Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extended Unlimited Adware


  • Please log in to reply
1 reply to this topic

#1 msfcnc

msfcnc

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:20 AM

Posted 09 September 2014 - 11:10 PM

It appears that I have recently acquired a sort of adware... Since not too long ago, every time I turn my computer, before anything on my desktop loads, command prompt pops up and Google Chrome pops up on the website "extendedunlimited.org"

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01

Ran by Mario (administrator) on MARIO-PC on 10-09-2014 00:58:27
Running from C:\Users\Mario\Desktop\Nova pasta
Platform: Windows 8.1 Pro (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
() C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Mario\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\ GbPluginAbn-x32: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll (Banco Real)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginCef-x32: C:\Program Files (x86)\GbPlugin\gbiehCef.dll (Caixa Economica Federal)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3491264 2012-08-15] (Tonec Inc.)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [F1ADC4F3B097747ABA8BE58CA8E50408D81FEC80._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-08-29] (Google Inc.)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1608008 2013-10-23] (Hobbyist Software)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [Spotify Web Helper] => C:\Users\Mario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-08] (Spotify Ltd)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [HW_OPENEYE_OUC_VIVO INTERNET] => C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {31e572e3-1d1a-11e4-bf33-94de800b9bd7} - "D:\ICM_ML.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {31e572fa-1d1a-11e4-bf33-94de800b9bd7} - "D:\ICM_ML.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {6f834e29-272c-11e4-bf33-94de800b9bd7} - "D:\AutoRun.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {6f834e67-272c-11e4-bf33-94de800b9bd7} - "D:\AutoRun.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {ae0a336d-3e63-11e3-beeb-94de800b9bd7} - "E:\AutoRun.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {ae0a33cd-3e63-11e3-beeb-94de800b9bd7} - "E:\AutoRun.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {ae2ed87e-43c8-11e3-beef-94de800b9bd7} - "E:\AutoRun.exe" 
HKU\S-1-5-21-378547705-2744727483-173208396-1001\...\MountPoints2: {ebe2e241-dd61-11e3-bf1d-94de800b9bd7} - "D:\LG_PC_Programs.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Megacubo.lnk
ShortcutTarget: Megacubo.lnk -> C:\Program Files (x86)\Megacubo\megacubo.exe (www.megacubo.net                                  )
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAF76F04774D8CD01
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll (Banco Real)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1736008 2014-08-12] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1697848 2014-05-06] (Banco Real)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1754664 2014-07-31] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
 
FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\htkm6j2j.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mario\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Mario\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin HKCU: gastecnologia.com.br/sf/abn -> C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)
FF Plugin HKCU: gastecnologia.com.br/sf/bb -> C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll (GAS Tecnologia)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-09-08]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Mario\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Mario\AppData\Roaming\IDM\idmmzcc5 [2012-08-15]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2013-12-16]
FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2014-08-27]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Mario\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://g1.globo.com/pernambuco/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 10C32771E1EA6039BDF191F8481B98D926BD9A35CA2C7086CF1CFEC675BCC8F6
CHR DefaultSearchURL: Default -> 9B6C85CEB36F1B0C822153A047E1222838655971357FE5E047F266A48090D1EC
CHR Profile: C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-12]
CHR Extension: (Google Docs) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Google Drive) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (YouTube) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-25]
CHR Extension: (Adblock Plus) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-06]
CHR Extension: (Pesquisa do Google) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-25]
CHR Extension: (Guerapa Desprotetor) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaaifppmpcnbkmpegmpkkcnlobgifid [2014-01-21]
CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-07-14]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-04-07]
CHR Extension: (Baixou Agora) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjpmeddmamejnmmppjlfglfhcjbbai [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Deezer) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2014-03-27]
CHR Extension: (Gmail) - C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-25]
CHR HKCU\...\Chrome\Extension: [abmojiekfpcmkkfamgfcpgfgipocface] - C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\abn\sf.crx [2013-05-07]
CHR HKCU\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx [2013-05-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe [51016 2014-07-17] (Google Inc.)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-07-25] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [546104 2014-07-21] (GAS Tecnologia)
R2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-08] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-11-30] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-08-16] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-08-22] (Company) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 AndNetDiag2; C:\Windows\system32\DRIVERS\lgandnetdiag264.sys [29696 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1148288 2011-07-06] (Creative Technology Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2012-06-13] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [40696 2013-05-17] (Windows ® Win 7 DDK provider)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\Windows\system32\DRIVERS\ss_bserd.sys [128000 2013-06-20] (MCCI Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]
U5 GbpKm; C:\Windows\SysWOW64\Drivers\GbpKm.sys [47720 2012-10-04] (GAS Tecnologia)
U3 idsvc; No ImagePath
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 00:57 - 2014-09-10 00:58 - 00000000 ____D () C:\Users\Mario\Desktop\Nova pasta
2014-09-10 00:56 - 2014-09-10 00:58 - 00000000 ____D () C:\FRST
2014-09-10 00:13 - 2014-09-10 00:54 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 00:13 - 2014-09-10 00:13 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 00:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-10 00:13 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-10 00:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-10 00:12 - 2014-09-10 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mario\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 00:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-10 00:07 - 2014-09-10 00:10 - 00000000 ____D () C:\AdwCleaner
2014-09-10 00:07 - 2014-09-10 00:07 - 01370467 _____ () C:\Users\Mario\Downloads\adwcleaner_3.309.exe
2014-09-09 14:32 - 2014-09-09 14:32 - 00483965 _____ () C:\Users\Mario\Downloads\Modelos d vestidos.zip
2014-09-09 12:27 - 2014-09-09 12:27 - 00000788 _____ () C:\Users\Mario\Desktop\Novo Documento de Texto (2).txt
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\Users\Todos os Usuários\ESET
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\ProgramData\ESET
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\Program Files\ESET
2014-09-08 12:04 - 2014-09-08 12:05 - 00000000 ____D () C:\Users\Mario\Downloads\ESET NOD32 ANTIVIRUS 7  CRACK (32 64 BIT) THADOGG
2014-09-08 12:03 - 2014-09-08 12:03 - 00011935 _____ () C:\Users\Mario\Downloads\[kickass.to]eset.nod32.antivirus.7.crack.32.64.bit.thadogg.xtrteam.torrent
2014-09-08 10:51 - 2014-09-08 10:51 - 00716664 _____ () C:\Users\Mario\Downloads\INSS.zip
2014-09-07 12:07 - 2014-09-07 12:07 - 00055554 _____ () C:\Users\Mario\Downloads\[kickass.to]the.fappening.2014.jennifer.lawrence.kate.upton.and.more.leaked.celeb.nudes.torrent
2014-09-05 17:32 - 2014-09-08 11:47 - 00003960 _____ () C:\WINDOWS\setupact.log
2014-09-05 17:32 - 2014-09-05 17:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-05 17:31 - 2014-09-05 17:31 - 06069703 _____ () C:\Users\Mario\Downloads\recoveryCWMCTRv6.0.4.4-v2.4-BLP-by lopestom.zip
2014-09-05 17:24 - 2014-09-05 17:33 - 480250399 _____ () C:\Users\Mario\Downloads\Backup V28 BLP.zip
2014-09-05 15:39 - 2014-09-05 15:39 - 00024793 _____ () C:\Users\Mario\Downloads\NFe_PDF_05092014153931.zip
2014-09-05 14:56 - 2014-09-08 22:52 - 00000000 ____D () C:\Users\Mario\Downloads\X-Men.Days.of.Future.Past.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-05 14:55 - 2014-09-05 14:55 - 00021191 _____ () C:\Users\Mario\Downloads\[kickass.to]x.men.days.of.future.past.2014.1080p.web.dl.dd5.1.h264.rarbg.torrent
2014-09-05 14:54 - 2014-09-07 12:22 - 00000000 ____D () C:\Users\Mario\Downloads\Maleficent.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-05 14:54 - 2014-09-05 14:54 - 00030176 _____ () C:\Users\Mario\Downloads\[kickass.to]maleficent.2014.1080p.web.dl.dd5.1.h264.rarbg.torrent
2014-09-04 16:47 - 2014-09-04 16:47 - 00002066 _____ () C:\Users\Public\Desktop\The SIMS 4 Deluxe Edition.lnk
2014-09-04 16:47 - 2014-09-04 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-04 16:39 - 2014-09-04 16:47 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-04 15:55 - 2014-09-04 16:04 - 00000000 ____D () C:\Users\Mario\Downloads\The SIMS 4 Deluxe Edition [L]
2014-09-04 15:55 - 2014-09-04 15:55 - 00045189 _____ () C:\Users\Mario\Downloads\[kickass.to]the.sims.4.deluxe.edition.cracked.l.torrent
2014-09-04 10:37 - 2014-09-04 10:37 - 00024792 _____ () C:\Users\Mario\Downloads\NFe_PDF_04092014103657.zip
2014-09-01 11:40 - 2014-09-01 11:43 - 489167010 ____R () C:\Users\Mario\Downloads\The.Fappening.zip
2014-09-01 11:39 - 2014-09-01 11:39 - 00037995 _____ () C:\Users\Mario\Downloads\[kickass.to]09.01.2014.celebrity.nude.photo.hack.collection.fappening.torrent
2014-08-29 22:28 - 2014-09-10 00:51 - 01926152 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-29 11:41 - 2014-08-29 11:41 - 00002784 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-29 11:41 - 2014-08-29 11:41 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-08-29 11:40 - 2014-08-29 11:40 - 05364414 _____ (Salat Production ) C:\Users\Mario\Downloads\CCleaner Professional [4.14.4808].exe
2014-08-29 11:39 - 2014-08-29 11:39 - 00007352 _____ () C:\Users\Mario\Downloads\[kickass.to]ccleaner.professional.plus.4.14.4808.torrent
2014-08-28 15:05 - 2014-08-22 21:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-28 15:05 - 2014-08-06 23:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-28 15:05 - 2014-08-02 00:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-27 16:49 - 2014-08-27 16:49 - 00004074 _____ () C:\Users\Mario\Downloads\comprovante calção Aluguel Auxiliadora.html
2014-08-27 16:39 - 2014-08-27 16:39 - 05078920 _____ (Caixa Econômica Federal ) C:\Users\Mario\Downloads\GBPCEF.exe
2014-08-27 16:17 - 2014-08-27 16:17 - 00012714 _____ () C:\Users\Mario\Downloads\Cadeia_CAIXA_v2.zip
2014-08-27 15:59 - 2014-08-27 15:59 - 00244272 _____ () C:\Users\Mario\Downloads\Firefox Setup Stub 31.0.exe
2014-08-27 15:57 - 2014-08-27 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-27 10:01 - 2014-08-27 10:01 - 00448512 _____ (OldTimer Tools) C:\Users\Mario\Downloads\TFC.exe
2014-08-25 18:12 - 2014-08-25 21:03 - 00000000 ____D () C:\Users\Mario\Downloads\Godzilla.(2014).Dublado.1080p
2014-08-25 18:12 - 2014-08-25 18:13 - 00000000 ____D () C:\Users\Mario\Downloads\USA Hot Top 40 Singles Chart 30-August-2014 [Bubanee]
2014-08-25 18:12 - 2014-08-25 18:12 - 00019652 _____ () C:\Users\Mario\Downloads\[kickass.to]usa.hot.top.40.singles.chart.30.august.2014.bubanee.torrent
2014-08-22 16:10 - 2014-08-22 16:11 - 00000000 ____D () C:\Users\Mario\Desktop\Documentos Marcelo
2014-08-21 20:17 - 2014-09-03 12:15 - 00000396 _____ () C:\Users\Mario\Desktop\Novo Documento de Texto.txt
2014-08-19 16:28 - 2014-07-25 11:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-19 16:28 - 2014-07-25 10:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-19 16:28 - 2014-07-25 10:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-19 16:28 - 2014-07-25 09:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-19 16:28 - 2014-07-25 09:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-19 16:28 - 2014-07-25 09:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-19 16:28 - 2014-07-25 09:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-19 16:28 - 2014-07-25 09:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-19 16:28 - 2014-07-25 09:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-19 16:28 - 2014-07-25 09:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-19 16:28 - 2014-07-25 09:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-19 16:28 - 2014-07-25 08:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-19 16:28 - 2014-07-25 08:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-19 16:28 - 2014-07-25 08:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-19 16:28 - 2014-07-25 08:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-19 16:28 - 2014-07-25 08:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-19 16:28 - 2014-07-25 08:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-19 16:28 - 2014-07-25 08:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-19 16:28 - 2014-07-25 08:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-19 16:28 - 2014-07-25 08:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-19 16:28 - 2014-07-25 07:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-19 16:28 - 2014-07-25 07:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-19 16:28 - 2014-07-25 07:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-19 16:28 - 2014-07-25 07:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-19 16:27 - 2014-07-25 10:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-19 16:27 - 2014-07-25 10:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-19 16:27 - 2014-07-25 09:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-19 16:27 - 2014-07-25 09:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-19 16:27 - 2014-07-25 09:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-19 16:27 - 2014-07-25 08:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-19 16:27 - 2014-07-25 08:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 16:27 - 2014-07-25 08:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-19 16:27 - 2014-07-25 08:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-19 16:27 - 2014-07-25 07:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-19 16:27 - 2014-07-25 07:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-19 16:27 - 2014-06-19 22:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-19 16:27 - 2014-06-19 20:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-19 16:27 - 2014-06-12 22:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-19 16:27 - 2014-06-12 22:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-19 16:27 - 2014-06-12 21:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-19 16:27 - 2014-06-06 08:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-19 16:25 - 2014-07-15 15:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-19 16:25 - 2014-07-15 05:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-19 16:25 - 2014-07-15 05:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-19 16:25 - 2014-07-15 05:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-19 16:19 - 2014-08-02 00:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-19 16:19 - 2014-07-12 01:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-19 16:19 - 2014-06-09 19:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-19 16:19 - 2014-06-09 19:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-19 16:14 - 2014-06-04 06:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-19 16:14 - 2014-06-04 02:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-19 16:14 - 2014-06-04 02:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-19 16:14 - 2014-06-04 01:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-19 16:14 - 2014-06-04 01:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-19 16:14 - 2014-06-03 23:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-19 16:14 - 2014-06-03 23:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-18 20:25 - 2014-08-18 20:25 - 00001208 _____ () C:\Users\Public\Desktop\Nuvem de Livros.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00001204 _____ () C:\Users\Public\Desktop\Segurança Online.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00001186 _____ () C:\Users\Public\Desktop\Kantoo English.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00001039 _____ () C:\Users\Public\Desktop\VIVO INTERNET.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVO INTERNET
2014-08-18 20:24 - 2014-08-18 20:26 - 00000000 ____D () C:\Program Files (x86)\VIVO INTERNET
2014-08-18 20:24 - 2012-04-26 11:04 - 00450048 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2014-08-18 20:24 - 2012-04-23 09:58 - 00238080 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2014-08-18 20:24 - 2012-04-23 09:57 - 00104448 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2014-08-18 20:24 - 2012-04-23 09:57 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2014-08-18 20:24 - 2012-04-23 09:57 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2014-08-18 20:24 - 2012-04-23 09:57 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2014-08-18 20:24 - 2011-12-31 09:20 - 00225920 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2014-08-18 20:24 - 2010-10-08 16:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2014-08-18 20:24 - 2010-09-26 18:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2014-08-18 20:24 - 2010-08-06 07:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2014-08-18 20:24 - 2010-07-27 09:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2014-08-18 20:24 - 2010-03-20 12:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2014-08-18 20:03 - 2014-08-18 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Networking Wizard_ICM
2014-08-18 20:02 - 2014-08-18 20:02 - 00000000 ____D () C:\Program Files\Samsung
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 00:58 - 2014-09-10 00:57 - 00000000 ____D () C:\Users\Mario\Desktop\Nova pasta
2014-09-10 00:58 - 2014-09-10 00:56 - 00000000 ____D () C:\FRST
2014-09-10 00:54 - 2014-09-10 00:13 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 00:51 - 2014-08-29 22:28 - 01926152 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-10 00:47 - 2014-03-29 12:36 - 00005002 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MARIO-PC-Mario Mario-PC
2014-09-10 00:42 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-10 00:41 - 2012-08-10 12:02 - 00000000 ___DO () C:\Users\Mario\SkyDrive
2014-09-10 00:38 - 2012-12-15 22:47 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-378547705-2744727483-173208396-1001
2014-09-10 00:37 - 2012-12-19 16:13 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-10 00:36 - 2014-01-21 16:08 - 00002161 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-10 00:36 - 2013-08-16 18:15 - 00000000 ____D () C:\Users\Todos os Usuários\Origin
2014-09-10 00:36 - 2013-08-16 18:15 - 00000000 ____D () C:\ProgramData\Origin
2014-09-10 00:35 - 2013-08-16 18:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-10 00:35 - 2013-06-29 15:22 - 00000000 ___RD () C:\Users\Mario\Dropbox
2014-09-10 00:35 - 2013-06-29 15:19 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Dropbox
2014-09-10 00:34 - 2012-07-25 15:23 - 00001062 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 00:32 - 2014-07-30 01:17 - 00000000 ____D () C:\Users\Todos os Usuários\NVIDIA
2014-09-10 00:32 - 2014-07-30 01:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-10 00:32 - 2013-08-22 11:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-10 00:32 - 2013-08-22 10:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-10 00:32 - 2012-08-06 14:55 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-09-10 00:32 - 2012-08-06 14:55 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-09-10 00:31 - 2012-07-25 15:42 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\DMCache
2014-09-10 00:29 - 2012-07-25 15:23 - 00001066 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 00:27 - 2013-10-07 22:08 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FAD6E5C3-B9B2-4070-8B5C-D201C12DB852}
2014-09-10 00:27 - 2012-07-25 18:31 - 00000902 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-10 00:13 - 2014-09-10 00:13 - 00001074 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 00:13 - 2014-09-10 00:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 00:12 - 2014-09-10 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mario\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 00:10 - 2014-09-10 00:07 - 00000000 ____D () C:\AdwCleaner
2014-09-10 00:07 - 2014-09-10 00:07 - 01370467 _____ () C:\Users\Mario\Downloads\adwcleaner_3.309.exe
2014-09-10 00:00 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-09 23:57 - 2014-04-24 09:00 - 00003610 _____ () C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-378547705-2744727483-173208396-1001
2014-09-09 17:36 - 2013-09-16 12:06 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\vlc
2014-09-09 14:32 - 2014-09-09 14:32 - 00483965 _____ () C:\Users\Mario\Downloads\Modelos d vestidos.zip
2014-09-09 14:28 - 2012-07-25 18:31 - 00003814 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-09 12:27 - 2014-09-09 12:27 - 00000788 _____ () C:\Users\Mario\Desktop\Novo Documento de Texto (2).txt
2014-09-09 11:53 - 2012-07-26 23:27 - 03304960 ___SH () C:\Users\Mario\Downloads\Thumbs.db
2014-09-08 22:52 - 2014-09-05 14:56 - 00000000 ____D () C:\Users\Mario\Downloads\X-Men.Days.of.Future.Past.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-08 20:15 - 2012-08-04 15:31 - 01063936 ___SH () C:\Users\Mario\Documents\Thumbs.db
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\Users\Todos os Usuários\ESET
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\ProgramData\ESET
2014-09-08 12:16 - 2014-09-08 12:16 - 00000000 ____D () C:\Program Files\ESET
2014-09-08 12:06 - 2012-08-03 12:30 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\BitTorrent
2014-09-08 12:05 - 2014-09-08 12:04 - 00000000 ____D () C:\Users\Mario\Downloads\ESET NOD32 ANTIVIRUS 7  CRACK (32 64 BIT) THADOGG
2014-09-08 12:03 - 2014-09-08 12:03 - 00011935 _____ () C:\Users\Mario\Downloads\[kickass.to]eset.nod32.antivirus.7.crack.32.64.bit.thadogg.xtrteam.torrent
2014-09-08 11:47 - 2014-09-05 17:32 - 00003960 _____ () C:\WINDOWS\setupact.log
2014-09-08 11:30 - 2013-10-07 21:22 - 01804994 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-08 11:30 - 2013-08-22 19:58 - 00777606 _____ () C:\WINDOWS\system32\prfh0416.dat
2014-09-08 11:30 - 2013-08-22 19:58 - 00159140 _____ () C:\WINDOWS\system32\prfc0416.dat
2014-09-08 10:51 - 2014-09-08 10:51 - 00716664 _____ () C:\Users\Mario\Downloads\INSS.zip
2014-09-08 10:50 - 2013-03-22 13:55 - 00000853 _____ () C:\Users\Mario\Desktop\Menu Tp GVT.txt
2014-09-07 12:22 - 2014-09-05 14:54 - 00000000 ____D () C:\Users\Mario\Downloads\Maleficent.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-07 12:07 - 2014-09-07 12:07 - 00055554 _____ () C:\Users\Mario\Downloads\[kickass.to]the.fappening.2014.jennifer.lawrence.kate.upton.and.more.leaked.celeb.nudes.torrent
2014-09-05 17:33 - 2014-09-05 17:24 - 480250399 _____ () C:\Users\Mario\Downloads\Backup V28 BLP.zip
2014-09-05 17:32 - 2014-09-05 17:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-05 17:31 - 2014-09-05 17:31 - 06069703 _____ () C:\Users\Mario\Downloads\recoveryCWMCTRv6.0.4.4-v2.4-BLP-by lopestom.zip
2014-09-05 15:39 - 2014-09-05 15:39 - 00024793 _____ () C:\Users\Mario\Downloads\NFe_PDF_05092014153931.zip
2014-09-05 14:55 - 2014-09-05 14:55 - 00021191 _____ () C:\Users\Mario\Downloads\[kickass.to]x.men.days.of.future.past.2014.1080p.web.dl.dd5.1.h264.rarbg.torrent
2014-09-05 14:54 - 2014-09-05 14:54 - 00030176 _____ () C:\Users\Mario\Downloads\[kickass.to]maleficent.2014.1080p.web.dl.dd5.1.h264.rarbg.torrent
2014-09-04 23:35 - 2013-11-19 18:02 - 00000000 ____D () C:\Program Files (x86)\Megacubo
2014-09-04 16:57 - 2013-01-28 22:08 - 00000000 ____D () C:\Users\Mario\Documents\Electronic Arts
2014-09-04 16:47 - 2014-09-04 16:47 - 00002066 _____ () C:\Users\Public\Desktop\The SIMS 4 Deluxe Edition.lnk
2014-09-04 16:47 - 2014-09-04 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-04 16:47 - 2014-09-04 16:39 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-04 16:04 - 2014-09-04 15:55 - 00000000 ____D () C:\Users\Mario\Downloads\The SIMS 4 Deluxe Edition [L]
2014-09-04 15:55 - 2014-09-04 15:55 - 00045189 _____ () C:\Users\Mario\Downloads\[kickass.to]the.sims.4.deluxe.edition.cracked.l.torrent
2014-09-04 10:37 - 2014-09-04 10:37 - 00024792 _____ () C:\Users\Mario\Downloads\NFe_PDF_04092014103657.zip
2014-09-03 12:15 - 2014-08-21 20:17 - 00000396 _____ () C:\Users\Mario\Desktop\Novo Documento de Texto.txt
2014-09-02 22:27 - 2012-12-18 11:40 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-378547705-2744727483-173208396-1003
2014-09-01 21:13 - 2013-05-07 14:13 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2014-09-01 21:13 - 2013-05-07 14:13 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-09-01 12:42 - 2014-06-11 22:00 - 00000000 ____D () C:\Users\Mario\Downloads\Linkin Park - The Hunting Party 2014[MP3@320kbps] - the.HH
2014-09-01 12:26 - 2012-11-06 17:22 - 00000000 ____D () C:\Users\Mario\Downloads\Grupo Revelação - Ao Vivo Na Palma da Mão
2014-09-01 11:55 - 2012-12-15 23:29 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Media Player Classic
2014-09-01 11:46 - 2013-01-04 23:20 - 00000000 ____D () C:\Users\Mario\Downloads\Billboard 2012 Year end Top Hot 100 Songs Charts (Best Singles)
2014-09-01 11:43 - 2014-09-01 11:40 - 489167010 ____R () C:\Users\Mario\Downloads\The.Fappening.zip
2014-09-01 11:39 - 2014-09-01 11:39 - 00037995 _____ () C:\Users\Mario\Downloads\[kickass.to]09.01.2014.celebrity.nude.photo.hack.collection.fappening.torrent
2014-08-31 23:50 - 2013-08-22 23:59 - 00000000 ____D () C:\Users\Mario\Downloads\Avenged Sevenfold - Hail To The King
2014-08-31 23:47 - 2013-09-17 16:57 - 00000000 ____D () C:\Users\Mario\Downloads\30 Seconds To Mars - Love Lust Faith + Dreams 2013 Rock 320kbps CBR MP3 [VX]
2014-08-31 23:46 - 2013-03-16 17:33 - 00000000 ____D () C:\Users\Mario\Downloads\US Top 40 17-Mar-2013
2014-08-30 20:13 - 2014-07-03 11:26 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time
2014-08-29 11:46 - 2013-11-07 17:25 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-29 11:46 - 2013-10-07 21:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-29 11:46 - 2013-02-14 21:48 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\PhotoScape
2014-08-29 11:46 - 2012-09-26 12:18 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2014-08-29 11:46 - 2012-07-25 15:42 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\IDM
2014-08-29 11:41 - 2014-08-29 11:41 - 00002784 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-29 11:41 - 2014-08-29 11:41 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-08-29 11:40 - 2014-08-29 11:40 - 05364414 _____ (Salat Production ) C:\Users\Mario\Downloads\CCleaner Professional [4.14.4808].exe
2014-08-29 11:39 - 2014-08-29 11:39 - 00007352 _____ () C:\Users\Mario\Downloads\[kickass.to]ccleaner.professional.plus.4.14.4808.torrent
2014-08-29 11:32 - 2014-05-27 20:28 - 00000000 ____D () C:\Users\Mario\Downloads\Watch.Dogs-RELOADED
2014-08-29 11:22 - 2014-05-28 22:21 - 00000000 ____D () C:\Program Files\Ubisoft
2014-08-29 10:53 - 2013-08-22 11:44 - 00562216 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-29 10:52 - 2012-08-06 14:55 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-08-29 00:39 - 2012-07-26 04:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-27 16:49 - 2014-08-27 16:49 - 00004074 _____ () C:\Users\Mario\Downloads\comprovante calção Aluguel Auxiliadora.html
2014-08-27 16:39 - 2014-08-27 16:39 - 05078920 _____ (Caixa Econômica Federal ) C:\Users\Mario\Downloads\GBPCEF.exe
2014-08-27 16:25 - 2014-08-27 15:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-27 16:25 - 2013-08-12 12:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-27 16:17 - 2014-08-27 16:17 - 00012714 _____ () C:\Users\Mario\Downloads\Cadeia_CAIXA_v2.zip
2014-08-27 16:03 - 2013-08-12 12:56 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-27 16:03 - 2013-08-12 12:56 - 00001119 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-27 15:59 - 2014-08-27 15:59 - 00244272 _____ () C:\Users\Mario\Downloads\Firefox Setup Stub 31.0.exe
2014-08-27 10:01 - 2014-08-27 10:01 - 00448512 _____ (OldTimer Tools) C:\Users\Mario\Downloads\TFC.exe
2014-08-25 21:40 - 2012-09-27 00:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-25 21:10 - 2014-03-17 19:25 - 00000000 ____D () C:\Users\Natália.Mario-PC\AppData\Local\NVIDIA Corporation
2014-08-25 21:03 - 2014-08-25 18:12 - 00000000 ____D () C:\Users\Mario\Downloads\Godzilla.(2014).Dublado.1080p
2014-08-25 18:54 - 2014-07-03 11:26 - 00001021 _____ () C:\Users\Public\Desktop\Popcorn Time.lnk
2014-08-25 18:54 - 2014-05-10 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2014-08-25 18:13 - 2014-08-25 18:12 - 00000000 ____D () C:\Users\Mario\Downloads\USA Hot Top 40 Singles Chart 30-August-2014 [Bubanee]
2014-08-25 18:12 - 2014-08-25 18:12 - 00019652 _____ () C:\Users\Mario\Downloads\[kickass.to]usa.hot.top.40.singles.chart.30.august.2014.bubanee.torrent
2014-08-25 15:52 - 2013-05-07 14:13 - 00000000 ____D () C:\Users\Todos os Usuários\boost_interprocess
2014-08-25 15:52 - 2013-05-07 14:13 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-24 00:25 - 2013-10-07 21:08 - 00000000 ____D () C:\Users\Mario
2014-08-22 21:42 - 2014-08-28 15:05 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 16:11 - 2014-08-22 16:10 - 00000000 ____D () C:\Users\Mario\Desktop\Documentos Marcelo
2014-08-21 13:57 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-21 12:42 - 2012-12-15 22:33 - 00000000 ____D () C:\Users\Mario\AppData\Local\Packages
2014-08-20 23:36 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-19 21:51 - 2013-08-22 12:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-19 21:51 - 2012-07-25 18:53 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-08-19 21:51 - 2012-07-25 18:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 21:49 - 2013-07-18 14:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 21:47 - 2012-07-25 19:37 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 21:46 - 2013-09-17 17:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-19 21:29 - 2013-01-16 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-19 16:12 - 2014-05-25 23:26 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-19 16:12 - 2014-05-22 14:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-19 16:12 - 2014-04-09 14:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-19 16:12 - 2014-04-09 14:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-19 16:12 - 2014-04-09 14:50 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-19 16:12 - 2014-04-09 14:50 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-19 16:12 - 2014-04-09 14:44 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-19 16:12 - 2014-04-09 14:43 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-19 16:12 - 2014-04-09 14:43 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-19 16:12 - 2014-04-09 14:43 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-19 16:12 - 2014-04-09 14:43 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-19 16:12 - 2014-04-09 14:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-19 16:12 - 2014-04-09 14:43 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-19 16:12 - 2014-04-09 14:43 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-19 16:12 - 2014-04-09 14:43 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-19 16:12 - 2014-04-09 14:43 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-18 23:34 - 2013-06-29 15:22 - 00001067 _____ () C:\Users\Mario\Desktop\Dropbox.lnk
2014-08-18 23:34 - 2013-06-29 15:20 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-18 22:53 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-18 20:26 - 2014-08-18 20:24 - 00000000 ____D () C:\Program Files (x86)\VIVO INTERNET
2014-08-18 20:26 - 2013-10-28 16:24 - 00000000 ____D () C:\Users\Todos os Usuários\DatacardService
2014-08-18 20:26 - 2013-10-28 16:24 - 00000000 ____D () C:\ProgramData\DatacardService
2014-08-18 20:25 - 2014-08-18 20:25 - 00001208 _____ () C:\Users\Public\Desktop\Nuvem de Livros.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00001204 _____ () C:\Users\Public\Desktop\Segurança Online.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00001186 _____ () C:\Users\Public\Desktop\Kantoo English.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00001039 _____ () C:\Users\Public\Desktop\VIVO INTERNET.lnk
2014-08-18 20:25 - 2014-08-18 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVO INTERNET
2014-08-18 20:10 - 2013-08-22 12:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-08-18 20:08 - 2012-08-13 19:27 - 00000000 ____D () C:\Users\Mario\AppData\Roaming\Samsung
2014-08-18 20:03 - 2014-08-18 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Networking Wizard_ICM
2014-08-18 20:03 - 2012-08-13 19:24 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-08-18 20:03 - 2012-07-25 17:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-18 20:02 - 2014-08-18 20:02 - 00000000 ____D () C:\Program Files\Samsung
 
Some content of TEMP:
====================
C:\Users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphatelw.dll
C:\Users\Mario\AppData\Local\Temp\InstHelper.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-08 12:28
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Mario at 2014-09-10 00:59:19
Running from C:\Users\Mario\Desktop\Nova pasta
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
AIDA64 Extreme v4.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.00 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Atualizações da NVIDIA 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Buscapé na Hora (HKCU\...\Buscapé na Hora) (Version: 2.2.1 - Buscapé Company)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner, версия 4.14.4808 (HKLM-x32\...\{80BD3FC0-9C5F-4ADA-83C7-91DC8E24D0B2}_is1) (Version: 4.14.4808 - Salat Production)
Central de Mouse e Teclado da Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Central de Mouse e Teclado da Microsoft (Version: 2.0.162.0 - Microsoft Corporation) Hidden
Chinese Traditional Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2448-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Chrome Remote Desktop Host (HKLM-x32\...\{7D2C319D-3907-472D-9B55-EC1F240962FC}) (Version: 37.0.2062.28 - Google Inc.)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden
CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: 2.61 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version:  - Microsoft)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_05_F4400_Software_Min (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
ESET NOD32 Antivirus (HKLM\...\{FBC0F617-1AA0-4483-8153-3FD97FE01D9E}) (Version: 7.0.317.4 - ESET, spol s r. o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F4400 (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.1.1119 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HDD Regenerator (HKLM-x32\...\{CC5DA723-D428-40D1-B82B-21EB64B1273C}) (Version: 20.11.0011 - Abstradrome)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{82D96D11-AF74-4449-8811-4D6CE66FEF63}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - )
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Mega Codec Pack 9.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.6.0 - )
Legendas 2.1 (HKLM-x32\...\{12FF7BE8-C75B-4B9B-8ADF-E51B8569E77F}_is1) (Version: 2.1 - Legendasbrasil.com.br)
Legendas 3.0 (HKLM-x32\...\{461C0377-D2EC-4FB0-B038-847BC6455432}_is1) (Version: 3.0 - LegendasBrasil.com.br)
LG On-Screen Phone (HKLM-x32\...\LG On-Screen Phone) (Version: 4.2.001.140114 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Lollipop (HKCU\...\lollipop) (Version:  - Lollipop Network, S.L.) <==== ATTENTION
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Megacubo 10 (HKLM-x32\...\Megacubo_is1) (Version: 1.4.0 - www.megacubo.net)
Microsoft Access MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6006.0718 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) Portuguese (Brazil) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{57660847-B1F7-35BD-9118-F62EB863A598}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Word MUI (Portuguese (Brazil)) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Módulo de Proteção Santander 3.2.0.2 (HKLM-x32\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: Módulo de Proteção Banco Santander (Brasil) S.A. - )
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.9.0.1 - )
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mozilla Firefox 31.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 pt-BR)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NetWorkingWizard_ICM (HKLM-x32\...\{4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}) (Version: 1.01.0010 - Samsung)
NVIDIA Driver de áudio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OneClickRoot (HKLM-x32\...\OneClickRoot) (Version: 1.0 - OneClickRoot)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Painel de controle da NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Painel de controle de áudio da Creative (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1019.0 - Passmark Software)
PFPortChecker 1.0.39 (HKLM-x32\...\PFPortChecker) (Version: 1.0.39 - Portforward.com)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
PS3 Cheats Editor (HKLM-x32\...\PS3 Cheats Editor) (Version:  - )
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SDFormatter (HKLM-x32\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association)
Secure Download Manager (HKLM-x32\...\{D618297E-D3F2-4E18-915C-02182A134394}) (Version: 3.1.10 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suporte para Aplicativos Apple (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The SIMS 4 Deluxe Edition (HKLM-x32\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0416-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0416-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-00C1-0416-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{19AF3A31-38BC-41F1-A419-4E9C185C6517}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0416-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0416-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0416-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0416-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0416-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{49B25930-F28E-4693-B6B9-F94885693F16}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0416-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0416-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0416-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0416-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0416-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0416-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0416-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIVO INTERNET (HKLM-x32\...\VIVO INTERNET) (Version: 16.002.10.18.149 - Huawei Technologies Co.,Ltd)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC Streamer 4.23 (HKLM-x32\...\VLC Streamer_is1) (Version:  - )
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Mario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Mario\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Mario\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Mario\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mario\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-378547705-2744727483-173208396-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
28-08-2014 18:48:52 Removido Microsoft Visual C++ 2005 Redistributable
04-09-2014 19:47:27 DirectX instalado
08-09-2014 15:15:07 Installed ESET NOD32 Antivirus
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 23:34 - 2014-01-20 14:33 - 00000822 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00D59761-0724-47A6-9D75-2F7DE1D7F23E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {08D2449B-64DC-42CC-A44C-9CD224D721EE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0B6F3161-1B50-446A-BA36-5CB5E73828D5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {14BA8791-B34F-4DBE-9717-D129389A9CAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {18336439-0BD4-493D-98A9-21DE58719CD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {18BDF14C-D76B-4611-8E22-858E26C7394F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-378547705-2744727483-173208396-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1D7D52C3-2CFC-44B1-A7C6-3046D3D181A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25] (Google Inc.)
Task: {1E2FF525-3028-408D-8085-B9DA85D0768A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => C:\Office Activation Technologies\Install.cmd [2016-08-14] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2AFC6AA8-8955-4174-A0EA-79C7B7639BA4} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {320506F2-E849-46EC-8F07-618D4A54FF5B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3761AC6D-834A-4584-980D-472DC87C1FA6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {38B93070-0960-4753-A733-070D1335CF0E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {39203C32-1A8A-4FFF-BCDD-FA0C54F3269F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C56F64B-4772-4426-B5F0-7A6A76AD00C8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {401C2F66-E373-49AB-98D6-AC3377470773} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-378547705-2744727483-173208396-1001
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D9923A7-56D2-49BA-9578-8C5F2D1D520A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-25] (Google Inc.)
Task: {54336DC0-4A9D-4FF2-9D39-7E440F28F0C1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5494F892-89CD-4521-A2AA-C52551D467EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {678BA848-6B81-495F-8086-FD8C656851DF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {69AE6464-2A70-4BB8-A84A-BA112F090AAA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BCB2070-2CD0-43A8-8382-E5F899708DB6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71F70507-F50C-43DE-BDA2-53A68454642B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MARIO-PC-Mario Mario-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {741590E9-C8FB-4F7D-AD07-380277675F5E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7419C7E9-D37D-41A1-8B9A-AA5AAF8ACE07} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {75E8BFA6-3320-4D08-B0C2-AA64E5D29BC9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-378547705-2744727483-173208396-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {77B7F4AC-09B3-44DF-B738-3D699D2DA5CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E06AE01-DD76-45DC-BDDA-99894A09484D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {800B272B-468F-4D7B-AB93-1DF6CD811B82} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8290A7BD-6F56-44F4-A659-CA95763FA135} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {87A1CB26-1020-487D-9AA5-CFC1FC6E1FB5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8C05EC44-E305-42CE-BD8C-664D3441B7D5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {95AE2740-EC63-41AE-B7EA-C64CB0489786} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B35D8AE2-EF93-4D0D-89A9-341A0A43B5BA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {BE5F7D53-5323-4982-BD7C-B3CB21277836} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-378547705-2744727483-173208396-1001
Task: {C3C39A0D-7BD7-493C-B5BE-43B6D3C94851} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D30F5CF7-D305-4844-8BB5-E5591BC02745} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E41FC000-0AE1-47C9-A9AA-484447D90C9D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E48E94B8-24D8-48AC-8C0E-8A67941EF409} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E908BE66-D89A-4B46-A925-EB676EBD1933} - System32\Tasks\Baidu PC Faster Update => $szInstallingDir\Updater.exe
Task: {EF7D9A8F-6131-47AB-908A-0F0BBFACFCDE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-19] (Microsoft Corporation)
Task: {F5586F85-1783-4A89-9A4C-AE675837F53A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {F98027C3-6191-449F-B59D-65A67C74E73D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {FB770F41-4D76-47B2-853F-AFCFE0CD50F0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {FD1EA241-2C6E-4D6F-BD59-1D9FA10178CD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {FF5BB9A6-F05C-4C91-8C5A-CC4A1AAA48B1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-30 01:17 - 2014-07-02 15:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-08 14:17 - 2013-05-08 14:17 - 00082144 _____ () C:\Program Files (x86)\HDD Regenerator\hrsrv.exe
2011-03-14 12:27 - 2011-03-14 12:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-11-30 19:20 - 2013-11-30 19:20 - 00076888 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2013-10-07 21:03 - 2009-11-30 18:54 - 00089088 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2013-10-07 21:03 - 2009-12-08 15:52 - 00230912 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2014-09-10 00:35 - 2014-09-10 00:35 - 00043008 _____ () c:\users\mario\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphatelw.dll
2013-08-23 16:01 - 2013-08-23 16:01 - 25100288 _____ () C:\Users\Mario\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-02 17:10 - 2014-08-29 23:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-02 17:10 - 2014-08-29 23:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-02 17:10 - 2014-08-29 23:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-02 17:10 - 2014-08-29 23:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-02 17:10 - 2014-08-29 23:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-17 23:26 - 2014-09-04 16:49 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:B755D674
AlternateDataStreams: C:\ProgramData\Temp:D78D6FF7
AlternateDataStreams: C:\Users\Mario\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:B755D674
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:D78D6FF7
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKLM\...\StartupApproved\StartupFolder: => "Megacubo.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKCU\...\StartupApproved\StartupFolder: => "PdaNet Desktop.lnk"
HKCU\...\StartupApproved\StartupFolder: => "hpqtra08.exe"
HKCU\...\StartupApproved\Run: => "Facebook Update"
HKCU\...\StartupApproved\Run: => "KiesPreload"
HKCU\...\StartupApproved\Run: => "KiesPDLR"
HKCU\...\StartupApproved\Run: => "GoogleDriveSync"
HKCU\...\StartupApproved\Run: => ""
HKCU\...\StartupApproved\Run: => "NoIPDUCv4"
HKCU\...\StartupApproved\Run: => "ApplePhotoStreams"
HKCU\...\StartupApproved\Run: => "HW_OPENEYE_OUC_VIVO INTERNET"
HKCU\...\StartupApproved\Run: => "Hobbyist Software VLC Streamer"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/10/2014 00:47:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x131c
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/10/2014 00:43:04 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (09/10/2014 00:21:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x1bf0
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/10/2014 00:06:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x5e0
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/09/2014 11:59:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x1be8
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/09/2014 10:36:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x136c
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/09/2014 10:20:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0xc70
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/09/2014 10:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x1698
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/09/2014 10:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0xfb4
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
Error: (09/09/2014 10:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 6.3.9600.16384, carimbo de data/hora: 0x5215e1f6
Nome do módulo com falha: twinapi.appcore.dll, versão: 6.3.9600.17195, carimbo de data/hora: 0x53894a69
Código de exceção: 0xc000027b
Deslocamento da falha: 0x00000000000547ac
ID do processo com falha: 0x528
Hora de início do aplicativo com falha: 0xbackgroundTaskHost.exe0
Caminho do aplicativo com falha: backgroundTaskHost.exe1
Caminho do módulo com falha: backgroundTaskHost.exe2
ID do Relatório: backgroundTaskHost.exe3
Nome completo do pacote com falha: backgroundTaskHost.exe4
ID do aplicativo relativo ao pacote com falha: backgroundTaskHost.exe5
 
 
System errors:
=============
Error: (09/08/2014 00:17:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: O serviço ESET Service está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente.
 
Error: (09/08/2014 00:03:40 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gerenciador de recursos de transações no volume E: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.
 
Error: (09/08/2014 00:03:37 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:33 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:29 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:25 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:21 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:18 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:15 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
Error: (09/08/2014 00:03:04 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk1\DR1, possui um setor defeituoso.
 
 
Microsoft Office Sessions:
=========================
Error: (09/10/2014 00:47:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac131c01cfcca9fcc7b9d1C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll3edd1274-389d-11e4-bf3d-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/10/2014 00:43:04 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (09/10/2014 00:21:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac1bf001cfcca6548e89abC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll9d30427d-3899-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/10/2014 00:06:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac5e001cfcca43c192ee4C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll7bcc6796-3897-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/09/2014 11:59:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac1be801cfcca2fedd3893C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll8ab84eaa-3896-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/09/2014 10:36:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac136c01cfcc97b24a996fC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dllf1be883a-388a-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/09/2014 10:20:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547acc7001cfcc95746087c9C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dllb6c83e71-3888-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/09/2014 10:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac169801cfcc9549f4781fC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll90dbbc11-3888-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/09/2014 10:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547acfb401cfcc94b749b4fcC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dllf6f477b4-3887-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
Error: (09/09/2014 10:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.1719553894a69c000027b00000000000547ac52801cfcc93d9c0abdeC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll1a9574de-3887-11e4-bf3c-94de800b9bd7CinemarkBrasil.CinemarkBrasil_1.0.1.33_x64__e484s7f0p8842App
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-08 12:05:07.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:47.824
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:47.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:47.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:47.590
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:47.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:47.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:45.356
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:45.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-09-07 16:06:45.059
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6300 Six-Core Processor 
Percentage of memory in use: 28%
Total physical RAM: 8173.22 MB
Available physical RAM: 5867.38 MB
Total Pagefile: 16365.22 MB
Available Pagefile: 13722.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:298.09 GB) (Free:21.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7A36E970)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:04:20 AM

Posted 12 September 2014 - 04:56 PM

hi,

 

Your post is afew days old. If you still need help simply reply back.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users