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [508928 2017-01-11] () [File not signed]
R2 WMPNetworkAcSvc; C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc\WMPNetworkAcSvc.exe [5091840 2016-11-10] () [File not signed] <==== ATTENTION
R2 XBox; C:\Program Files\XBox\XBLive.exe [6342584 2016-06-13] (Microsoft Corporation) <==== ATTENTION
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 6ee0da6814863fcff6e147fe6702917a; C:\Windows\system32\drivers\6ee0da6814863fcff6e147fe6702917a.sys [95040 2017-01-06] (9M5RAE) <==== ATTENTION
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-31] (Disc Soft Ltd)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-11] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2015-11-26] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2015-11-26] (Dritek System Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2016-04-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-10-08] (Basil Projects)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-01-11] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R2 zdwfp; C:\Windows\system32\Drivers\zdwfp64.sys [46352 2016-12-14] (zdengine)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
R4 KuaiZipDrive; \??\C:\Windows\system32\drivers\KuaiZipDrive.sys [X]
S1 ucdrv; \??\C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 19:23 - 2017-01-11 19:23 - 00022081 _____ C:\Users\Célio Pereira\Desktop\FRST.txt
2017-01-11 19:23 - 2017-01-11 19:23 - 00000000 ____D C:\Users\Célio Pereira\Desktop\Nova pasta (2)
2017-01-11 19:19 - 2017-01-11 19:20 - 00046017 _____ C:\Users\Célio Pereira\Downloads\Addition.txt
2017-01-11 19:18 - 2017-01-11 19:23 - 00000000 ____D C:\FRST
2017-01-11 19:18 - 2017-01-11 19:20 - 00064264 _____ C:\Users\Célio Pereira\Downloads\FRST.txt
2017-01-11 19:17 - 2017-01-11 19:17 - 02419200 _____ (Farbar) C:\Users\Célio Pereira\Desktop\FRST64.exe
2017-01-11 19:16 - 2017-01-11 19:16 - 01761280 _____ (Farbar) C:\Users\Célio Pereira\Desktop\FRST.exe
2017-01-11 19:08 - 2017-01-11 19:08 - 00003145 _____ C:\Users\Célio Pereira\Desktop\FSS.txt
2017-01-11 19:07 - 2017-01-11 19:07 - 00899584 _____ (Farbar) C:\Users\Célio Pereira\Desktop\FSS.exe
2017-01-11 19:06 - 2017-01-11 19:07 - 00000512 _____ C:\Users\Célio Pereira\Downloads\Dump_Hdd0_DR0.mbr
2017-01-11 19:06 - 2017-01-11 19:06 - 00147456 _____ (Eric_71) C:\Users\Célio Pereira\Downloads\MbrScan.exe
2017-01-11 19:06 - 2017-01-11 19:06 - 00016492 _____ C:\Users\Célio Pereira\Desktop\ZA-Scan.txt
2017-01-11 19:05 - 2017-01-11 19:05 - 00016492 _____ C:\ZA-Scan.txt
2017-01-11 18:44 - 2017-01-11 19:05 - 00000588 _____ C:\runcheck.txt
2017-01-11 18:43 - 2017-01-11 18:43 - 01370112 _____ C:\Users\Célio Pereira\Downloads\ZA-Scan.exe
2017-01-11 18:43 - 2017-01-11 18:43 - 00000000 ____D C:\zoek_backup
2017-01-11 17:54 - 2017-01-11 17:54 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\GeoLocator
2017-01-11 17:46 - 2017-01-11 17:46 - 00000000 ____D C:\Program Files (x86)\WinArcher
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\WinSnare
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\ProgramData\WinSAPSvc
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.0.4)
2017-01-11 17:45 - 2017-01-11 17:45 - 00000000 ____D C:\Program Files (x86)\Gubed
2017-01-11 17:43 - 2017-01-11 17:43 - 00000000 ____D C:\Program Files\u0o1kbtx
2017-01-11 02:27 - 2017-01-11 02:27 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2017-01-11 01:10 - 2017-01-11 15:38 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1985691564-1225726452-1134471747-1001
2017-01-11 01:07 - 2017-01-11 01:07 - 00000000 ____D C:\Users\Célio Pereira\AppData\LocalLow\uTorrent
2017-01-11 00:57 - 2017-01-11 00:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Célio Pereira\Downloads\revosetup.exe
2017-01-11 00:41 - 2017-01-11 00:55 - 00000986 __RSH C:\ProgramData\ntuser.pol
2017-01-11 00:34 - 2017-01-11 00:34 - 00000146 _____ C:\Users\Célio Pereira\Desktop\Windows Defender - Atalho.lnk
2017-01-11 00:18 - 2017-01-11 00:18 - 11335348 _____ C:\Users\Célio Pereira\Downloads\Revo Uninstaller Pro 3.1.6 Setup + Activator.rar
2017-01-11 00:14 - 2017-01-11 00:14 - 00018017 _____ C:\Users\Célio Pereira\Downloads\RUP_3.1.x_Registrator.7z
2017-01-11 00:11 - 2017-01-11 02:50 - 00001232 _____ C:\Users\Célio Pereira\Desktop\Google Chrome.lnk
2017-01-11 00:07 - 2017-01-11 00:28 - 00000000 ____D C:\ProgramData\ProductData
2017-01-11 00:07 - 2017-01-11 00:10 - 00000000 ____D C:\Users\Célio Pereira\AppData\LocalLow\IObit
2017-01-11 00:07 - 2017-01-11 00:07 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-01-11 00:07 - 2017-01-11 00:07 - 00000000 ____D C:\Windows\IObit
2017-01-11 00:07 - 2017-01-11 00:07 - 00000000 ____D C:\ProgramData\IObit
2017-01-11 00:06 - 2017-01-11 00:07 - 00001113 _____ C:\Users\Célio Pereira\Desktop\AutoTime.lnk
2017-01-11 00:06 - 2017-01-11 00:06 - 01620992 _____ C:\ProgramData\service.exe
2017-01-11 00:06 - 2017-01-11 00:06 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\IObit
2017-01-11 00:05 - 2017-01-11 00:30 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\UCBrowser
2017-01-11 00:05 - 2017-01-11 00:05 - 00000000 ____D C:\Program Files\XBox
2017-01-11 00:04 - 2017-01-11 00:04 - 00010368 _____ C:\Windows\SysWOW64\zdengineOff.ini
2017-01-11 00:04 - 2017-01-11 00:04 - 00010368 _____ C:\Windows\system32\zdengineOff.ini
2017-01-11 00:04 - 2017-01-11 00:04 - 00000002 _____ C:\END
2017-01-11 00:04 - 2016-12-14 09:01 - 00046352 _____ (zdengine) C:\Windows\system32\Drivers\zdwfp64.sys
2017-01-11 00:02 - 2017-01-11 00:32 - 00000986 _____ C:\Users\Célio Pereira\Desktop\¿ìѹ.lnk
2017-01-11 00:02 - 2017-01-11 00:13 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\KuaiZip
2017-01-11 00:02 - 2017-01-11 00:02 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Softlink
2017-01-10 23:59 - 2017-01-10 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer
2017-01-10 23:58 - 2017-01-11 02:29 - 00000000 ____D C:\Program Files\1ed4e2375a10448b2befe3b252645eff
2017-01-10 23:58 - 2017-01-11 01:12 - 00000000 ____D C:\Windows\system32\SSL
2017-01-10 23:58 - 2017-01-10 23:58 - 00000000 ____D C:\ProgramData\Avira
2017-01-10 23:58 - 2017-01-10 23:58 - 00000000 ____D C:\ProgramData\Avg
2017-01-10 23:58 - 2017-01-10 23:58 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-10 23:57 - 2017-01-11 00:03 - 00000000 ____D C:\Users\C←lio Pereira\AppData\Local\Kersashherberry
2017-01-10 23:57 - 2017-01-10 23:57 - 00000000 ____D C:\Users\C←lio Pereira
2017-01-10 23:57 - 2017-01-10 23:57 - 00000000 ____D C:\Program Files (x86)\Pervetainuserent Adapter
2017-01-10 23:56 - 2017-01-11 17:45 - 00000000 ____D C:\Program Files (x86)\Wiqesewonisy
2017-01-10 23:56 - 2017-01-10 23:56 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Puziknehation
2017-01-10 23:56 - 2017-01-10 23:56 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\Kersashherberry
2017-01-10 23:55 - 2017-01-11 00:00 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\1055DE88-1484092521-E211-9E12-2089845DB180
2017-01-10 23:55 - 2017-01-10 23:55 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Links2
2017-01-10 23:55 - 2017-01-10 23:55 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2017-01-10 23:54 - 2017-01-10 23:54 - 00000000 _____ C:\TOSTACK
2017-01-10 23:53 - 2017-01-11 17:54 - 00000000 ____D C:\ProgramData\vCore
2017-01-10 23:53 - 2017-01-11 15:33 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2017-01-10 23:53 - 2017-01-11 01:10 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\WMPNetworkAcSvc
2017-01-10 23:53 - 2017-01-10 23:53 - 00000000 ____D C:\ProgramData\Windows Security
2017-01-10 22:55 - 2014-01-17 15:55 - 00000804 _____ C:\Users\Célio Pereira\Downloads\Leia-me.txt
2017-01-10 22:55 - 2014-01-13 12:06 - 03867432 _____ C:\Users\Célio Pereira\Downloads\m4.txd
2017-01-10 22:55 - 2014-01-13 11:53 - 00717038 _____ C:\Users\Célio Pereira\Downloads\m4.dff
2017-01-10 22:55 - 2013-09-10 00:26 - 00000160 _____ C:\Users\Célio Pereira\Downloads\Tutoriais - GTA San Andreas.url
2017-01-10 22:55 - 2013-09-10 00:26 - 00000123 _____ C:\Users\Célio Pereira\Downloads\Mods GTA San Andreas.url
2017-01-10 21:38 - 2017-01-10 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\www.GameModding.net
2017-01-10 21:15 - 2017-01-10 21:15 - 00244436 _____ C:\Users\Célio Pereira\Downloads\ImgTool.rar
2017-01-10 21:09 - 2017-01-10 21:09 - 00007911 _____ C:\Windows\unins000.dat
2017-01-10 21:09 - 2017-01-10 21:08 - 01204011 _____ C:\Windows\unins000.exe
2017-01-10 21:07 - 2017-01-10 21:07 - 00894870 _____ (Seemann, Deji, Alien ) C:\Users\Célio Pereira\Downloads\CLEO4_setup.exe
2017-01-10 19:33 - 2017-01-10 20:48 - 00000000 ____D C:\Users\Célio Pereira\Documents\GTA San Andreas User Files
2017-01-10 19:33 - 2017-01-10 19:33 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\modloader
2017-01-10 19:33 - 2017-01-10 19:33 - 00000000 ____D C:\ProgramData\modloader
2017-01-10 19:31 - 2017-01-10 19:31 - 00001237 _____ C:\Users\Célio Pereira\Desktop\gta_sa.exe - Atalho.lnk
2017-01-10 18:56 - 2017-01-10 23:51 - 00000000 ____D C:\Users\Célio Pereira\Downloads\san andreas
2017-01-10 18:28 - 2017-01-10 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-01-10 18:28 - 2017-01-10 18:28 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-01-09 19:54 - 2017-01-09 19:54 - 00014507 _____ C:\Users\Célio Pereira\Downloads\FlatOut.2 - RELOADED.torrent
2017-01-09 17:31 - 2017-01-10 13:24 - 00000000 ____D C:\Users\Célio Pereira\Downloads\GTA San Andreas Completo
2017-01-09 17:30 - 2017-01-09 17:30 - 00125355 _____ C:\Users\Célio Pereira\Downloads\Grand-Theft-Auto-GTA-San-Andreas-PC-www.jogoscompletostorrent.com_.rar
2017-01-09 17:14 - 2017-01-09 17:14 - 00000000 ____D C:\Programme
2017-01-06 17:55 - 2017-01-06 17:55 - 02185908 _____ C:\Windows\e08092a8deea03a2772034ed51cc4b44.exe
2017-01-06 17:50 - 2017-01-06 17:50 - 00095040 _____ (9M5RAE) C:\Windows\system32\Drivers\6ee0da6814863fcff6e147fe6702917a.sys
2016-12-14 23:52 - 2016-12-14 23:52 - 00001233 _____ C:\Users\Célio Pereira\Desktop\pun.exe - Atalho.lnk
2016-12-14 23:51 - 2016-12-14 23:51 - 00001421 _____ C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pun.lnk
2016-12-14 23:49 - 2017-01-09 19:25 - 00000000 ____D C:\Users\Célio Pereira\Desktop\tr punisher
2016-12-14 19:50 - 2016-12-14 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-12-14 19:50 - 2016-12-14 19:50 - 00000000 ____D C:\Program Files (x86)\THQ
2016-12-14 19:09 - 2016-12-14 19:09 - 00031334 _____ C:\Users\Célio Pereira\Downloads\1366x768-data-out-45-36279116-chicago-bulls-wallpaper.jpg
2016-12-14 17:22 - 2016-11-30 04:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-14 17:22 - 2016-11-30 04:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-14 16:44 - 2016-12-14 19:54 - 00000000 ____D C:\Users\Célio Pereira\Downloads\The Punisher
2016-12-14 16:20 - 2016-11-12 17:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 16:20 - 2016-11-12 16:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 16:20 - 2016-11-12 15:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 16:20 - 2016-11-12 15:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 16:19 - 2016-11-19 19:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 16:19 - 2016-11-19 19:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 16:19 - 2016-11-19 17:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 16:19 - 2016-11-19 16:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 16:19 - 2016-11-19 15:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 16:19 - 2016-11-19 15:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 16:19 - 2016-11-16 19:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 16:19 - 2016-11-12 19:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-14 16:19 - 2016-11-12 17:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-14 16:19 - 2016-11-12 17:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 16:19 - 2016-11-12 17:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 16:19 - 2016-11-12 16:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 16:19 - 2016-11-12 16:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 16:19 - 2016-11-12 16:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-14 16:19 - 2016-11-12 16:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 16:19 - 2016-11-12 16:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 16:19 - 2016-11-12 15:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-14 16:19 - 2016-11-12 15:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 16:19 - 2016-11-12 15:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 16:19 - 2016-11-12 15:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 16:19 - 2016-11-12 15:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 16:19 - 2016-11-12 15:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 16:19 - 2016-11-12 15:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 16:19 - 2016-11-12 15:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 16:19 - 2016-11-12 15:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 16:19 - 2016-11-11 00:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 16:19 - 2016-11-09 15:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 16:19 - 2016-11-05 18:46 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-12-14 16:19 - 2016-11-05 16:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 16:19 - 2016-11-05 15:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 16:19 - 2016-11-05 15:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 16:19 - 2016-11-05 13:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 16:19 - 2016-11-05 13:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 16:19 - 2016-10-28 00:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 16:19 - 2016-10-27 12:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 16:19 - 2016-10-12 19:49 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-12-14 16:19 - 2016-10-12 19:11 - 00922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-12-14 16:19 - 2016-10-11 14:45 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-12-14 16:19 - 2016-10-10 21:31 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-12-14 16:19 - 2016-10-10 16:18 - 00069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 16:19 - 2016-10-10 16:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2016-12-14 16:19 - 2016-10-09 12:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-12-14 16:19 - 2016-10-09 12:08 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-12-14 16:19 - 2016-10-09 12:08 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-12-14 16:19 - 2016-10-08 20:24 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-12-14 16:19 - 2016-10-08 19:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-12-14 16:19 - 2016-10-08 19:10 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-12-14 16:19 - 2016-10-05 12:01 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-12-14 16:19 - 2016-10-05 12:00 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-12-14 16:19 - 2016-10-05 12:00 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-12-14 16:19 - 2016-10-05 11:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 16:19 - 2016-10-05 11:52 - 00513456 _____ C:\Windows\system32\locale.nls
2016-12-14 16:19 - 2016-10-05 02:15 - 01969944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 16:19 - 2016-10-05 02:15 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 16:19 - 2016-10-05 02:15 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 16:19 - 2016-10-05 02:15 - 00245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 16:19 - 2016-09-27 18:16 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-14 16:19 - 2016-09-20 20:30 - 02462040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-11-30 07:50 - 2016-11-02 18:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-30 07:50 - 2016-11-02 18:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-30 07:50 - 2016-10-27 16:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-30 07:50 - 2016-10-27 15:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-30 07:50 - 2016-10-27 15:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-30 07:50 - 2016-10-27 15:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-30 07:50 - 2016-10-22 15:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-30 07:50 - 2016-10-22 14:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-30 07:50 - 2016-10-22 14:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-30 07:50 - 2016-10-22 14:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-30 07:50 - 2016-10-13 17:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-30 07:50 - 2016-10-13 17:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-30 07:50 - 2016-10-11 18:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-30 07:50 - 2016-10-11 18:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-30 07:50 - 2016-10-11 16:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-30 07:50 - 2016-10-11 15:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-30 07:50 - 2016-10-11 14:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-30 07:50 - 2016-10-10 19:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-30 07:50 - 2016-10-10 19:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-30 07:50 - 2016-10-09 20:59 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-30 07:50 - 2016-10-08 20:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-30 07:50 - 2016-10-08 20:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-30 07:50 - 2016-10-08 20:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-30 07:50 - 2016-10-08 19:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-30 07:50 - 2016-10-08 19:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-30 07:50 - 2016-10-07 23:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-30 07:50 - 2016-10-07 23:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-30 07:50 - 2016-10-04 18:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-30 07:50 - 2016-10-04 18:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-30 07:50 - 2016-10-04 18:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-30 07:50 - 2016-10-04 18:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-30 07:50 - 2016-09-09 20:14 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-30 07:50 - 2016-09-09 12:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-30 07:50 - 2016-09-09 12:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-30 07:50 - 2016-09-09 12:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-30 07:50 - 2016-09-09 12:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-30 07:50 - 2016-09-09 12:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-30 07:50 - 2016-09-03 16:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-11-30 07:50 - 2016-09-03 16:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-11-30 07:50 - 2016-09-03 15:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-11-30 07:50 - 2016-09-03 15:18 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-11-30 07:50 - 2016-09-03 14:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-30 07:50 - 2016-09-03 14:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-30 07:50 - 2016-09-03 13:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-30 07:50 - 2016-09-02 12:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-11-30 07:50 - 2016-09-02 12:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-11-30 07:50 - 2016-09-01 12:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-11-30 07:50 - 2016-09-01 12:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-11-30 07:50 - 2016-09-01 12:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-11-30 07:50 - 2016-08-30 12:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-30 07:50 - 2016-08-30 00:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-11-30 07:50 - 2016-08-30 00:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-11-30 07:50 - 2016-08-30 00:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-11-30 07:50 - 2016-08-22 11:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-30 07:49 - 2016-11-02 12:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-30 07:49 - 2016-11-02 12:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-30 07:49 - 2016-10-27 16:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-30 07:49 - 2016-10-27 16:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-30 07:49 - 2016-10-27 16:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-30 07:49 - 2016-10-27 15:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-30 07:49 - 2016-10-22 15:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-30 07:49 - 2016-10-22 14:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-30 07:49 - 2016-10-22 14:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-30 07:49 - 2016-10-22 14:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-30 07:49 - 2016-10-08 20:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-11-30 07:49 - 2016-08-30 00:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-11-29 08:44 - 2016-11-29 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-11-29 08:44 - 2016-11-29 08:44 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-11-11 13:43 - 2016-11-11 13:43 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2016-11-06 13:09 - 2016-11-06 13:17 - 39722470 _____ C:\Users\Célio Pereira\Downloads\Screaman-1.05.rar
2016-11-06 13:07 - 2016-12-14 16:55 - 206689270 _____ C:\Users\Célio Pereira\Downloads\PlayWithMe.zip
2016-11-04 21:20 - 2016-11-06 22:26 - 3429552128 _____ C:\Users\Célio Pereira\Downloads\vol1-m2twg.iso
2016-11-04 21:19 - 2016-11-06 12:48 - 00000000 ____D C:\Users\Célio Pereira\Downloads\Lord of the Rings - Battle for middle earth II + Witch King Expansion (2006)
2016-10-18 20:28 - 2016-09-12 21:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-18 20:28 - 2016-09-09 11:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-18 20:28 - 2016-09-09 11:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-18 20:28 - 2016-08-27 17:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-18 20:28 - 2016-08-27 17:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-18 20:28 - 2016-08-27 17:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-18 20:28 - 2016-08-27 16:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-18 20:28 - 2016-08-27 16:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-18 20:28 - 2016-08-27 16:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-18 20:28 - 2016-08-27 14:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-18 20:28 - 2016-08-27 13:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-18 20:02 - 2016-09-30 22:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-18 20:02 - 2016-09-13 23:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-18 20:02 - 2016-09-08 12:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-18 20:02 - 2016-09-08 12:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-18 20:02 - 2016-09-07 20:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-18 20:02 - 2016-09-07 19:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-18 20:02 - 2016-09-07 19:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-18 20:02 - 2016-09-07 19:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-18 20:02 - 2016-08-27 14:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-18 20:02 - 2016-08-27 14:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-18 20:02 - 2016-08-25 18:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-18 20:02 - 2016-08-25 17:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-18 20:02 - 2016-08-12 19:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-18 20:02 - 2016-08-12 18:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-18 20:02 - 2016-08-11 23:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-18 20:02 - 2016-08-11 23:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-18 20:02 - 2016-08-11 15:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-18 20:02 - 2016-08-03 13:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-18 20:02 - 2016-08-03 13:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-18 20:02 - 2016-07-30 15:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-18 20:02 - 2016-07-30 14:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-18 20:02 - 2016-07-23 16:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-18 20:01 - 2016-09-17 16:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-18 20:01 - 2016-09-17 15:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-18 20:01 - 2016-09-13 23:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-18 20:01 - 2016-09-13 23:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-18 20:01 - 2016-09-13 23:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-18 20:01 - 2016-09-12 20:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-18 20:01 - 2016-09-12 19:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-18 20:01 - 2016-09-08 18:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-18 20:01 - 2016-09-07 19:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-18 20:01 - 2016-08-12 22:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-18 20:01 - 2016-08-12 22:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-18 20:01 - 2016-08-12 22:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-18 20:01 - 2016-08-12 22:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-18 20:01 - 2016-08-12 20:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-18 20:01 - 2016-08-12 20:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-18 20:01 - 2016-08-12 19:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-18 20:01 - 2016-08-11 16:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-18 20:01 - 2016-08-11 16:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-18 20:01 - 2016-08-11 16:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-18 20:01 - 2016-08-03 13:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-18 20:01 - 2016-08-03 13:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-18 20:01 - 2016-07-26 11:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-18 20:01 - 2016-07-26 11:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-18 20:01 - 2016-07-23 16:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-18 19:52 - 2016-10-18 19:52 - 00000000 ____D C:\MagicPlusMini
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 15:37 - 2015-10-07 23:13 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{40AE15D8-C4D8-4A60-BFA1-DC704BC4F559}
2017-01-11 15:33 - 2015-10-16 09:27 - 00000000 __SHD C:\Users\Célio Pereira\IntelGraphicsProfiles
2017-01-11 02:59 - 2015-10-31 12:55 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\uTorrent
2017-01-11 02:48 - 2015-11-15 18:08 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Skype
2017-01-11 02:25 - 2015-12-15 23:28 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\Spotify
2017-01-11 02:03 - 2015-12-15 23:15 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Spotify
2017-01-11 01:19 - 2016-03-21 16:35 - 00002413 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-11 01:15 - 2016-03-21 16:35 - 00002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-11 01:07 - 2016-03-27 16:24 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\LogMeIn Hamachi
2017-01-11 01:06 - 2015-10-14 16:21 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-01-11 01:06 - 2015-10-08 13:31 - 00000000 ____D C:\Program Files\KMSpico
2017-01-11 01:05 - 2016-08-23 16:40 - 00000000 ____D C:\Program Files (x86)\Sony
2017-01-11 01:05 - 2015-10-14 16:30 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-01-11 01:04 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-11 01:03 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-11 00:37 - 2013-08-22 13:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-01-11 00:20 - 2016-04-24 01:54 - 00000000 ____D C:\Users\Célio Pereira\AppData\Local\ElevatedDiagnostics
2017-01-11 00:11 - 2015-10-07 22:03 - 00001054 _____ C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-11 00:05 - 2015-10-07 22:03 - 00000000 ____D C:\Users\Célio Pereira\AppData\Roaming\Adobe
2017-01-10 23:58 - 2016-04-06 21:01 - 00000000 ____D C:\Program Files (x86)\Apowersoft
2017-01-10 23:58 - 2015-12-05 20:17 - 00000000 ____D C:\Games
2017-01-10 23:58 - 2015-11-30 10:46 - 00000000 ____D C:\BancoBrasil
2017-01-10 23:58 - 2015-10-14 17:09 - 00000000 ____D C:\Intel
2017-01-10 23:58 - 2015-10-09 13:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-10 23:55 - 2016-03-23 23:33 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-10 23:55 - 2016-03-23 23:33 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-10 23:53 - 2015-11-26 08:09 - 00000000 ____D C:\ProgramData\Intel
2017-01-10 18:58 - 2016-04-21 14:09 - 00000000 ____D C:\Users\Célio Pereira\Downloads\Far Cry
2017-01-10 18:28 - 2015-10-22 12:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-01 19:02 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-01 15:14 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-12-28 12:37 - 2015-11-26 10:20 - 00000000 ____D C:\Users\Célio Pereira\Documents\Arquivos do Outlook
2016-12-18 04:10 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache
2016-12-18 03:56 - 2014-11-18 14:10 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{137aad10-ae7e-11e3-80bb-90b11c1ccb90}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 03:56 - 2014-11-18 14:10 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{137aad10-ae7e-11e3-80bb-90b11c1ccb90}.TM.blf
2016-12-17 04:10 - 2014-11-18 14:10 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{137aad10-ae7e-11e3-80bb-90b11c1ccb90}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 03:07 - 2013-08-22 13:31 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-16 23:29 - 2013-08-22 13:36 - 00000000 __RSD C:\Windows\assembly
2016-12-16 14:49 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\WinSxS
2016-12-16 14:47 - 2013-08-22 12:44 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-16 12:43 - 2014-11-18 14:10 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-16 12:43 - 2014-11-18 14:10 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\pt-BR
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\pt-BR
2016-12-16 12:40 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\en-US
2016-12-16 12:40 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\wbem
2016-12-16 12:40 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\oobe
2016-12-16 12:39 - 2015-10-08 13:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-16 12:38 - 2015-10-08 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-16 12:37 - 2015-10-30 07:42 - 00000000 ____D C:\Windows\system32\MRT
2016-12-16 12:35 - 2015-10-07 22:00 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 23:51 - 2015-10-07 22:03 - 00000564 ___SH C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 23:51 - 2015-10-07 22:03 - 00000000 ___RD C:\Users\Célio Pereira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-14 17:32 - 2013-08-22 11:25 - 00000167 _____ C:\Windows\win.ini
2016-12-14 17:28 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
==================== Files in the root of some directories =======
2016-02-12 15:54 - 2016-02-12 15:54 - 0053246 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2017-01-11 00:06 - 2017-01-11 00:06 - 1620992 _____ () C:\ProgramData\service.exe
Files to move or delete:
====================
C:\ProgramData\service.exe
Some files in TEMP:
====================
C:\Users\Célio Pereira\AppData\Local\Temp\0Uninst.exe
C:\Users\Célio Pereira\AppData\Local\Temp\1Uninst.exe
C:\Users\Célio Pereira\AppData\Local\Temp\2Uninst.exe
C:\Users\Célio Pereira\AppData\Local\Temp\46D.tmp.exe
C:\Users\Célio Pereira\AppData\Local\Temp\4BCY598UDT.exe
C:\Users\Célio Pereira\AppData\Local\Temp\69610890-b374-4a70-aa1d-013c08cbf771.exe
C:\Users\Célio Pereira\AppData\Local\Temp\7za.exe
C:\Users\Célio Pereira\AppData\Local\Temp\aDUB8AeBGj.exe
C:\Users\Célio Pereira\AppData\Local\Temp\aoe3-114-english.exe
C:\Users\Célio Pereira\AppData\Local\Temp\AutoTime51495.exe
C:\Users\Célio Pereira\AppData\Local\Temp\Browser_V6.0.1121.13_r_4727_(Build1612191708).exe
C:\Users\Célio Pereira\AppData\Local\Temp\CmdLineExt.dll
C:\Users\Célio Pereira\AppData\Local\Temp\DBUpdater.exe
C:\Users\Célio Pereira\AppData\Local\Temp\DivXSetup.exe
C:\Users\Célio Pereira\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Célio Pereira\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Célio Pereira\AppData\Local\Temp\drm_dyndata_7300014.dll
C:\Users\Célio Pereira\AppData\Local\Temp\fsdC538.exe
C:\Users\Célio Pereira\AppData\Local\Temp\hijackthis.exe
C:\Users\Célio Pereira\AppData\Local\Temp\jg3.6.0.exe
C:\Users\Célio Pereira\AppData\Local\Temp\JGO7U54S5B.exe
C:\Users\Célio Pereira\AppData\Local\Temp\JNX506X0NQ.exe
C:\Users\Célio Pereira\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Célio Pereira\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Célio Pereira\AppData\Local\Temp\mininewsrepair.exe
C:\Users\Célio Pereira\AppData\Local\Temp\NirCmd.exe
C:\Users\Célio Pereira\AppData\Local\Temp\nshC793.tmp.exe
C:\Users\Célio Pereira\AppData\Local\Temp\PEVZ.EXE
C:\Users\Célio Pereira\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Célio Pereira\AppData\Local\Temp\remove.exe
C:\Users\Célio Pereira\AppData\Local\Temp\sdf3ADC.exe
C:\Users\Célio Pereira\AppData\Local\Temp\sdf55B7.exe
C:\Users\Célio Pereira\AppData\Local\Temp\sed.exe
C:\Users\Célio Pereira\AppData\Local\Temp\setup.exe
C:\Users\Célio Pereira\AppData\Local\Temp\shortcut.exe
C:\Users\Célio Pereira\AppData\Local\Temp\SIntf16.dll
C:\Users\Célio Pereira\AppData\Local\Temp\SIntf32.dll
C:\Users\Célio Pereira\AppData\Local\Temp\SIntfNT.dll
C:\Users\Célio Pereira\AppData\Local\Temp\standalonepatcher.exe
C:\Users\Célio Pereira\AppData\Local\Temp\start.exe
C:\Users\Célio Pereira\AppData\Local\Temp\swreg.exe
C:\Users\Célio Pereira\AppData\Local\Temp\swxcacls.exe
C:\Users\Célio Pereira\AppData\Local\Temp\TV7U7UZ7CP.exe
C:\Users\Célio Pereira\AppData\Local\Temp\updengine.exe
C:\Users\Célio Pereira\AppData\Local\Temp\VDcxiAIYEV.exe
C:\Users\Célio Pereira\AppData\Local\Temp\VideoBox.exe
C:\Users\Célio Pereira\AppData\Local\Temp\wajam_install.exe
C:\Users\Célio Pereira\AppData\Local\Temp\wget.exe
C:\Users\Célio Pereira\AppData\Local\Temp\zLJD6ZcCTY.exe
C:\Users\Célio Pereira\AppData\Local\Temp\zoek-delete.exe
C:\Users\Célio Pereira\AppData\Local\Temp\{E827D32C-602B-4FB9-92F7-726718ACFC14}-53.0.2785.116_52.0.2743.116_chrome_updater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-09 19:37
==================== End of FRST.txt ============================