Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe keep coming back on C:\Windows\Temp


  • This topic is locked This topic is locked
5 replies to this topic

#1 kurocygnus

kurocygnus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 03 July 2015 - 11:21 PM

Hi! I'm new here and i have a little problem... Every time I boot my PC, this process is using 50% of CPU and Isass.exe is using 100% of my GPU.

Inside the Temp have some logs, saying it's from Claymore CryptoNote CPU Miner and Claymore CryptoNote GPU Miner. How I remove this? I tried almost everything that I know (Malwarebytes, Windows Defender, Spybot...). I know there is some post about this on the forum, but the fixlist.txt for the FRST is unique for each computer. There is the log from FRST:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by LuizFernando (administrator) on BAKKA on 04-07-2015 00:53:59
Running from C:\Users\LuizFernando\Desktop
Loaded Profiles: LuizFernando (Available Profiles: LuizFernando & Elida)
Platform: Windows 8.1 Pro (X64) OS Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Navigation Co., Ltd.) C:\Users\LuizFernando\AppData\Roaming\psvc\psvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\ETGMSrv.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
() C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\SZMON.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-01-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WARRIORgmmouseRun] => C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\SZMON.exe [3307520 2014-07-23] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-14] (Raptr, Inc)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-06-05] (NCSOFT Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888440 2015-06-16] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-05-26] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5669480 2015-05-14] (FreeDownloadManager.ORG)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [Akamai NetSession Interface] => C:\Users\LuizFernando\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-06-25] ()
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2477625714-4157688874-1142588302-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-24] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-24] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E4C6BB5B-280D-47BF-A002-00C7124EBBD8}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default
FF SelectedSearchEngine: webssearches
FF NetworkProxy: "backup.ftp", "199.168.148.131"
FF NetworkProxy: "backup.ftp_port", 10034
FF NetworkProxy: "backup.socks", "199.168.148.131"
FF NetworkProxy: "backup.socks_port", 10034
FF NetworkProxy: "backup.ssl", "199.168.148.131"
FF NetworkProxy: "backup.ssl_port", 10034
FF NetworkProxy: "ftp", "174.46.79.26"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "174.46.79.26"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "174.46.79.26"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "174.46.79.26"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-23] ()
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-03-29] (Nexon)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @wanmei.com/npArcPlayNowPlugin -> E:\Jogos\Arc\Plugins\npArcPluginFF.dll [2015-06-08] (????)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2477625714-4157688874-1142588302-1002: @Legend Of Glory -> C:\Program Files (x86)\Legend Of Glory\plugin\npLegendOfGlory1.dll No File
FF Plugin HKU\S-1-5-21-2477625714-4157688874-1142588302-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\LuizFernando\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\user.js [2015-02-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-01-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-01-09]
FF Extension: iMacros for Firefox - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-06-06]
FF Extension: MEGA - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\firefox@mega.co.nz.xpi [2015-04-28]
FF Extension: SwagButton - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\shopearn@prodege.com.xpi [2015-06-15]
FF Extension: Greasemonkey - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-24]
FF HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-05-25]

Chrome:
=======
CHR Profile: C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (Eredan iTCG) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakdeclmfcolipiknbfealnjddfibfo [2015-01-30]
CHR Extension: (YouTube) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Steam Market Filter) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\emdpoeanmcbopmmdomongbohbmiolmom [2015-01-30]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (EditThisCookie) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-01-30]
CHR Extension: (Planner 5D) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2015-01-30]
CHR Extension: (Bookmark Manager) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-03-11]
CHR Extension: (Desprotetor de Links) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2015-01-30]
CHR Extension: (Cookies) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (Steam Trader Helper) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2015-04-18]
CHR Extension: (Remove cookies for site.) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmfdblomdpkcniknaenceeogpgepocmm [2015-01-30]
CHR Extension: (Pocket Legends) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdbcnfpodnaefldpdohoibdajcfabp [2015-01-30]
CHR Extension: (Baixou Agora) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjpmeddmamejnmmppjlfglfhcjbbai [2015-02-02]
CHR Extension: (Ninja Warriors) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlimilkklpdgmbecigaeccabgpjoceno [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Locked "WinDivert1.1" service could not be unlocked. <===== ATTENTION

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-05-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S3 ArcAsiaService; E:\Jogos\Arc\ArcService.exe [79888 2015-06-08] ()
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-04-16] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-04-16] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-04-16] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2015-04-16] (ASUSTeK Computer Inc.) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ETGMGlcsSrv; C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\ETGMSrv.exe [1181544 2012-04-24] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-06] (Electronic Arts)
R2 PSed; C:\Users\LuizFernando\AppData\Roaming\psvc\psvc.exe [707624 2015-04-10] (Navigation Co., Ltd.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-07-04] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-14] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-07-04] ()
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Your Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-24] (REALiX™)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2961112 2015-01-24] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 usbglcs1100302; C:\Windows\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R1 MpKslabeb1b11; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D6570D59-9C23-460C-8C32-767B9EB98206}\MpKslabeb1b11.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S5 WinDivert1.1;  <===== ATTENTION Locked Service
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-04 00:53 - 2015-07-04 00:54 - 00025938 _____ C:\Users\LuizFernando\Desktop\FRST.txt
2015-07-04 00:53 - 2015-07-04 00:54 - 00000000 ____D C:\FRST
2015-07-04 00:48 - 2015-07-04 00:49 - 00000000 ____D C:\AdwCleaner
2015-07-04 00:47 - 2015-07-04 00:48 - 02244096 _____ C:\Users\LuizFernando\Downloads\AdwCleaner.exe
2015-07-04 00:47 - 2015-07-04 00:47 - 02112512 _____ (Farbar) C:\Users\LuizFernando\Desktop\FRST64.exe
2015-07-04 00:20 - 2015-07-04 00:20 - 00000000 _____ C:\autoexec.bat
2015-07-04 00:19 - 2015-07-04 00:19 - 00003348 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2015-07-04 00:19 - 2015-07-04 00:19 - 00001103 _____ C:\Users\LuizFernando\Desktop\SpyHunter.lnk
2015-07-04 00:19 - 2015-07-04 00:19 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Enigma Software Group
2015-07-04 00:18 - 2015-07-04 00:18 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-07-04 00:17 - 2015-07-04 00:17 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-07-04 00:14 - 2015-07-04 00:14 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\LuizFernando\Downloads\SpyHunter-Installer.exe
2015-07-04 00:11 - 2015-07-04 00:11 - 00000042 _____ C:\Windows\SysWOW64\AK083E209605E394C.lie
2015-07-04 00:10 - 2015-07-04 00:10 - 00000791 _____ C:\Users\LuizFernando\Desktop\Perfect Uninstaller.lnk
2015-07-04 00:02 - 2015-07-04 00:02 - 00003088 _____ C:\Windows\System32\Tasks\sunsoft
2015-07-03 12:18 - 2015-07-04 00:01 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2015-07-03 12:18 - 2015-07-04 00:01 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-03 12:18 - 2015-07-03 12:18 - 00001274 _____ C:\Users\LuizFernando\Desktop\Spybot - Search & Destroy.lnk
2015-07-03 12:18 - 2015-07-03 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2015-07-03 12:18 - 2015-07-03 12:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-07-03 12:14 - 2015-07-03 12:15 - 16409960 _____ (Safer Networking Limited ) C:\Users\LuizFernando\Downloads\spybotsd162.exe
2015-07-03 12:08 - 2015-07-03 12:08 - 00090948 _____ C:\Users\LuizFernando\Desktop\sfcdetails.txt
2015-07-03 11:38 - 2015-07-04 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 22:33 - 2015-07-03 23:59 - 00004858 _____ C:\Windows\PFRO.log
2015-07-02 22:05 - 2015-07-02 22:10 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-02 17:01 - 2015-07-02 17:01 - 00711247 _____ C:\Users\LuizFernando\Downloads\Branca-de-Neve-tem-que-morrer-Nele-Neuhaus.epub
2015-07-02 15:56 - 2015-07-02 15:56 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2015-07-02 15:56 - 2015-07-02 15:56 - 00000000 ____D C:\ProgramData\ATI
2015-07-02 15:46 - 2015-07-02 15:46 - 00064052 _____ C:\Windows\SysWOW64\CCCInstall_201507021546287681.log
2015-07-02 15:46 - 2015-07-02 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-02 15:46 - 2015-07-02 15:46 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-07-02 15:43 - 2015-07-03 23:59 - 00004841 _____ C:\Windows\setupact.log
2015-07-02 15:43 - 2015-07-02 15:46 - 00000000 ____D C:\Program Files\AMD
2015-07-02 15:43 - 2015-07-02 15:43 - 00000000 _____ C:\Windows\setuperr.log
2015-07-02 15:29 - 2015-07-02 15:29 - 00057735 _____ C:\Windows\SysWOW64\CCCInstall_201507021529569817.log
2015-07-02 15:28 - 2015-07-02 15:28 - 00000000 ____D C:\Windows\LastGood
2015-07-02 15:15 - 2015-07-02 15:26 - 00000000 ____D C:\Program Files\CCleaner
2015-07-02 15:15 - 2015-07-02 15:15 - 05316792 _____ (Piriform Ltd) C:\Users\LuizFernando\Downloads\ccsetup501pro.exe
2015-07-02 15:15 - 2015-07-02 15:15 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-02 15:15 - 2015-07-02 15:15 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-02 15:15 - 2015-07-02 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-30 15:30 - 2015-06-30 16:07 - 00000000 ____D C:\Users\LuizFernando\Documents\Project Zetsubou
2015-06-30 15:14 - 2015-06-30 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.1f1 (64-bit)
2015-06-29 18:30 - 2015-06-29 18:30 - 00001078 _____ C:\Users\LuizFernando\Desktop\Super Hexagon.lnk
2015-06-29 18:30 - 2015-06-29 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon
2015-06-29 18:30 - 2015-06-29 18:30 - 00000000 ____D C:\Program Files (x86)\Super Hexagon
2015-06-29 18:13 - 2015-06-29 18:13 - 00000825 _____ C:\Users\LuizFernando\Desktop\Q.U.B.E. x64.lnk
2015-06-29 18:13 - 2015-06-29 18:13 - 00000000 ____D C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2015-06-29 18:13 - 2015-06-29 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q.U.B.E
2015-06-29 17:49 - 2015-06-29 17:49 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Chromium
2015-06-28 18:27 - 2015-06-28 18:27 - 00000675 _____ C:\Users\LuizFernando\Desktop\CABAL2 (US).lnk
2015-06-28 18:27 - 2015-06-28 18:27 - 00000675 _____ C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\CABAL2 (US).lnk
2015-06-28 18:27 - 2015-06-28 18:27 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CABAL2 (US)
2015-06-28 17:08 - 2015-06-28 17:10 - 26008008 _____ C:\Users\LuizFernando\Downloads\cabal2en_setup.exe
2015-06-28 01:32 - 2015-06-28 01:32 - 06341479 _____ C:\Users\LuizFernando\Downloads\Bitcoin Aliens 1.1.1.apk
2015-06-27 23:25 - 2015-06-28 13:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-27 23:25 - 2015-06-27 23:25 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-27 23:25 - 2015-06-27 23:25 - 00002067 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-06-27 22:46 - 2015-06-27 22:46 - 00823582 _____ C:\Users\LuizFernando\Downloads\JoyToKey_en.zip
2015-06-27 20:13 - 2015-06-27 20:13 - 00000747 _____ C:\Users\LuizFernando\Desktop\TOUKIDEN Kiwami.lnk
2015-06-27 20:13 - 2015-06-27 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOUKIDEN Kiwami
2015-06-26 20:41 - 2015-06-26 20:42 - 00000102 _____ C:\Users\LuizFernando\Downloads\Pax_Sivir_UE8.txt
2015-06-26 18:20 - 2015-06-26 18:20 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitMinter
2015-06-26 18:20 - 2015-06-26 18:20 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Sun
2015-06-26 14:03 - 2015-06-27 19:53 - 00000000 ____D C:\Users\LuizFernando\Downloads\trkdnkwipc
2015-06-26 04:22 - 2015-06-26 04:22 - 00062559 _____ C:\Users\LuizFernando\Downloads\[kat.cr]toukiden.kiwami.codex.torrent
2015-06-25 23:39 - 2014-07-01 08:00 - 00908593 _____ C:\Users\LuizFernando\Desktop\Para's InstaLock.exe
2015-06-25 23:20 - 2015-06-25 23:33 - 162708926 _____ C:\Users\LuizFernando\Downloads\sharp-rift-v1-by-existor1.zip
2015-06-25 23:19 - 2015-06-25 23:35 - 00000000 ____D C:\Wooxy
2015-06-25 23:19 - 2015-06-25 23:19 - 00000570 _____ C:\Users\Public\Desktop\Wooxy.lnk
2015-06-25 23:19 - 2015-06-25 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wooxy
2015-06-25 23:18 - 2015-06-25 23:19 - 07766029 _____ C:\Users\LuizFernando\Downloads\WooxySetup.zip
2015-06-25 23:10 - 2015-06-25 23:10 - 02213067 _____ C:\Users\LuizFernando\Downloads\Scourge-of-War-Sion-1.rar
2015-06-25 18:38 - 2015-06-25 18:38 - 00001084 _____ C:\Users\LuizFernando\Desktop\MultiTool V2.lnk
2015-06-25 18:14 - 2015-06-25 18:38 - 00000000 ____D C:\Program Files (x86)\MultiTool V2
2015-06-25 16:23 - 2015-06-25 16:23 - 00541985 _____ C:\Users\LuizFernando\Downloads\4242.zip
2015-06-25 16:14 - 2015-06-25 16:30 - 01781964 _____ C:\Users\LuizFernando\Downloads\3159.zip
2015-06-25 16:12 - 2015-06-25 16:29 - 01704760 _____ C:\Users\LuizFernando\Downloads\40383.zip
2015-06-25 16:11 - 2015-06-25 16:25 - 04373969 _____ C:\Users\LuizFernando\Downloads\3007.zip
2015-06-25 16:10 - 2015-06-25 16:24 - 02356801 _____ C:\Users\LuizFernando\Downloads\23183.zip
2015-06-25 16:08 - 2015-06-25 16:22 - 00426017 _____ C:\Users\LuizFernando\Downloads\32603.zip
2015-06-25 16:06 - 2015-06-25 16:22 - 05072921 _____ C:\Users\LuizFernando\Downloads\11101.zip
2015-06-25 16:05 - 2015-06-25 16:05 - 02512110 _____ C:\Users\LuizFernando\Downloads\35953.zip
2015-06-25 15:58 - 2015-06-25 15:58 - 00000058 _____ C:\Windows\JQHApp.dat
2015-06-25 15:58 - 2015-06-25 15:58 - 00000000 ____D C:\Users\LuizFernando\Documents\MK-LOL
2015-06-25 15:58 - 2015-06-25 15:58 - 00000000 ____D C:\Users\LuizFernando\Documents\MKJogo
2015-06-25 15:57 - 2015-06-25 15:57 - 00001131 _____ C:\Users\LuizFernando\Desktop\MK LOL.lnk
2015-06-25 15:57 - 2015-06-25 15:57 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2015-06-25 15:57 - 2015-06-25 15:57 - 00000000 ____D C:\Program Files (x86)\MKJogo
2015-06-25 15:55 - 2015-06-25 15:56 - 19837128 _____ C:\Users\LuizFernando\Downloads\MKLOL2.0.0.45.exe
2015-06-25 15:54 - 2015-06-25 16:19 - 08356968 _____ C:\Users\LuizFernando\Downloads\5547.zip
2015-06-25 15:53 - 2015-06-25 16:19 - 08366705 _____ C:\Users\LuizFernando\Downloads\21543.zip
2015-06-25 14:11 - 2015-06-25 14:50 - 00413219 _____ C:\Users\LuizFernando\Downloads\60553.zip
2015-06-25 13:55 - 2015-06-25 14:50 - 00382330 _____ C:\Users\LuizFernando\Downloads\37523.zip
2015-06-25 13:28 - 2015-06-25 14:50 - 00466957 _____ C:\Users\LuizFernando\Downloads\24533.zip
2015-06-25 13:24 - 2015-06-25 14:50 - 00395393 _____ C:\Users\LuizFernando\Downloads\6290.zip
2015-06-25 13:22 - 2015-06-25 13:22 - 01288111 _____ C:\Users\LuizFernando\Downloads\1548.zip
2015-06-25 13:20 - 2015-06-25 15:23 - 01042145 _____ C:\Users\LuizFernando\Downloads\1989.zip
2015-06-25 13:19 - 2015-06-25 15:23 - 01346863 _____ C:\Users\LuizFernando\Downloads\25543.zip
2015-06-25 13:18 - 2015-06-25 15:23 - 00870896 _____ C:\Users\LuizFernando\Downloads\30843.zip
2015-06-25 13:16 - 2015-06-25 15:23 - 00741677 _____ C:\Users\LuizFernando\Downloads\3687.zip
2015-06-25 13:12 - 2015-06-25 15:23 - 00399543 _____ C:\Users\LuizFernando\Downloads\34063.zip
2015-06-25 03:46 - 2015-06-25 03:47 - 01673447 _____ C:\Users\LuizFernando\Downloads\5277.zip
2015-06-25 03:44 - 2015-06-25 03:44 - 00115334 _____ C:\Users\LuizFernando\Downloads\8581.zip
2015-06-25 03:41 - 2015-06-25 03:41 - 00934477 _____ C:\Users\LuizFernando\Downloads\19313.zip
2015-06-25 03:37 - 2015-06-25 03:41 - 01785392 _____ C:\Users\LuizFernando\Downloads\38133.zip
2015-06-25 03:32 - 2015-06-25 03:32 - 00006180 _____ C:\Users\LuizFernando\Downloads\trab-arq.7z
2015-06-25 03:17 - 2015-06-25 03:18 - 00600550 _____ C:\Users\LuizFernando\Downloads\1705.zip
2015-06-25 03:06 - 2015-06-25 03:07 - 07346222 _____ C:\Users\LuizFernando\Downloads\62563.zip
2015-06-25 02:58 - 2015-06-25 03:00 - 10928856 _____ C:\Users\LuizFernando\Downloads\7701.zip
2015-06-25 02:56 - 2015-06-25 03:00 - 02519066 _____ C:\Users\LuizFernando\Downloads\21123.zip
2015-06-25 02:39 - 2015-06-25 02:39 - 00910700 _____ C:\Users\LuizFernando\Downloads\Project-kata.zip
2015-06-25 02:35 - 2015-06-25 02:35 - 01168369 _____ C:\Users\LuizFernando\Downloads\Kaneki-ken.zip
2015-06-25 02:30 - 2015-06-25 02:30 - 01651916 _____ C:\Users\LuizFernando\Downloads\Madoka(1).zip
2015-06-25 02:29 - 2015-06-25 02:30 - 00502713 _____ C:\Users\LuizFernando\Downloads\Sinon-Cai-v3.0.3.zip
2015-06-25 02:11 - 2015-06-25 02:11 - 07504632 _____ C:\Users\LuizFernando\Downloads\Water-VelKoz.rar
2015-06-25 01:38 - 2015-06-25 01:38 - 03629596 _____ C:\Users\LuizFernando\Downloads\Akatsuki-zed.zip
2015-06-25 01:37 - 2015-06-25 23:47 - 00000000 ____D C:\Users\LuizFernando\Desktop\Nova pasta
2015-06-24 16:40 - 2015-06-24 16:40 - 00006933 _____ C:\Users\LuizFernando\Downloads\Trabalho SISOP1.7z
2015-06-23 23:36 - 2015-06-23 23:36 - 00000000 ____D C:\Users\LuizFernando\VirtualBox VMs
2015-06-23 22:55 - 2015-06-23 23:33 - 1150844928 _____ C:\Users\LuizFernando\Downloads\ubuntu-15.04-desktop-amd64.iso
2015-06-23 22:53 - 2015-06-24 16:41 - 00000000 ____D C:\Users\LuizFernando\.VirtualBox
2015-06-23 22:53 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-06-23 22:53 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-06-23 19:47 - 2015-06-23 19:47 - 00003773 _____ C:\Users\LuizFernando\Downloads\Trabalho-SISOP1.7z
2015-06-23 15:14 - 2015-06-23 21:20 - 00000000 ____D C:\Users\LuizFernando\Documents\fork
2015-06-23 13:34 - 2015-06-23 14:08 - 00000000 ____D C:\Users\LuizFernando\Downloads\DMWREENG FINAL
2015-06-23 13:27 - 2015-06-23 13:27 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Game
2015-06-23 13:18 - 2015-06-23 13:18 - 14466492 _____ C:\Users\LuizFernando\Downloads\ppsspp_win.zip
2015-06-22 15:50 - 2015-06-22 15:51 - 21591914 _____ C:\Users\LuizFernando\Downloads\Saint Seiya 1.100.rar
2015-06-22 04:22 - 2015-06-22 15:19 - 00000697 _____ C:\Users\LuizFernando\Desktop\Saint Seiya Online.lnk
2015-06-22 03:21 - 2015-06-22 22:56 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\GT
2015-06-22 02:07 - 2015-06-22 02:07 - 00000000 ____D C:\Arc
2015-06-21 19:42 - 2015-06-21 19:42 - 00000000 ____D C:\Users\Todos os Usuários\Thunder Network
2015-06-21 19:42 - 2015-06-21 19:42 - 00000000 ____D C:\Users\Public\Thunder Network
2015-06-21 19:42 - 2015-06-21 19:42 - 00000000 ____D C:\ProgramData\Thunder Network
2015-06-21 19:37 - 2015-06-21 19:38 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\ArcAsia
2015-06-21 19:35 - 2015-06-21 19:37 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arc
2015-06-21 18:21 - 2015-06-21 18:21 - 00000000 ____D C:\Users\LuizFernando\Downloads\Nuance Dragon NaturallySpeaking v12.0 Premium ISO-TBE
2015-06-21 15:27 - 2015-06-21 15:28 - 00000000 ____D C:\Users\LuizFernando\Downloads\Final Fantasy XIII Duology-CorePack
2015-06-20 14:59 - 2015-06-20 14:59 - 00001819 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-06-20 14:58 - 2015-07-02 15:24 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2015-06-20 14:58 - 2015-07-02 15:24 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-06-20 14:58 - 2015-06-20 15:09 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Bluestacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\ProgramData\BlueStacks
2015-06-20 12:26 - 2015-06-28 17:45 - 819903744 _____ C:\Users\LuizFernando\Downloads\ProTeXt-3.1.5-033015.exe.part
2015-06-19 22:20 - 2015-06-19 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2015-06-19 22:20 - 2015-06-19 22:20 - 00000000 ____D C:\Program Files (x86)\BurnAware Free
2015-06-17 16:09 - 2015-06-17 16:09 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-06-17 16:08 - 2015-06-17 16:08 - 00000000 ____D C:\Users\LuizFernando\Documents\3DMark 11
2015-06-17 16:08 - 2015-06-17 16:08 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Futuremark
2015-06-17 15:59 - 2015-06-17 15:59 - 00001251 _____ C:\Users\Public\Desktop\3DMark 11.lnk
2015-06-17 15:59 - 2015-06-17 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-06-17 15:59 - 2015-06-17 15:59 - 00000000 ____D C:\Program Files\Futuremark
2015-06-17 12:28 - 2015-06-17 12:28 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\uplay
2015-06-17 12:22 - 2015-06-17 12:22 - 00001117 _____ C:\Users\LuizFernando\Desktop\Assassins Creed Chronicles China.lnk
2015-06-17 12:22 - 2015-06-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed Chronicles China
2015-06-17 01:17 - 2015-06-17 12:56 - 00000000 ____D C:\Users\LuizFernando\Downloads\HPDH
2015-06-17 00:29 - 2015-06-17 00:29 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Electronic Arts
2015-06-17 00:24 - 2015-06-17 00:24 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-06-16 02:43 - 2015-06-17 12:14 - 00000000 ____D C:\Users\LuizFernando\Downloads\Harry Potter And The Deathly Hallows Part 1-Razor1911
2015-06-16 02:40 - 2015-06-21 18:19 - 00000000 ____D C:\Users\LuizFernando\Downloads\asncrdchrchna
2015-06-14 01:34 - 2015-06-14 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AAA Logo
2015-06-14 01:34 - 2015-06-14 01:34 - 00000000 ____D C:\Program Files (x86)\AAALOGO
2015-06-13 21:22 - 2015-06-13 21:22 - 00002294 _____ C:\Users\LuizFernando\Desktop\Popcorn Time.lnk
2015-06-13 21:22 - 2015-06-13 21:22 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-06-13 21:22 - 2015-06-13 21:22 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Popcorn Time
2015-06-13 20:35 - 2015-06-13 20:35 - 00020613 _____ C:\Users\LuizFernando\Downloads\[kat.cr]kingsman.the.secret.service.2014.1080p.brrip.x264.yify.torrent
2015-06-13 19:35 - 2015-06-13 19:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Spiritsoft
2015-06-13 15:19 - 2015-06-13 15:19 - 00000000 ____D C:\Users\Todos os Usuários\2DBoy
2015-06-13 15:19 - 2015-06-13 15:19 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\2DBoy
2015-06-13 15:19 - 2015-06-13 15:19 - 00000000 ____D C:\ProgramData\2DBoy
2015-06-12 14:56 - 2015-06-12 14:56 - 00000011 _____ C:\Users\LuizFernando\Documents\l.txt
2015-06-10 15:10 - 2015-06-10 15:10 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Mortal Kombat X
2015-06-10 01:26 - 2015-06-10 01:47 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\GSA Search Engine Ranker
2015-06-10 01:26 - 2015-06-10 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSA Search Engine Ranker
2015-06-10 01:26 - 2015-06-10 01:26 - 00000000 ____D C:\Program Files (x86)\GSA Search Engine Ranker
2015-06-10 01:09 - 2015-06-10 01:14 - 13541565 _____ C:\Users\LuizFernando\Documents\Untitled.wmv
2015-06-10 01:07 - 2015-06-10 01:08 - 00027528 _____ C:\Users\LuizFernando\Downloads\magisto-movie.mp4.sfk
2015-06-09 15:09 - 2015-06-09 15:09 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\zztiDOTcom
2015-06-09 15:09 - 2015-06-09 15:09 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\zztiDOTcom
2015-06-09 01:32 - 2015-06-09 01:32 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Ofi Labs
2015-06-09 01:28 - 2015-06-09 01:28 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Traffic Travis v4
2015-06-09 01:28 - 2015-06-09 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Traffic Travis v4
2015-06-09 01:27 - 2015-06-09 01:27 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Affilorama
2015-06-09 01:26 - 2015-06-09 01:26 - 15525536 _____ (Affilorama Ltd. ) C:\Users\LuizFernando\Downloads\traffic_travis_v4.exe
2015-06-08 18:08 - 2015-06-08 18:08 - 00282082 _____ C:\Users\LuizFernando\Downloads\blog-06-08-2015.xml
2015-06-08 17:26 - 2015-06-08 18:00 - 00000025 _____ C:\Users\LuizFernando\Documents\w2r.txt
2015-06-08 17:15 - 2015-06-08 18:01 - 00000000 __SHD C:\Users\LuizFernando\wc
2015-06-08 17:14 - 2015-06-08 17:14 - 00000000 __SHD C:\Users\LuizFernando\AppData\Roaming\wyUpdate AU
2015-06-08 15:16 - 2015-06-08 15:16 - 00058610 _____ C:\Windows\SysWOW64\CCCInstall_201506081516142036.log
2015-06-08 15:13 - 2015-06-08 15:14 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-06-07 16:53 - 2015-04-26 12:10 - 00000000 ____D C:\Users\LuizFernando\Desktop\tablepress
2015-06-07 02:02 - 2015-06-07 02:02 - 00000000 ____D C:\Users\LuizFernando\.spamassassin
2015-06-07 02:02 - 2015-06-07 02:02 - 00000000 ____D C:\Users\LuizFernando\.razor
2015-06-07 01:37 - 2015-06-07 02:08 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\SendBlaster3
2015-06-07 01:37 - 2015-06-07 01:37 - 00000000 ____D C:\Users\LuizFernando\Documents\SendBlaster3
2015-06-07 01:32 - 2015-06-07 01:33 - 00000000 ____D C:\Users\LuizFernando\Documents\Facebook Sniper
2015-06-07 01:31 - 2015-06-07 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FB Scraper
2015-06-06 20:55 - 2015-06-06 22:31 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Notepad++
2015-06-06 20:55 - 2015-06-06 20:55 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-06-06 20:55 - 2015-06-06 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-06-06 20:55 - 2015-06-06 20:55 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-06-06 19:31 - 2015-06-06 19:31 - 06944290 _____ C:\Users\LuizFernando\Downloads\npp.6.7.8.2.Installer.exe
2015-06-06 03:08 - 2015-06-08 17:14 - 00000000 ____D C:\Users\LuizFernando\Documents\iMacros
2015-06-06 01:39 - 2015-06-06 02:30 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\UBot Studio 5
2015-06-06 01:30 - 2015-06-06 01:38 - 00000000 ____D C:\Users\LuizFernando\Downloads\UBot Studio Developer Edition 5.0.5 + Activated
2015-06-06 00:33 - 2015-06-08 16:33 - 00000000 ____D C:\Users\LuizFernando\Desktop\tt
2015-06-06 00:26 - 2015-06-06 02:28 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\UBot Studio
2015-06-06 00:18 - 2015-06-06 00:18 - 00003071 _____ C:\Users\LuizFernando\Desktop\HitLeap Viewer.lnk
2015-06-06 00:18 - 2015-06-06 00:18 - 00002987 _____ C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HitLeap Viewer.lnk
2015-06-06 00:18 - 2015-06-06 00:18 - 00000000 ____D C:\Program Files (x86)\HitLeap
2015-06-06 00:13 - 2015-06-06 00:17 - 27660288 _____ C:\Users\LuizFernando\Downloads\HitLeap Viewer.msi
2015-06-05 22:17 - 2015-06-07 23:28 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2015-06-05 22:17 - 2015-06-05 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2015-06-05 22:17 - 2015-06-05 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2015-06-05 22:17 - 2015-06-05 22:17 - 00000000 ____D C:\Program Files (x86)\NCWest
2015-06-05 22:15 - 2015-06-05 22:15 - 05003264 _____ (NC Interactive, LLC) C:\Users\LuizFernando\Downloads\AionInstaller.exe
2015-06-05 14:40 - 2015-06-05 14:40 - 00000000 ____D C:\Users\Todos os Usuários\RELOADED
2015-06-05 14:40 - 2015-06-05 14:40 - 00000000 ____D C:\ProgramData\RELOADED
2015-06-05 14:15 - 2015-06-05 14:15 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\FalloutNV
2015-06-05 14:15 - 2015-06-05 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas Ultimate Edition
2015-06-04 00:44 - 2015-06-04 00:49 - 00000000 ____D C:\Users\LuizFernando\Documents\Project CARS
2015-06-04 00:44 - 2015-06-04 00:44 - 00000000 ____D C:\Users\LuizFernando\Documents\wmd_symbol_cache
2015-06-04 00:36 - 2015-06-04 00:37 - 00000000 ____D C:\Users\LuizFernando\Documents\LevelUp Data
2015-06-04 00:35 - 2015-07-02 22:43 - 00000000 ____D C:\temp
2015-06-04 00:35 - 2015-06-04 00:35 - 00000000 ____D C:\Users\Todos os Usuários\levelup downloader
2015-06-04 00:35 - 2015-06-04 00:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
2015-06-04 00:35 - 2015-06-04 00:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\IsolatedStorage
2015-06-04 00:35 - 2015-06-04 00:35 - 00000000 ____D C:\ProgramData\levelup downloader
2015-06-04 00:34 - 2015-06-04 00:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Deployment
2015-06-04 00:34 - 2015-06-04 00:34 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Apps\2.0
2015-06-04 00:31 - 2015-06-04 00:31 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Project CARS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-04 00:40 - 2015-01-30 19:42 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Skype
2015-07-04 00:34 - 2015-01-24 19:02 - 00737280 ___SH C:\Users\LuizFernando\Downloads\Thumbs.db
2015-07-04 00:34 - 2015-01-24 17:19 - 01302180 _____ C:\Windows\WindowsUpdate.log
2015-07-04 00:32 - 2015-02-27 10:15 - 00005016 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for BAKKA-LuizFernando Bakka
2015-07-04 00:30 - 2015-01-24 19:55 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-04 00:29 - 2015-02-01 18:29 - 00000414 _____ C:\Windows\Tasks\update-sys.job
2015-07-04 00:19 - 2015-01-24 17:19 - 00000000 ____D C:\Users\LuizFernando
2015-07-04 00:16 - 2015-01-30 19:01 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 00:16 - 2015-01-24 17:30 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2477625714-4157688874-1142588302-1002
2015-07-04 00:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-04 00:09 - 2015-01-24 17:30 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D8A2130-E15C-4BFA-888D-D6FDB6D291CD}
2015-07-04 00:04 - 2015-02-10 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-04 00:04 - 2014-09-16 23:06 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2015-07-04 00:04 - 2014-09-16 23:06 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2015-07-04 00:04 - 2014-03-18 07:02 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 00:03 - 2015-03-29 22:17 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-04 00:01 - 2015-04-18 15:20 - 00003080 _____ C:\Windows\System32\Tasks\catalyst
2015-07-04 00:01 - 2015-01-30 19:01 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-04 00:01 - 2015-01-24 17:34 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (LuizFernando)
2015-07-04 00:01 - 2015-01-24 17:29 - 00000000 __RDO C:\Users\LuizFernando\OneDrive
2015-07-03 23:59 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-03 17:02 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-03 16:08 - 2015-02-01 18:31 - 00000000 ____D C:\Users\LuizFernando\Documents\Lightshot
2015-07-03 15:08 - 2015-02-01 18:29 - 00000414 _____ C:\Windows\Tasks\update-S-1-5-21-2477625714-4157688874-1142588302-1002.job
2015-07-03 11:02 - 2015-02-05 23:42 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-02 22:33 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\Offline Web Pages
2015-07-02 22:33 - 2013-08-22 10:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-02 22:15 - 2015-01-24 18:35 - 00000000 ____D C:\KMPlayer
2015-07-02 22:10 - 2015-02-05 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-02 22:10 - 2015-02-05 23:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-02 21:23 - 2015-01-30 16:19 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\BitTorrent
2015-07-02 15:56 - 2015-05-27 13:27 - 00155136 ___SH C:\Users\LuizFernando\Desktop\Thumbs.db
2015-07-02 15:52 - 2015-05-21 10:50 - 00000000 ____D C:\Users\LuizFernando\Documents\The Witcher 3
2015-07-02 15:52 - 2015-04-05 18:17 - 00000000 ____D C:\Users\LuizFernando\Documents\Heroes of the Storm
2015-07-02 15:49 - 2015-01-24 17:50 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Raptr
2015-07-02 15:48 - 2015-01-24 17:50 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-02 15:46 - 2015-01-24 17:49 - 00000000 ____D C:\Users\Todos os Usuários\AMD
2015-07-02 15:46 - 2015-01-24 17:49 - 00000000 ____D C:\ProgramData\AMD
2015-07-02 15:44 - 2015-01-24 17:49 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-02 15:25 - 2015-02-27 16:36 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\PhotoScape
2015-07-02 15:24 - 2015-05-25 14:53 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Free Download Manager
2015-07-02 15:24 - 2015-02-08 17:10 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\TS3Client
2015-07-02 15:24 - 2014-09-13 09:40 - 00000000 ____D C:\Windows\Panther
2015-07-01 13:32 - 2015-02-14 01:08 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Unity
2015-06-30 15:30 - 2015-04-24 16:53 - 00000000 ____D C:\Users\Todos os Usuários\Unity
2015-06-30 15:30 - 2015-04-24 16:53 - 00000000 ____D C:\ProgramData\Unity
2015-06-30 15:14 - 2015-04-24 16:02 - 00000000 ____D C:\Program Files\Unity
2015-06-30 14:24 - 2015-04-24 16:58 - 00000000 ____D C:\Users\LuizFernando\Documents\New Unity Project
2015-06-30 14:14 - 2015-04-13 12:26 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\PokerStars
2015-06-29 20:18 - 2015-04-13 12:25 - 00000000 ____D C:\Program Files (x86)\PokerStars
2015-06-29 18:30 - 2015-03-31 21:20 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\SKIDROW
2015-06-29 18:13 - 2015-01-30 21:30 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-28 03:14 - 2015-02-09 21:54 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Popcorn-Time
2015-06-28 01:20 - 2015-01-24 17:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Packages
2015-06-28 01:04 - 2015-02-02 18:11 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\JDownloader v2.0
2015-06-28 01:03 - 2015-01-24 17:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Adobe
2015-06-27 23:37 - 2015-02-11 22:21 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2015-06-27 23:37 - 2015-02-11 22:21 - 00000000 ____D C:\ProgramData\Adobe
2015-06-27 23:36 - 2015-01-24 19:52 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Adobe
2015-06-27 23:25 - 2015-02-11 22:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-27 20:24 - 2015-03-17 11:43 - 00000000 ____D C:\Users\LuizFernando\Documents\KoeiTecmo
2015-06-26 17:24 - 2015-05-13 12:49 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\CodeBlocks
2015-06-25 16:28 - 2015-01-24 20:22 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\WinRAR
2015-06-25 00:18 - 2015-04-23 22:51 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-23 19:30 - 2015-01-24 19:55 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-23 13:26 - 2015-01-24 17:48 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2015-06-23 13:26 - 2015-01-24 17:48 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-22 22:59 - 2015-04-14 22:59 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-06-21 02:53 - 2015-04-05 17:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Battle.net
2015-06-20 14:59 - 2013-08-22 12:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-18 08:42 - 2015-02-05 23:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-02-05 23:42 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-02-05 23:42 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-17 12:14 - 2015-05-21 00:29 - 00000000 ____D C:\Users\LuizFernando\Downloads\wt3
2015-06-14 11:25 - 2015-04-23 00:06 - 00000080 _____ C:\Users\LuizFernando\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-14 10:26 - 2015-04-18 15:20 - 00000000 ____D C:\Users\Todos os Usuários\sunsoft
2015-06-14 10:26 - 2015-04-18 15:20 - 00000000 ____D C:\ProgramData\sunsoft
2015-06-13 15:04 - 2015-05-02 00:14 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-06-13 15:04 - 2015-05-02 00:14 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-06-13 15:04 - 2015-05-02 00:14 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-06-13 15:04 - 2015-05-02 00:14 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-06-12 00:03 - 2015-04-23 00:06 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-12 00:03 - 2015-04-23 00:06 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-10 15:10 - 2015-03-26 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-10 01:10 - 2015-04-06 03:12 - 00010240 ___SH C:\Users\LuizFernando\Documents\Thumbs.db
2015-06-08 15:11 - 2015-01-24 17:47 - 00000000 ____D C:\AMD
2015-06-07 23:31 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-06-07 01:37 - 2015-01-24 17:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\VirtualStore
2015-06-06 00:36 - 2015-05-24 18:18 - 00000048 _____ C:\Users\LuizFernando\Desktop\runescape.txt
2015-06-05 22:17 - 2015-01-31 11:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-05 19:28 - 2015-01-30 19:42 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-06-05 19:28 - 2015-01-30 19:42 - 00000000 ____D C:\ProgramData\Skype
2015-06-05 14:40 - 2015-05-24 10:47 - 00000000 ____D C:\Program Files\OblyTile
2015-06-05 14:40 - 2015-01-24 21:57 - 00000000 ____D C:\Users\LuizFernando\Documents\my games
2015-06-05 01:59 - 2015-02-21 23:06 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Curse Client

==================== Files in the root of some directories =======

2015-02-22 17:54 - 2015-04-02 23:44 - 1078572 _____ () C:\Users\LuizFernando\AppData\Local\package.nw.new
2015-02-10 12:31 - 2015-02-10 12:31 - 0007601 _____ () C:\Users\LuizFernando\AppData\Local\Resmon.ResmonCfg
2015-02-01 18:29 - 2015-02-01 18:29 - 0000003 _____ () C:\Users\LuizFernando\AppData\Local\updater.log
2015-02-01 18:29 - 2015-04-22 03:32 - 0000424 _____ () C:\Users\LuizFernando\AppData\Local\UserProducts.xml
2015-01-24 18:31 - 2015-01-24 18:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\LuizFernando\1.dat
C:\Users\LuizFernando\AppData\Roaming\Origin\update.vbe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-28 13:31

==================== End of log ============================



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,743 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 08 July 2015 - 11:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/581767 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 kurocygnus

kurocygnus
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 09 July 2015 - 11:47 AM

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by LuizFernando (administrator) on BAKKA on 09-07-2015 13:38:54
Running from C:\Users\LuizFernando\Desktop
Loaded Profiles: LuizFernando (Available Profiles: LuizFernando & Elida)
Platform: Windows 8.1 Pro (X64) OS Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Navigation Co., Ltd.) C:\Users\LuizFernando\AppData\Roaming\psvc\psvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\ETGMSrv.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
() C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\SZMON.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Windows\Temp\svchost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Windows\Temp\lsass.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-01-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WARRIORgmmouseRun] => C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\SZMON.exe [3307520 2014-07-23] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-14] (Raptr, Inc)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-06-05] (NCSOFT Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888440 2015-06-16] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-05-26] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5669480 2015-05-14] (FreeDownloadManager.ORG)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [Akamai NetSession Interface] => C:\Users\LuizFernando\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-06-25] ()
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Run: [MyComGames] => C:\Users\LuizFernando\AppData\Local\MyComGames\MyComGames.exe [4067272 2015-07-05] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-25] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-24] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-24] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E4C6BB5B-280D-47BF-A002-00C7124EBBD8}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default
FF SelectedSearchEngine: webssearches
FF NetworkProxy: "backup.ftp", "199.168.148.131"
FF NetworkProxy: "backup.ftp_port", 10034
FF NetworkProxy: "backup.socks", "199.168.148.131"
FF NetworkProxy: "backup.socks_port", 10034
FF NetworkProxy: "backup.ssl", "199.168.148.131"
FF NetworkProxy: "backup.ssl_port", 10034
FF NetworkProxy: "ftp", "174.46.79.26"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "174.46.79.26"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "174.46.79.26"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "174.46.79.26"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-23] ()
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-25] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-03-29] (Nexon)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @wanmei.com/npArcPlayNowPlugin -> E:\Jogos\Arc\Plugins\npArcPluginFF.dll [2015-06-08] (????)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2477625714-4157688874-1142588302-1002: @Legend Of Glory -> C:\Program Files (x86)\Legend Of Glory\plugin\npLegendOfGlory1.dll No File
FF Plugin HKU\S-1-5-21-2477625714-4157688874-1142588302-1002: @my.com/Games -> C:\Users\LuizFernando\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-04] (My.com, Inc)
FF Plugin HKU\S-1-5-21-2477625714-4157688874-1142588302-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\LuizFernando\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\user.js [2015-02-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-01-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-01-09]
FF Extension: iMacros for Firefox - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-06-06]
FF Extension: MEGA - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\firefox@mega.co.nz.xpi [2015-04-28]
FF Extension: SwagButton - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\shopearn@prodege.com.xpi [2015-06-15]
FF Extension: Greasemonkey - C:\Users\LuizFernando\AppData\Roaming\Mozilla\Firefox\Profiles\5ja8en9m.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-24]
FF HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-05-25]

Chrome:
=======
CHR Profile: C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (Eredan iTCG) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakdeclmfcolipiknbfealnjddfibfo [2015-01-30]
CHR Extension: (YouTube) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Steam Market Filter) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\emdpoeanmcbopmmdomongbohbmiolmom [2015-01-30]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (EditThisCookie) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-01-30]
CHR Extension: (Planner 5D) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfkgdpkecnmfcgfpfibpcnkeakahllc [2015-01-30]
CHR Extension: (Bookmark Manager) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-03-11]
CHR Extension: (Desprotetor de Links) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2015-01-30]
CHR Extension: (Cookies) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (Steam Trader Helper) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhoahihokddepjlegpenefeaahdkojog [2015-04-18]
CHR Extension: (Remove cookies for site.) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmfdblomdpkcniknaenceeogpgepocmm [2015-01-30]
CHR Extension: (Pocket Legends) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdbcnfpodnaefldpdohoibdajcfabp [2015-01-30]
CHR Extension: (Baixou Agora) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjpmeddmamejnmmppjlfglfhcjbbai [2015-02-02]
CHR Extension: (Ninja Warriors) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlimilkklpdgmbecigaeccabgpjoceno [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\LuizFernando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-05-26] (Advanced Micro Devices, Inc.) [File not signed]
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S3 ArcAsiaService; E:\Jogos\Arc\ArcService.exe [79888 2015-06-08] ()
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-04-16] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-04-16] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-04-16] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2015-04-16] (ASUSTeK Computer Inc.) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ETGMGlcsSrv; C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\ETGMSrv.exe [1181544 2012-04-24] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-06] (Electronic Arts)
R2 PSed; C:\Users\LuizFernando\AppData\Roaming\psvc\psvc.exe [707624 2015-04-10] (Navigation Co., Ltd.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-05-28] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-06-05] (Razer Inc.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-14] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S3 h647906; C:\Windows\System32\drivers\h647906.sys [63856 2008-08-08] (Your Corporation)
S3 h648101; C:\Windows\System32\drivers\h648101.sys [65776 2008-08-08] (Your Corporation)
S3 h648103; C:\Windows\System32\drivers\h648103.sys [62960 2008-08-08] (Your Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41272 2008-08-08] (Your Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [43192 2008-08-08] (Your Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [40856 2008-08-08] (Your Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-24] (REALiX™)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2961112 2015-01-24] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 usbglcs1100302; C:\Windows\system32\drivers\usbglcs1100302.sys [25600 2014-06-11] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 14:08 - 2015-05-07 14:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-08 14:08 - 2015-05-07 14:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-08 14:08 - 2015-05-07 13:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-08 14:08 - 2015-05-07 13:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-08 14:08 - 2015-05-07 12:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-08 14:08 - 2015-05-07 12:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-08 14:08 - 2015-05-02 21:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-08 14:08 - 2015-04-29 20:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-08 14:07 - 2015-06-29 19:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-08 14:07 - 2015-06-29 12:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-08 14:07 - 2015-06-29 12:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-08 14:07 - 2015-06-29 12:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-08 14:07 - 2015-06-29 12:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-08 14:07 - 2015-06-29 12:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-08 14:07 - 2015-06-27 08:52 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-08 14:07 - 2015-06-27 01:15 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-08 14:07 - 2015-06-27 00:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-08 14:07 - 2015-06-27 00:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-08 14:07 - 2015-06-26 23:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-08 14:07 - 2015-06-26 22:45 - 03702272 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-08 14:07 - 2015-06-26 22:35 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-08 14:07 - 2015-06-26 22:35 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-08 14:07 - 2015-06-26 22:32 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-08 14:07 - 2015-06-26 22:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-08 14:07 - 2015-06-26 22:30 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-08 14:07 - 2015-06-26 22:29 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-08 14:07 - 2015-06-26 22:12 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-08 14:07 - 2015-06-26 22:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-08 14:07 - 2015-06-26 22:10 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-08 14:07 - 2015-06-26 22:10 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-08 14:07 - 2015-06-26 20:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-08 14:07 - 2015-06-26 20:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-08 14:07 - 2015-05-21 10:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-08 14:07 - 2015-05-03 12:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-08 14:07 - 2015-05-03 11:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-08 14:07 - 2015-05-03 11:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-08 14:07 - 2015-05-03 11:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-08 14:07 - 2015-04-30 22:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-08 14:07 - 2015-04-30 22:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-08 14:07 - 2015-04-30 22:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-08 14:07 - 2015-04-24 23:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-08 14:07 - 2015-04-24 23:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-08 14:07 - 2015-04-24 23:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-08 14:06 - 2015-05-27 11:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-08 14:06 - 2015-05-27 11:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-08 14:06 - 2015-05-23 00:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-08 14:06 - 2015-05-23 00:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-08 14:06 - 2015-05-23 00:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-08 14:06 - 2015-05-23 00:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-08 14:06 - 2015-05-23 00:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-08 14:06 - 2015-05-22 23:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-08 14:06 - 2015-05-22 23:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-08 14:06 - 2015-05-22 23:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-08 14:06 - 2015-05-22 23:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-08 14:06 - 2015-05-22 23:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-08 14:06 - 2015-05-22 23:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-08 14:06 - 2015-05-22 23:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-08 14:06 - 2015-05-22 23:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-08 14:06 - 2015-05-22 23:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-08 14:06 - 2015-05-22 23:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-08 14:06 - 2015-05-22 23:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-08 14:06 - 2015-05-22 23:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-08 14:06 - 2015-05-22 23:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-08 14:06 - 2015-05-22 16:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-08 14:06 - 2015-05-22 16:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-08 14:06 - 2015-05-22 16:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-08 14:06 - 2015-05-22 15:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-08 14:06 - 2015-05-22 15:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-08 14:06 - 2015-05-22 15:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-08 14:06 - 2015-05-22 15:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-08 14:06 - 2015-05-22 15:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-08 14:06 - 2015-05-22 15:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-08 14:06 - 2015-05-22 15:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-08 14:06 - 2015-05-22 15:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-08 14:06 - 2015-05-22 15:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-08 14:06 - 2015-05-22 15:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-08 14:06 - 2015-05-22 15:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-08 14:06 - 2015-05-22 15:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-08 14:06 - 2015-05-22 14:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-08 14:06 - 2015-05-22 14:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-08 14:06 - 2015-05-22 14:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-08 14:06 - 2015-05-22 14:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-08 14:06 - 2015-05-22 14:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-08 14:06 - 2015-05-11 21:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-08 14:06 - 2015-05-11 13:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-08 14:05 - 2015-05-21 13:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-08 14:05 - 2015-05-12 10:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-08 14:05 - 2015-05-07 13:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-08 14:05 - 2015-05-01 20:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-08 14:05 - 2015-04-28 10:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-08 14:05 - 2015-04-28 10:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-08 14:05 - 2015-04-23 12:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-08 14:05 - 2015-04-23 12:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-08 14:04 - 2015-05-03 12:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-08 14:04 - 2015-05-03 11:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-08 00:14 - 2015-07-08 00:14 - 00020173 _____ C:\Users\LuizFernando\Downloads\[kat.cr]rurouni.kenshin.the.legend.ends.2014.720p.bluray.x264.japanese.aac.ozlem.torrent
2015-07-08 00:09 - 2015-07-08 00:09 - 00058384 _____ C:\Users\LuizFernando\Desktop\Rurouni.Kenshin-The.Legend.Ends.2014.720p.JAP.BDRip.x264.AC3-ADiOS.srt
2015-07-08 00:09 - 2015-07-08 00:09 - 00023064 _____ C:\Users\LuizFernando\Downloads\ruroni.kenshin.densetsu.no.saigohen.(2014).pob.1cd.(6016164).zip
2015-07-07 23:19 - 2015-07-07 23:19 - 00012160 _____ C:\Users\LuizFernando\Downloads\[kat.cr]rurouni.kenshin.the.legend.ends.2014.720p.jap.bdrip.x264.ac3.adios.torrent
2015-07-06 20:55 - 2015-07-06 20:55 - 00000031 _____ C:\Users\LuizFernando\Downloads\pwd.txt
2015-07-06 02:24 - 2015-07-06 02:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-07-06 02:24 - 2015-07-06 02:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Popcorn Time
2015-07-06 02:22 - 2015-07-06 02:23 - 29105397 _____ (Popcorn Official) C:\Users\LuizFernando\Downloads\Popcorn-Time-0.3.7-2-45403a592-Win-Setup.exe
2015-07-06 02:21 - 2015-07-09 03:02 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Popcorn-Time
2015-07-06 02:19 - 2015-07-06 02:20 - 23315064 _____ (Popcorn Official) C:\Users\LuizFernando\Downloads\Popcorn-Time-0.3.7.2-Setup.exe
2015-07-05 15:23 - 2015-07-05 15:28 - 00000132 _____ C:\Users\LuizFernando\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-07-05 15:08 - 2015-07-05 15:08 - 00001272 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2015-07-05 14:22 - 2015-07-05 14:22 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\CEF
2015-07-04 09:14 - 2015-07-04 09:14 - 00000122 _____ C:\Users\LuizFernando\Desktop\Skyforge My.com.url
2015-07-04 09:14 - 2015-07-04 09:14 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2015-07-04 03:02 - 2015-07-07 14:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\MyComGames
2015-07-04 03:02 - 2015-07-04 03:02 - 04552688 _____ C:\Users\LuizFernando\Downloads\SkyforgeBetaLoader_en.exe
2015-07-04 03:02 - 2015-07-04 03:02 - 00002082 _____ C:\Users\LuizFernando\Desktop\My.com Games.lnk
2015-07-04 03:02 - 2015-07-04 03:02 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2015-07-04 01:08 - 2015-07-04 01:08 - 00003244 _____ C:\Users\LuizFernando\Downloads\fixlist.txt
2015-07-04 00:53 - 2015-07-09 13:38 - 00024867 _____ C:\Users\LuizFernando\Desktop\FRST.txt
2015-07-04 00:53 - 2015-07-09 13:38 - 00000000 ____D C:\FRST
2015-07-04 00:48 - 2015-07-04 00:49 - 00000000 ____D C:\AdwCleaner
2015-07-04 00:47 - 2015-07-04 00:48 - 02244096 _____ C:\Users\LuizFernando\Downloads\AdwCleaner.exe
2015-07-04 00:47 - 2015-07-04 00:47 - 02112512 _____ (Farbar) C:\Users\LuizFernando\Desktop\FRST64.exe
2015-07-04 00:20 - 2015-07-04 00:20 - 00000000 _____ C:\autoexec.bat
2015-07-04 00:14 - 2015-07-04 00:14 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\LuizFernando\Downloads\SpyHunter-Installer.exe
2015-07-04 00:11 - 2015-07-04 00:11 - 00000042 _____ C:\Windows\SysWOW64\AK083E209605E394C.lie
2015-07-04 00:02 - 2015-07-08 16:16 - 00003088 _____ C:\Windows\System32\Tasks\sunsoft
2015-07-03 12:18 - 2015-07-05 15:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-07-03 12:18 - 2015-07-04 13:54 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2015-07-03 12:18 - 2015-07-04 13:54 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-03 12:14 - 2015-07-03 12:15 - 16409960 _____ (Safer Networking Limited ) C:\Users\LuizFernando\Downloads\spybotsd162.exe
2015-07-03 12:08 - 2015-07-03 12:08 - 00090948 _____ C:\Users\LuizFernando\Desktop\sfcdetails.txt
2015-07-03 11:38 - 2015-07-04 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 22:33 - 2015-07-05 22:31 - 00005524 _____ C:\Windows\PFRO.log
2015-07-02 22:05 - 2015-07-02 22:10 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-02 17:01 - 2015-07-02 17:01 - 00711247 _____ C:\Users\LuizFernando\Downloads\Branca-de-Neve-tem-que-morrer-Nele-Neuhaus.epub
2015-07-02 15:56 - 2015-07-02 15:56 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2015-07-02 15:56 - 2015-07-02 15:56 - 00000000 ____D C:\ProgramData\ATI
2015-07-02 15:46 - 2015-07-02 15:46 - 00064052 _____ C:\Windows\SysWOW64\CCCInstall_201507021546287681.log
2015-07-02 15:46 - 2015-07-02 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-02 15:46 - 2015-07-02 15:46 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-07-02 15:43 - 2015-07-08 21:52 - 00006300 _____ C:\Windows\setupact.log
2015-07-02 15:43 - 2015-07-02 15:46 - 00000000 ____D C:\Program Files\AMD
2015-07-02 15:43 - 2015-07-02 15:43 - 00000000 _____ C:\Windows\setuperr.log
2015-07-02 15:29 - 2015-07-02 15:29 - 00057735 _____ C:\Windows\SysWOW64\CCCInstall_201507021529569817.log
2015-07-02 15:15 - 2015-07-02 15:26 - 00000000 ____D C:\Program Files\CCleaner
2015-07-02 15:15 - 2015-07-02 15:15 - 05316792 _____ (Piriform Ltd) C:\Users\LuizFernando\Downloads\ccsetup501pro.exe
2015-07-02 15:15 - 2015-07-02 15:15 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-02 15:15 - 2015-07-02 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-30 15:30 - 2015-06-30 16:07 - 00000000 ____D C:\Users\LuizFernando\Documents\Project Zetsubou
2015-06-30 15:14 - 2015-06-30 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.1f1 (64-bit)
2015-06-29 18:30 - 2015-06-29 18:30 - 00001078 _____ C:\Users\LuizFernando\Desktop\Super Hexagon.lnk
2015-06-29 18:30 - 2015-06-29 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon
2015-06-29 18:30 - 2015-06-29 18:30 - 00000000 ____D C:\Program Files (x86)\Super Hexagon
2015-06-29 18:13 - 2015-06-29 18:13 - 00000825 _____ C:\Users\LuizFernando\Desktop\Q.U.B.E. x64.lnk
2015-06-29 18:13 - 2015-06-29 18:13 - 00000000 ____D C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2015-06-29 18:13 - 2015-06-29 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q.U.B.E
2015-06-29 17:49 - 2015-06-29 17:49 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Chromium
2015-06-28 18:27 - 2015-06-28 18:27 - 00000675 _____ C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\CABAL2 (US).lnk
2015-06-28 18:27 - 2015-06-28 18:27 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CABAL2 (US)
2015-06-28 17:08 - 2015-06-28 17:10 - 26008008 _____ C:\Users\LuizFernando\Downloads\cabal2en_setup.exe
2015-06-28 01:32 - 2015-06-28 01:32 - 06341479 _____ C:\Users\LuizFernando\Downloads\Bitcoin Aliens 1.1.1.apk
2015-06-27 23:25 - 2015-06-28 13:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-27 23:25 - 2015-06-27 23:25 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-27 22:46 - 2015-06-27 22:46 - 00823582 _____ C:\Users\LuizFernando\Downloads\JoyToKey_en.zip
2015-06-26 20:41 - 2015-06-26 20:42 - 00000102 _____ C:\Users\LuizFernando\Downloads\Pax_Sivir_UE8.txt
2015-06-26 18:20 - 2015-06-26 18:20 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitMinter
2015-06-26 18:20 - 2015-06-26 18:20 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Sun
2015-06-26 14:03 - 2015-06-27 19:53 - 00000000 ____D C:\Users\LuizFernando\Downloads\trkdnkwipc
2015-06-26 04:22 - 2015-06-26 04:22 - 00062559 _____ C:\Users\LuizFernando\Downloads\[kat.cr]toukiden.kiwami.codex.torrent
2015-06-25 23:39 - 2014-07-01 08:00 - 00908593 _____ C:\Users\LuizFernando\Desktop\Para's InstaLock.exe
2015-06-25 23:20 - 2015-06-25 23:33 - 162708926 _____ C:\Users\LuizFernando\Downloads\sharp-rift-v1-by-existor1.zip
2015-06-25 23:19 - 2015-06-25 23:35 - 00000000 ____D C:\Wooxy
2015-06-25 23:19 - 2015-06-25 23:19 - 00000570 _____ C:\Users\Public\Desktop\Wooxy.lnk
2015-06-25 23:19 - 2015-06-25 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wooxy
2015-06-25 23:18 - 2015-06-25 23:19 - 07766029 _____ C:\Users\LuizFernando\Downloads\WooxySetup.zip
2015-06-25 23:10 - 2015-06-25 23:10 - 02213067 _____ C:\Users\LuizFernando\Downloads\Scourge-of-War-Sion-1.rar
2015-06-25 18:38 - 2015-06-25 18:38 - 00001084 _____ C:\Users\LuizFernando\Desktop\MultiTool V2.lnk
2015-06-25 18:14 - 2015-06-25 18:38 - 00000000 ____D C:\Program Files (x86)\MultiTool V2
2015-06-25 16:23 - 2015-06-25 16:23 - 00541985 _____ C:\Users\LuizFernando\Downloads\4242.zip
2015-06-25 16:14 - 2015-06-25 16:30 - 01781964 _____ C:\Users\LuizFernando\Downloads\3159.zip
2015-06-25 16:12 - 2015-06-25 16:29 - 01704760 _____ C:\Users\LuizFernando\Downloads\40383.zip
2015-06-25 16:11 - 2015-06-25 16:25 - 04373969 _____ C:\Users\LuizFernando\Downloads\3007.zip
2015-06-25 16:10 - 2015-06-25 16:24 - 02356801 _____ C:\Users\LuizFernando\Downloads\23183.zip
2015-06-25 16:08 - 2015-06-25 16:22 - 00426017 _____ C:\Users\LuizFernando\Downloads\32603.zip
2015-06-25 16:06 - 2015-06-25 16:22 - 05072921 _____ C:\Users\LuizFernando\Downloads\11101.zip
2015-06-25 16:05 - 2015-06-25 16:05 - 02512110 _____ C:\Users\LuizFernando\Downloads\35953.zip
2015-06-25 15:58 - 2015-06-25 15:58 - 00000058 _____ C:\Windows\JQHApp.dat
2015-06-25 15:58 - 2015-06-25 15:58 - 00000000 ____D C:\Users\LuizFernando\Documents\MK-LOL
2015-06-25 15:58 - 2015-06-25 15:58 - 00000000 ____D C:\Users\LuizFernando\Documents\MKJogo
2015-06-25 15:57 - 2015-06-25 15:57 - 00001131 _____ C:\Users\LuizFernando\Desktop\MK LOL.lnk
2015-06-25 15:57 - 2015-06-25 15:57 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2015-06-25 15:57 - 2015-06-25 15:57 - 00000000 ____D C:\Program Files (x86)\MKJogo
2015-06-25 15:55 - 2015-06-25 15:56 - 19837128 _____ C:\Users\LuizFernando\Downloads\MKLOL2.0.0.45.exe
2015-06-25 15:54 - 2015-06-25 16:19 - 08356968 _____ C:\Users\LuizFernando\Downloads\5547.zip
2015-06-25 15:53 - 2015-06-25 16:19 - 08366705 _____ C:\Users\LuizFernando\Downloads\21543.zip
2015-06-25 14:11 - 2015-06-25 14:50 - 00413219 _____ C:\Users\LuizFernando\Downloads\60553.zip
2015-06-25 13:55 - 2015-06-25 14:50 - 00382330 _____ C:\Users\LuizFernando\Downloads\37523.zip
2015-06-25 13:28 - 2015-06-25 14:50 - 00466957 _____ C:\Users\LuizFernando\Downloads\24533.zip
2015-06-25 13:24 - 2015-06-25 14:50 - 00395393 _____ C:\Users\LuizFernando\Downloads\6290.zip
2015-06-25 13:22 - 2015-06-25 13:22 - 01288111 _____ C:\Users\LuizFernando\Downloads\1548.zip
2015-06-25 13:20 - 2015-06-25 15:23 - 01042145 _____ C:\Users\LuizFernando\Downloads\1989.zip
2015-06-25 13:19 - 2015-06-25 15:23 - 01346863 _____ C:\Users\LuizFernando\Downloads\25543.zip
2015-06-25 13:18 - 2015-06-25 15:23 - 00870896 _____ C:\Users\LuizFernando\Downloads\30843.zip
2015-06-25 13:16 - 2015-06-25 15:23 - 00741677 _____ C:\Users\LuizFernando\Downloads\3687.zip
2015-06-25 13:12 - 2015-06-25 15:23 - 00399543 _____ C:\Users\LuizFernando\Downloads\34063.zip
2015-06-25 03:46 - 2015-06-25 03:47 - 01673447 _____ C:\Users\LuizFernando\Downloads\5277.zip
2015-06-25 03:44 - 2015-06-25 03:44 - 00115334 _____ C:\Users\LuizFernando\Downloads\8581.zip
2015-06-25 03:41 - 2015-06-25 03:41 - 00934477 _____ C:\Users\LuizFernando\Downloads\19313.zip
2015-06-25 03:37 - 2015-06-25 03:41 - 01785392 _____ C:\Users\LuizFernando\Downloads\38133.zip
2015-06-25 03:32 - 2015-06-25 03:32 - 00006180 _____ C:\Users\LuizFernando\Downloads\trab-arq.7z
2015-06-25 03:17 - 2015-06-25 03:18 - 00600550 _____ C:\Users\LuizFernando\Downloads\1705.zip
2015-06-25 03:06 - 2015-06-25 03:07 - 07346222 _____ C:\Users\LuizFernando\Downloads\62563.zip
2015-06-25 02:58 - 2015-06-25 03:00 - 10928856 _____ C:\Users\LuizFernando\Downloads\7701.zip
2015-06-25 02:56 - 2015-06-25 03:00 - 02519066 _____ C:\Users\LuizFernando\Downloads\21123.zip
2015-06-25 02:39 - 2015-06-25 02:39 - 00910700 _____ C:\Users\LuizFernando\Downloads\Project-kata.zip
2015-06-25 02:35 - 2015-06-25 02:35 - 01168369 _____ C:\Users\LuizFernando\Downloads\Kaneki-ken.zip
2015-06-25 02:30 - 2015-06-25 02:30 - 01651916 _____ C:\Users\LuizFernando\Downloads\Madoka(1).zip
2015-06-25 02:29 - 2015-06-25 02:30 - 00502713 _____ C:\Users\LuizFernando\Downloads\Sinon-Cai-v3.0.3.zip
2015-06-25 02:11 - 2015-06-25 02:11 - 07504632 _____ C:\Users\LuizFernando\Downloads\Water-VelKoz.rar
2015-06-25 01:38 - 2015-06-25 01:38 - 03629596 _____ C:\Users\LuizFernando\Downloads\Akatsuki-zed.zip
2015-06-25 01:37 - 2015-06-25 23:47 - 00000000 ____D C:\Users\LuizFernando\Desktop\Nova pasta
2015-06-24 16:40 - 2015-06-24 16:40 - 00006933 _____ C:\Users\LuizFernando\Downloads\Trabalho SISOP1.7z
2015-06-23 23:36 - 2015-06-23 23:36 - 00000000 ____D C:\Users\LuizFernando\VirtualBox VMs
2015-06-23 22:55 - 2015-06-23 23:33 - 1150844928 _____ C:\Users\LuizFernando\Downloads\ubuntu-15.04-desktop-amd64.iso
2015-06-23 22:53 - 2015-06-24 16:41 - 00000000 ____D C:\Users\LuizFernando\.VirtualBox
2015-06-23 22:53 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-06-23 22:53 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-06-23 19:47 - 2015-06-23 19:47 - 00003773 _____ C:\Users\LuizFernando\Downloads\Trabalho-SISOP1.7z
2015-06-23 15:14 - 2015-06-23 21:20 - 00000000 ____D C:\Users\LuizFernando\Documents\fork
2015-06-23 13:34 - 2015-06-23 14:08 - 00000000 ____D C:\Users\LuizFernando\Downloads\DMWREENG FINAL
2015-06-23 13:27 - 2015-06-23 13:27 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Game
2015-06-23 13:18 - 2015-06-23 13:18 - 14466492 _____ C:\Users\LuizFernando\Downloads\ppsspp_win.zip
2015-06-22 15:50 - 2015-06-22 15:51 - 21591914 _____ C:\Users\LuizFernando\Downloads\Saint Seiya 1.100.rar
2015-06-22 03:21 - 2015-06-22 22:56 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\GT
2015-06-22 02:07 - 2015-06-22 02:07 - 00000000 ____D C:\Arc
2015-06-21 19:42 - 2015-06-21 19:42 - 00000000 ____D C:\Users\Todos os Usuários\Thunder Network
2015-06-21 19:42 - 2015-06-21 19:42 - 00000000 ____D C:\Users\Public\Thunder Network
2015-06-21 19:42 - 2015-06-21 19:42 - 00000000 ____D C:\ProgramData\Thunder Network
2015-06-21 19:37 - 2015-06-21 19:38 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\ArcAsia
2015-06-21 19:35 - 2015-06-21 19:37 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arc
2015-06-21 18:21 - 2015-06-21 18:21 - 00000000 ____D C:\Users\LuizFernando\Downloads\Nuance Dragon NaturallySpeaking v12.0 Premium ISO-TBE
2015-06-21 15:27 - 2015-06-21 15:28 - 00000000 ____D C:\Users\LuizFernando\Downloads\Final Fantasy XIII Duology-CorePack
2015-06-20 14:58 - 2015-07-02 15:24 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2015-06-20 14:58 - 2015-07-02 15:24 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-06-20 14:58 - 2015-06-20 15:09 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Bluestacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-06-20 14:58 - 2015-06-20 14:58 - 00000000 ____D C:\ProgramData\BlueStacks
2015-06-20 12:26 - 2015-06-28 17:45 - 819903744 _____ C:\Users\LuizFernando\Downloads\ProTeXt-3.1.5-033015.exe.part
2015-06-17 16:09 - 2015-06-17 16:09 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-06-17 16:08 - 2015-06-17 16:08 - 00000000 ____D C:\Users\LuizFernando\Documents\3DMark 11
2015-06-17 16:08 - 2015-06-17 16:08 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Futuremark
2015-06-17 15:59 - 2015-06-17 15:59 - 00001251 _____ C:\Users\Public\Desktop\3DMark 11.lnk
2015-06-17 15:59 - 2015-06-17 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-06-17 15:59 - 2015-06-17 15:59 - 00000000 ____D C:\Program Files\Futuremark
2015-06-17 12:28 - 2015-06-17 12:28 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\uplay
2015-06-17 12:22 - 2015-06-17 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed Chronicles China
2015-06-17 01:17 - 2015-06-17 12:56 - 00000000 ____D C:\Users\LuizFernando\Downloads\HPDH
2015-06-17 00:29 - 2015-06-17 00:29 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Electronic Arts
2015-06-17 00:24 - 2015-06-17 00:24 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-06-16 02:43 - 2015-06-17 12:14 - 00000000 ____D C:\Users\LuizFernando\Downloads\Harry Potter And The Deathly Hallows Part 1-Razor1911
2015-06-16 02:40 - 2015-06-21 18:19 - 00000000 ____D C:\Users\LuizFernando\Downloads\asncrdchrchna
2015-06-14 01:34 - 2015-06-14 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AAA Logo
2015-06-14 01:34 - 2015-06-14 01:34 - 00000000 ____D C:\Program Files (x86)\AAALOGO
2015-06-13 20:35 - 2015-06-13 20:35 - 00020613 _____ C:\Users\LuizFernando\Downloads\[kat.cr]kingsman.the.secret.service.2014.1080p.brrip.x264.yify.torrent
2015-06-13 19:35 - 2015-06-13 19:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Spiritsoft
2015-06-13 15:19 - 2015-06-13 15:19 - 00000000 ____D C:\Users\Todos os Usuários\2DBoy
2015-06-13 15:19 - 2015-06-13 15:19 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\2DBoy
2015-06-13 15:19 - 2015-06-13 15:19 - 00000000 ____D C:\ProgramData\2DBoy
2015-06-12 14:56 - 2015-06-12 14:56 - 00000011 _____ C:\Users\LuizFernando\Documents\l.txt
2015-06-10 15:10 - 2015-06-10 15:10 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Mortal Kombat X
2015-06-10 01:26 - 2015-06-10 01:47 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\GSA Search Engine Ranker
2015-06-10 01:26 - 2015-06-10 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSA Search Engine Ranker
2015-06-10 01:26 - 2015-06-10 01:26 - 00000000 ____D C:\Program Files (x86)\GSA Search Engine Ranker
2015-06-10 01:09 - 2015-06-10 01:14 - 13541565 _____ C:\Users\LuizFernando\Documents\Untitled.wmv
2015-06-10 01:07 - 2015-06-10 01:08 - 00027528 _____ C:\Users\LuizFernando\Downloads\magisto-movie.mp4.sfk
2015-06-09 15:09 - 2015-06-09 15:09 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\zztiDOTcom
2015-06-09 15:09 - 2015-06-09 15:09 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\zztiDOTcom
2015-06-09 01:32 - 2015-06-09 01:32 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Ofi Labs
2015-06-09 01:28 - 2015-06-09 01:28 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Traffic Travis v4
2015-06-09 01:28 - 2015-06-09 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Traffic Travis v4
2015-06-09 01:27 - 2015-06-09 01:27 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Affilorama

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 13:38 - 2015-03-29 22:17 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-09 13:38 - 2015-02-27 10:15 - 00005018 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for BAKKA-LuizFernando Bakka
2015-07-09 13:38 - 2015-01-24 17:34 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (LuizFernando)
2015-07-09 13:37 - 2015-01-30 19:01 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 13:37 - 2015-01-24 17:29 - 00000000 __RDO C:\Users\LuizFernando\OneDrive
2015-07-09 13:36 - 2015-01-24 17:19 - 01427627 _____ C:\Windows\WindowsUpdate.log
2015-07-09 13:30 - 2015-01-24 19:55 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 13:17 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-09 03:21 - 2015-04-05 17:35 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Battle.net
2015-07-09 03:21 - 2015-01-30 19:42 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Skype
2015-07-09 03:16 - 2015-01-30 19:01 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 03:08 - 2015-02-01 18:29 - 00000414 _____ C:\Windows\Tasks\update-S-1-5-21-2477625714-4157688874-1142588302-1002.job
2015-07-09 02:07 - 2015-02-08 17:10 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\TS3Client
2015-07-09 00:29 - 2015-02-01 18:29 - 00000414 _____ C:\Windows\Tasks\update-sys.job
2015-07-09 00:12 - 2015-02-10 13:17 - 00000505 _____ C:\Users\LuizFernando\Downloads\bakka-ur (1).dec
2015-07-09 00:04 - 2015-01-31 11:54 - 00000000 __SHD C:\Users\LuizFernando\AppData\Local\EmieBrowserModeList
2015-07-09 00:04 - 2015-01-24 17:31 - 00000000 __SHD C:\Users\LuizFernando\AppData\Local\EmieUserList
2015-07-09 00:04 - 2015-01-24 17:31 - 00000000 __SHD C:\Users\LuizFernando\AppData\Local\EmieSiteList
2015-07-08 22:48 - 2015-01-24 17:30 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D8A2130-E15C-4BFA-888D-D6FDB6D291CD}
2015-07-08 22:19 - 2015-01-24 17:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2477625714-4157688874-1142588302-1002
2015-07-08 22:09 - 2015-01-24 21:57 - 00000000 ____D C:\Users\LuizFernando\Documents\my games
2015-07-08 16:25 - 2014-09-16 23:06 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2015-07-08 16:25 - 2014-09-16 23:06 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2015-07-08 16:25 - 2014-03-18 07:02 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 16:24 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-08 16:16 - 2015-04-18 15:20 - 00003080 _____ C:\Windows\System32\Tasks\catalyst
2015-07-08 16:15 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 16:15 - 2013-08-22 11:44 - 05039208 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-08 16:13 - 2013-08-22 10:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-08 16:11 - 2015-04-25 23:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-08 16:11 - 2015-01-30 23:25 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-08 16:11 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-08 16:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\WinStore
2015-07-08 16:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-08 15:33 - 2015-02-01 18:31 - 00000000 ____D C:\Users\LuizFernando\Documents\Lightshot
2015-07-08 14:31 - 2015-05-27 13:27 - 00318976 ___SH C:\Users\LuizFernando\Desktop\Thumbs.db
2015-07-08 14:16 - 2014-09-17 00:12 - 00000000 ____D C:\Windows\system32\MRT
2015-07-08 14:11 - 2014-09-17 00:12 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-07 23:19 - 2015-01-24 19:02 - 00743424 ___SH C:\Users\LuizFernando\Downloads\Thumbs.db
2015-07-07 16:56 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-07 16:51 - 2015-01-24 17:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Packages
2015-07-06 18:24 - 2015-01-30 23:32 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-06 18:24 - 2015-01-30 23:32 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 07:08 - 2014-09-17 00:15 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 22:02 - 2015-05-24 10:47 - 00000000 ____D C:\Program Files\OblyTile
2015-07-04 14:38 - 2015-01-30 19:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-04 14:38 - 2015-01-30 19:42 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-07-04 14:38 - 2015-01-30 19:42 - 00000000 ____D C:\ProgramData\Skype
2015-07-04 13:45 - 2015-02-10 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-04 00:19 - 2015-01-24 17:19 - 00000000 ____D C:\Users\LuizFernando
2015-07-03 11:02 - 2015-02-05 23:42 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-02 22:43 - 2015-06-04 00:35 - 00000000 ____D C:\temp
2015-07-02 22:33 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\Offline Web Pages
2015-07-02 22:15 - 2015-01-24 18:35 - 00000000 ____D C:\KMPlayer
2015-07-02 22:10 - 2015-02-05 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-02 22:10 - 2015-02-05 23:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-02 21:23 - 2015-01-30 16:19 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\BitTorrent
2015-07-02 15:52 - 2015-05-21 10:50 - 00000000 ____D C:\Users\LuizFernando\Documents\The Witcher 3
2015-07-02 15:52 - 2015-04-05 18:17 - 00000000 ____D C:\Users\LuizFernando\Documents\Heroes of the Storm
2015-07-02 15:49 - 2015-01-24 17:50 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Raptr
2015-07-02 15:48 - 2015-01-24 17:50 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-02 15:46 - 2015-01-24 17:49 - 00000000 ____D C:\Users\Todos os Usuários\AMD
2015-07-02 15:46 - 2015-01-24 17:49 - 00000000 ____D C:\ProgramData\AMD
2015-07-02 15:44 - 2015-01-24 17:49 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-02 15:25 - 2015-02-27 16:36 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\PhotoScape
2015-07-02 15:24 - 2015-05-25 14:53 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Free Download Manager
2015-07-02 15:24 - 2014-09-13 09:40 - 00000000 ____D C:\Windows\Panther
2015-07-01 13:32 - 2015-02-14 01:08 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Unity
2015-06-30 15:30 - 2015-04-24 16:53 - 00000000 ____D C:\Users\Todos os Usuários\Unity
2015-06-30 15:30 - 2015-04-24 16:53 - 00000000 ____D C:\ProgramData\Unity
2015-06-30 15:14 - 2015-04-24 16:02 - 00000000 ____D C:\Program Files\Unity
2015-06-30 14:24 - 2015-04-24 16:58 - 00000000 ____D C:\Users\LuizFernando\Documents\New Unity Project
2015-06-30 14:14 - 2015-04-13 12:26 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\PokerStars
2015-06-29 20:18 - 2015-04-13 12:25 - 00000000 ____D C:\Program Files (x86)\PokerStars
2015-06-29 18:30 - 2015-03-31 21:20 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\SKIDROW
2015-06-29 18:13 - 2015-01-30 21:30 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-28 01:04 - 2015-02-02 18:11 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\JDownloader v2.0
2015-06-28 01:03 - 2015-01-24 17:24 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\Adobe
2015-06-27 23:37 - 2015-02-11 22:21 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2015-06-27 23:37 - 2015-02-11 22:21 - 00000000 ____D C:\ProgramData\Adobe
2015-06-27 23:36 - 2015-01-24 19:52 - 00000000 ____D C:\Users\LuizFernando\AppData\Local\Adobe
2015-06-27 23:25 - 2015-02-11 22:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-27 20:24 - 2015-03-17 11:43 - 00000000 ____D C:\Users\LuizFernando\Documents\KoeiTecmo
2015-06-26 17:24 - 2015-05-13 12:49 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\CodeBlocks
2015-06-25 16:28 - 2015-01-24 20:22 - 00000000 ____D C:\Users\LuizFernando\AppData\Roaming\WinRAR
2015-06-25 00:18 - 2015-04-23 22:51 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-23 19:30 - 2015-01-24 19:55 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-23 13:26 - 2015-01-24 17:48 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2015-06-23 13:26 - 2015-01-24 17:48 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-22 22:59 - 2015-04-14 22:59 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-06-20 14:59 - 2013-08-22 12:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-18 08:42 - 2015-02-05 23:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-02-05 23:42 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-02-05 23:42 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-17 12:14 - 2015-05-21 00:29 - 00000000 ____D C:\Users\LuizFernando\Downloads\wt3
2015-06-14 11:25 - 2015-04-23 00:06 - 00000080 _____ C:\Users\LuizFernando\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-14 10:26 - 2015-04-18 15:20 - 00000000 ____D C:\Users\Todos os Usuários\sunsoft
2015-06-14 10:26 - 2015-04-18 15:20 - 00000000 ____D C:\ProgramData\sunsoft
2015-06-13 15:04 - 2015-05-02 00:14 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-06-13 15:04 - 2015-05-02 00:14 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-06-13 15:04 - 2015-05-02 00:14 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-06-13 15:04 - 2015-05-02 00:14 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-06-12 00:03 - 2015-04-23 00:06 - 00000000 ____D C:\Program Files\Rockstar Games
2015-06-12 00:03 - 2015-04-23 00:06 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-10 15:10 - 2015-03-26 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-10 01:10 - 2015-04-06 03:12 - 00010240 ___SH C:\Users\LuizFernando\Documents\Thumbs.db

==================== Files in the root of some directories =======

2015-07-05 15:23 - 2015-07-05 15:28 - 0000132 _____ () C:\Users\LuizFernando\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-02-22 17:54 - 2015-04-02 23:44 - 1078572 _____ () C:\Users\LuizFernando\AppData\Local\package.nw.new
2015-02-10 12:31 - 2015-02-10 12:31 - 0007601 _____ () C:\Users\LuizFernando\AppData\Local\Resmon.ResmonCfg
2015-02-01 18:29 - 2015-02-01 18:29 - 0000003 _____ () C:\Users\LuizFernando\AppData\Local\updater.log
2015-02-01 18:29 - 2015-04-22 03:32 - 0000424 _____ () C:\Users\LuizFernando\AppData\Local\UserProducts.xml
2015-01-24 18:31 - 2015-01-24 18:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\LuizFernando\1.dat
C:\Users\LuizFernando\AppData\Roaming\Origin\update.vbe


Some files in TEMP:
====================
C:\Users\LuizFernando\AppData\Local\Temp\31d6e07d87ca5eaf6b2447c07a6c1365.dll
C:\Users\LuizFernando\AppData\Local\Temp\adcadccfd39ea907529528e4ef3f7ae7.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-08 13:52

==================== End of log ============================

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by LuizFernando at 2015-07-09 13:39:44
Running from C:\Users\LuizFernando\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2477625714-4157688874-1142588302-500 - Administrator - Disabled)
Convidado (S-1-5-21-2477625714-4157688874-1142588302-501 - Limited - Disabled)
Elida (S-1-5-21-2477625714-4157688874-1142588302-1006 - Limited - Enabled) => C:\Users\Elida
HomeGroupUser$ (S-1-5-21-2477625714-4157688874-1142588302-1004 - Limited - Enabled)
LuizFernando (S-1-5-21-2477625714-4157688874-1142588302-1002 - Administrator - Enabled) => C:\Users\LuizFernando

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
AAA Logo 2014 v4.11 FULL (HKLM-x32\...\AAA Logo 2014_is1) (Version:  - SWGSoft)
ACE - Arena: Cyber Evolution (HKLM-x32\...\Steam App 285580) (Version:  - Spearhead Games)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
Akamai NetSession Interface (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
AMD Catalyst Install Manager (HKLM\...\{66AD7978-00EE-AE61-889B-CC68818C0135}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Nome de sua empresa:)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Archeblade (HKLM-x32\...\Steam App 207230) (Version:  - CodeBrush Games)
ArcÓÎϷƽ̨ (HKLM-x32\...\Arc) (Version: 1.7.3.0608 - PWRD, Inc.)
Ares 2.3.0 (HKLM-x32\...\Ares) (Version: 2.3.0-Build#3054 - Seekar Ltd)
Assassins Creed Chronicles China (HKLM-x32\...\Assassins Creed Chronicles China_is1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BitTorrent (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
BlazBlue Continuum Shift Extend / RePack by Baracuda (HKLM-x32\...\BlazBlue Continuum Shift Extend_is1) (Version: 1.0.0.0 - )
Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
CABAL2 (US) (HKLM-x32\...\CABAL2US) (Version:  - ESTsoft Corp.)
Canyon Capers (HKLM-x32\...\Steam App 275490) (Version:  - Crazy Moo Games)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CINEMA 4D 12.016 (HKLM\...\MAXON8C02D5E0) (Version: 12.016 - MAXON Computer GmbH) <==== ATTENTION
CodeBlocks (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Don't Starve Together Beta v126042 (HKLM-x32\...\Don't Starve Together Beta v126042 1.0.0) (Version: 1.0.0 - IGG-GAMES.COM)
Don't Starve Together Beta v126042 (x32 Version: 1.0.0 - IGG-GAMES.COM) Hidden
Dragonball Xenoverse (HKLM-x32\...\Dragonball Xenoverse_is1) (Version:  - )
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
Fallout New Vegas Ultimate Edition version 1.4.0.525 (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: 1.4.0.525 - Bethesda Softworks)
FB Scraper (HKLM-x32\...\{AEB6BF05-465C-44CB-BAFD-212784639DC7}) (Version: 1.0.0 - Facebook Sniper)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Download Manager 3.9.5 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
Gerenciador de Downloads (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\a54e16f5d00985b6) (Version: 0.9.3.123 - Level Up! Gerenciador)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
GSA Search Engine Ranker v9.86 (HKLM-x32\...\GSA Search Engine Ranker_is1) (Version: 9.86 - GSA Software)
GUILTY GEAR XX ACCENT CORE PLUS R (HKLM-x32\...\R1VJTFRZR0VBUlhYQUNDRU5UQ09SRVBMVVNS_is1) (Version: 1 - )
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Hand of Fate (HKLM-x32\...\Hand of Fate_is1) (Version:  - )
Harry Potter and the Deathly Hallows™ - Part 1 (HKLM-x32\...\{C9AAF970-4E7E-4C98-AD67-09C74379D345}) (Version: 1.0.0.0 - Electronic Arts)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
I am Bread (HKLM-x32\...\I am Bread_is1) (Version:  - )
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version:  - NetherRealm Studios)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.133 - PandoraTV)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
LegendOnline 2.0.0.4153 (HKLM-x32\...\LegendOnline) (Version: 2.0.0.4153 - Oasgames, Inc.)
Life Is Strange (HKLM-x32\...\Life Is Strange_is1) (Version:  - SQUARE ENIX)
Life is Strange: Episodes 1 & 2 (HKLM-x32\...\Life is Strange: Episodes 1 & 2_is1) (Version:  - )
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Megacubo 10 (HKLM-x32\...\Megacubo_is1) (Version: 10.9.9 - www.megacubo.net)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\MK LOL) (Version:  - )
Mortal Kombat X (HKLM-x32\...\Mortal Kombat X_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Mortal Kombat X Update v20150602 (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - )
Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0a1 - Mozilla)
MultiTool V2 (HKLM-x32\...\MultiTool V2) (Version: 2.0.0.5 - )
My.com Games (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\MyComGames) (Version: 3.133 - My.com B.V.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{7dafcdb6-5981-4eae-b57b-6cb3f898d680}) (Version: latest - ppy Pty Ltd)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Popcorn Time (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\Popcorn Time) (Version:  - Popcorn Official)
Project CARS (HKLM-x32\...\Project CARS_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Q.U.B.E. (HKLM-x32\...\Q.U.B.E._is1) (Version:  - R.G. Origami)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.5.31.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
Rustbucket Rumble (HKLM-x32\...\Steam App 351140) (Version:  - Reactor Zero)
Setup - DEAD OR ALIVE 5 Last Round © KOEI TECMO GAMES CO., LTD ... (HKLM-x32\...\Setup - DEAD OR ALIVE 5 Last Round © KOEI TECMO GAMES CO., LTD ...) (Version: ... - Team Ninja)
skyforge_mycom (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\skyforge_mycom) (Version: 1.19 - My.com B.V.)
Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Super Hexagon (HKLM-x32\...\Super Hexagon_is1) (Version: 1.0 - compiled by testncrash)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Four Kings Casino and Slots (HKLM-x32\...\Steam App 260430) (Version:  - Digital Leisure Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version:  - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Traffic Travis 4.2.0 (HKLM-x32\...\Traffic Travis 4_is1) (Version:  - Affilorama Ltd.)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Unity (HKLM-x32\...\Unity) (Version: 5.1.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\UnityWebPlayer) (Version: 5.1.1f1 - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-7905e1cd-2452-44cd-bc99-4f884ee135c4) (Version:  - Epic Games, Inc.)
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: V3.70a - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Virtual Playtable version 0.9.2 (HKLM-x32\...\{88216653-C378-4091-AF17-2A0F5B056A23}_is1) (Version: 0.9.2 - Rune Games)
WARRIOR Gamer Mouse version 1.1 (HKLM-x32\...\{62338EAA-A0DF-4B5F-8F20-4981BEB6EF86}_is1) (Version: 1.1 - MULTILASER)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wooxy version 1.0.1.1 (HKLM-x32\...\{4096013E-16CD-4165-9AD9-535C61E833DC}_is1) (Version: 1.0.1.1 - Chewy)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2477625714-4157688874-1142588302-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points =========================

02-07-2015 15:19:01 Removed AMD Catalyst Install Manager
04-07-2015 00:13:13 Removed SendBlaster 3
08-07-2015 14:08:43 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18D728B5-707A-49EB-86A1-99877E8F7BF9} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {19751307-3FC6-4AB0-888F-9262B706C481} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {1F76A107-6FC1-4182-A1D3-9381C3EE64BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.)
Task: {20450C11-8B09-4DA8-B9F2-1FCFC25727AE} - System32\Tasks\Driver Booster Beta SkipUAC (LuizFernando) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe
Task: {207C35EC-BFF6-406D-9843-026E2E2AABDE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-03-29] ()
Task: {2E5EC3E5-76DD-44D8-BB08-8780D967F8EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {439296D3-3FC6-4B83-865D-3AF6A8195981} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {43CA9DFD-4CF7-4C2C-B609-9A7D28AE3412} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {49656EEE-20A2-42E3-8503-ADF4A9E3FB63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {57ED79D2-66AE-4BD4-A803-C16254E03EFB} - System32\Tasks\sunsoft => c:\programdata\sunsoft\sunsoft.exe <==== ATTENTION
Task: {5C34E131-BCFC-462D-8C3C-579C03DFDFDF} - System32\Tasks\update-S-1-5-21-2477625714-4157688874-1142588302-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {5DE4D34E-9DE0-43E6-9850-5643ACFF6A9F} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {65C5585A-7A26-4214-9B7B-2361099E478D} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {6910FD70-8FA8-46E8-B182-E7D4ED4F4E3D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {6B6698FC-B25B-4D73-B0B4-CB544062ACCC} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {6DC73497-7E96-4DD3-93A4-C0EE04CD8A7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.)
Task: {72BB80E2-CC7B-4014-B6BF-9EF8A2B37699} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-08] (Microsoft Corporation)
Task: {8F557325-627A-41C3-8F91-FB3EFC3E906A} - \Optimize Start Menu Cache Files-S-1-5-21-2477625714-4157688874-1142588302-1001 No Task File <==== ATTENTION
Task: {94181F23-CCFA-4B8D-878B-77CC68187459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {976EC0B4-7978-4B81-A748-1D3818981549} - System32\Tasks\Origin => C:\Users\LuizFernando\AppData\Roaming\Origin\update.vbe [2015-04-18] () <==== ATTENTION
Task: {9CCD8FBD-A77C-4507-80C5-AAE3E88B12B0} - System32\Tasks\catalyst => c:\programdata\sunsoft\ccc.exe [2015-06-14] ()
Task: {C14D9AE8-766F-478B-9AC0-6A8B9D81CCFB} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-10-18] ()
Task: {E9DA86C9-0ADC-4008-A59E-685CAC45F75B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BAKKA-LuizFernando Bakka => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {EBEE0CBD-AD4B-494A-93CC-8040A31FA67B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {EF3E92E0-A2EA-427D-BA9F-D586878AE145} - System32\Tasks\Driver Booster SkipUAC (LuizFernando) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2477625714-4157688874-1142588302-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-26 18:19 - 2015-05-26 18:19 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-05-26 18:19 - 2015-05-26 18:19 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2015-04-20 15:58 - 2012-04-24 18:42 - 01181544 _____ () C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\ETGMSrv.exe
2015-05-28 21:13 - 2015-05-28 21:13 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-04-16 16:54 - 2015-04-16 16:54 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-04-16 16:56 - 2013-10-18 18:04 - 01426232 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2015-04-20 15:58 - 2014-07-23 18:42 - 03307520 _____ () C:\Program Files (x86)\MULTILASER WARRIOR Gamer Mouse\SZMON.exe
2015-05-26 18:19 - 2015-05-26 18:19 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-07-05 22:34 - 2015-07-09 13:38 - 01563136 _____ () C:\Windows\Temp\svchost.exe
2015-07-05 22:34 - 2015-07-09 13:38 - 01591808 _____ () C:\Windows\Temp\lsass.exe
2014-09-19 01:35 - 2014-09-19 01:35 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2015-04-16 16:54 - 2015-07-08 16:15 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-04-16 16:54 - 2010-06-28 23:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-04-16 16:56 - 2013-10-18 18:04 - 05777616 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2015-04-16 16:56 - 2013-05-08 16:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2015-04-16 16:55 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2015-04-16 16:55 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2015-04-16 16:55 - 2013-12-04 11:57 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2015-04-16 16:55 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2015-04-16 16:56 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2015-04-16 16:58 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2015-04-16 16:58 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2015-04-16 16:55 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2015-04-16 16:55 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2015-04-16 16:55 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2015-04-16 16:55 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2015-04-16 16:55 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2015-04-16 16:54 - 2010-08-22 23:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2015-04-16 16:55 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2015-04-16 16:55 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\LuizFernando\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\driversupport.com -> hxxps://apps.driversupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\LuizFernando\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ProxyCap"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "amd_dc_opt"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKLM\...\StartupApproved\Run32: => "USB Gamepad"
HKLM\...\StartupApproved\Run32: => "Web2Rule"
HKLM\...\StartupApproved\Run32: => "NCUpdateHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "ares"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "mstwain32"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "urlspace"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-2477625714-4157688874-1142588302-1002\...\StartupApproved\Run: => "SpybotSD TeaTimer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{E0B2A15A-6A4E-4A62-9419-DFDDFB5FBFA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A570450-5C10-4B56-B118-15E4A002D14A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{27177507-8343-4141-90E2-8444A3CDDF40}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{CFFB91D6-DB08-43B1-A6D7-F86DE3961FA9}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{4450F657-9D62-42E0-9DB0-2E7196B67A2A}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E8758B9-4CD1-440E-A9A2-F2E455BE2C76}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{CD71FD12-BBDB-4C00-AC38-368C622E8FDD}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{956C1CA0-B0E7-455A-9C06-199328348D33}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3D19D147-8DCB-4BCF-8A4B-C11DD466CD70}] => (Allow) E:\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{20DED4A7-B8EA-4D73-AD01-1282829D3A7E}] => (Allow) E:\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{051B42CE-8099-4799-9712-FF646B2ADAD2}] => (Allow) E:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{36837954-C8B5-4861-8C30-21811CF132CE}] => (Allow) E:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{ED3AE588-BA62-4823-94A0-0CEE65F59306}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4170048D-152A-46B8-959B-35DADC043B6A}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D6811C1C-60AD-4295-BD3B-34DC46263CA8}] => (Allow) C:\Users\LuizFernando\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9E94D60C-9861-42A6-8363-24C428A65700}] => (Allow) C:\Users\LuizFernando\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{E2363C2D-740C-400D-83C3-CAC062C2E4B9}C:\users\luizfernando\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luizfernando\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{9DDAFB07-3044-4603-A09E-29EE3B1E0349}C:\users\luizfernando\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luizfernando\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{432E471C-F21F-482E-933B-298EDBF67135}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{037309C1-747E-4BAA-8FC1-90743504EC55}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{CA5FCAB6-8BC6-40AB-85D2-51F2DF98D715}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{6B80FB5A-81CE-4D0C-8C71-3D95201AFDB5}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{C3A3C4F1-7E49-4C3A-BC69-6B4BD5D4ACCB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{79FF300D-3AC2-4095-B046-D1583B6ED758}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4D68C4ED-55A2-4AC5-ABF6-ECA9A1CAFAE5}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{2B05248C-0F19-4883-8FEB-F9879263EBFC}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{CDA28FD7-24C3-47B0-9D08-7D2D7FC8BAE7}E:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe] => (Allow) E:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe
FirewallRules: [UDP Query User{7F6A2968-B144-45A6-BD68-62783EC7FC2D}E:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe] => (Allow) E:\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe
FirewallRules: [{61D5377F-F257-481E-AD3D-85B1A70B5C52}] => (Allow) E:\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{BFD804E3-6827-45A8-A829-5651DDB245F9}] => (Allow) E:\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [TCP Query User{08E238A2-0D3A-46A3-9C2B-454E26A337FD}C:\users\luizfernando\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\luizfernando\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{6A2E63FE-4225-4034-AD41-F79DFC1B8728}C:\users\luizfernando\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\luizfernando\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{0A51C567-5FCB-42AE-8338-FB8A864F97CA}C:\program files (x86)\virtual playtable\playtable.exe] => (Allow) C:\program files (x86)\virtual playtable\playtable.exe
FirewallRules: [UDP Query User{00008630-E932-471A-940E-90DC139ED183}C:\program files (x86)\virtual playtable\playtable.exe] => (Allow) C:\program files (x86)\virtual playtable\playtable.exe
FirewallRules: [TCP Query User{27CB23A7-3DCF-48DC-BADC-0C1CBFC4846D}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe
FirewallRules: [UDP Query User{56C7D662-6BD0-4DB6-9107-D06A491548A4}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe
FirewallRules: [{64801A2A-6FD7-4AFE-B0BB-A679479C6F44}] => (Allow) E:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{748DD3E0-410B-4D83-B023-1DADAC1CB016}] => (Allow) E:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{A705C86A-9C81-46FD-BEB2-DC63CC23B248}] => (Allow) E:\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{FBE11B7C-5EDE-4144-8A60-EA385A631D17}] => (Allow) E:\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{AA9E317B-A330-47AF-B2FB-B35ABAC2ECD6}] => (Allow) E:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{27A7A9D4-5972-41E2-A093-03DBF9103DD8}] => (Allow) E:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{127FDD93-F882-4CC5-BB05-2FD1CC6E765A}] => (Allow) E:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DB6666BC-99EA-445D-ADD6-69D2137F1CEF}] => (Allow) E:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{17B260EC-226C-414F-9B99-AAB22F3730BD}] => (Allow) E:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{BAC3B010-A144-4B46-91D2-D8367F425C0E}] => (Allow) E:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{48B7BBA9-8568-40FB-9F7D-25760EAF1302}] => (Allow) E:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{C8AEF450-BD67-46BE-9A17-C6E7C61D45E3}] => (Allow) E:\Steam\SteamApps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{9B915800-FCBC-4801-A2CA-D9A0C0BD0A1E}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{6F72253C-75AF-481A-8404-9F6E1196415A}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4D6A2372-7B9A-4171-BF68-D9854E27A17F}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{B38B0A0A-17BB-4B01-86FD-85074E566188}] => (Allow) E:\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{283FBA35-8D17-41AE-9F0B-855E489E2958}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C7165E46-A89A-45C9-BA14-EFB57801EB91}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{623D2588-D423-4211-9A40-F869336F91C3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{92F3E490-426F-4111-9DF3-F5499A907165}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{631EAB65-8CDA-4BB6-9A1C-479B2D057E8E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{2549E6F2-A3B2-451D-8906-B2EC897BA4E6}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{A9A8CA6B-2FA3-4DAC-8926-DAB044FF7D0A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{61F02608-1D11-4B35-989A-88324FD2DB1A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{9E0EBBCE-C206-4BA7-8954-AA8129680215}E:\jogos\dragonball xenoverse\dbxv.exe] => (Allow) E:\jogos\dragonball xenoverse\dbxv.exe
FirewallRules: [UDP Query User{E99BEBDF-3F6B-4B54-97CB-2EC9E5B9B135}E:\jogos\dragonball xenoverse\dbxv.exe] => (Allow) E:\jogos\dragonball xenoverse\dbxv.exe
FirewallRules: [{C18B42E2-1647-4954-B763-C167EA1728E9}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe
FirewallRules: [{04A47ED5-6BF5-43B5-8ABC-9E20A5E4833A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{94F31FE6-8534-45FE-80B8-21730E688A0E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{4F7CC6F1-33FC-4063-AD82-CC21CDE6465C}C:\program files\java\jdk1.7.0_75\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_75\bin\java.exe
FirewallRules: [UDP Query User{8D467984-9ABE-455A-A244-41FB50718DAD}C:\program files\java\jdk1.7.0_75\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_75\bin\java.exe
FirewallRules: [TCP Query User{75B19A2F-3B5E-4A59-92A7-971036BCDBA4}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{5A8F4F92-D7DF-4C95-B4A6-EBC9C39554C8}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{2059C06B-7F87-4862-8F57-8BD8AB99BD65}] => (Allow) E:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{E7D61DBE-5642-481C-A070-106E04C73899}] => (Allow) E:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{0439D47A-B660-4E4B-A644-1224B580CD66}C:\level up\smite\binaries\win32\smite.exe] => (Allow) C:\level up\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{D61C4550-A3DB-4271-A364-64B7EECB1892}C:\level up\smite\binaries\win32\smite.exe] => (Allow) C:\level up\smite\binaries\win32\smite.exe
FirewallRules: [{5AEC1752-9DD7-4C70-8145-7579A36C6ADC}] => (Allow) E:\Steam\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{73369100-0E1A-4444-8ADF-3B2AE2A4FB4E}] => (Allow) E:\Steam\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{A87F7BA0-0EDF-4343-804F-F55962157F9D}] => (Allow) E:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{323BE80E-9501-42B2-A2FB-CD60AC2DA2BB}] => (Allow) E:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D3B944C5-AC8C-4ADB-8273-34EE1EC7AFB6}] => (Allow) D:\Vindictus G\Vindictus\en-US\NMService.exe
FirewallRules: [{D1877AB7-A655-4F38-B343-1482DA8A7C74}] => (Allow) D:\Vindictus G\Vindictus\en-US\NMService.exe
FirewallRules: [{C8886950-5909-4EA5-B3BF-BFD887EE3432}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{2D644758-1535-4AC9-AD83-2A0691483E3A}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [TCP Query User{C3F5319A-2FA2-4724-869C-9B799DD7DC6B}E:\steam\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\steam\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{30BD9C17-C9C6-4C44-8D03-0FD3206EA82C}E:\steam\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\steam\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{E7585138-2ECF-4810-829A-F1D6EB4CB97D}E:\steam\steamapps\common\magic 2014\dotp_d14.exe] => (Allow) E:\steam\steamapps\common\magic 2014\dotp_d14.exe
FirewallRules: [UDP Query User{4026128F-FDFA-4D56-9119-7CC90EAC5DB6}E:\steam\steamapps\common\magic 2014\dotp_d14.exe] => (Allow) E:\steam\steamapps\common\magic 2014\dotp_d14.exe
FirewallRules: [TCP Query User{BF9EFDC1-53F5-4995-965E-36A3F448F50E}E:\steam\steamapps\common\wormsrevolution\wormsrevolution.exe] => (Allow) E:\steam\steamapps\common\wormsrevolution\wormsrevolution.exe
FirewallRules: [UDP Query User{07759665-9EAC-4AD5-8510-56A038D1B41E}E:\steam\steamapps\common\wormsrevolution\wormsrevolution.exe] => (Allow) E:\steam\steamapps\common\wormsrevolution\wormsrevolution.exe
FirewallRules: [{C50DA2B3-DB96-4E87-9F48-867C03A09C43}] => (Allow) E:\Jogos\Battle.net\Battle.net.exe
FirewallRules: [{09A9250A-BDEA-4E6D-8442-A0037AD760BC}] => (Allow) E:\Jogos\Battle.net\Battle.net.exe
FirewallRules: [{5699841F-6170-4DAB-BCB5-A3FFCF06CC44}] => (Allow) E:\Jogos\Hearthstone\Hearthstone.exe
FirewallRules: [{9EEA956A-44A9-4C79-AF69-F10DBCD0CDCA}] => (Allow) E:\Jogos\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{1F5EB7BA-D8B0-4AD1-93CC-E0862DF0294E}E:\jogos\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) E:\jogos\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{617C27A9-3CF5-430D-A96C-32817D45D2B4}E:\jogos\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) E:\jogos\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{12AA656E-D342-40AD-9CA6-72D0FD78126D}] => (Allow) E:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B8044726-558A-4435-81F4-08BF4A8A666D}] => (Allow) E:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{95E457E2-81C1-4219-91E2-DF7364D1D3CD}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{7BDE5135-3E4D-4B24-967C-B2B961492F83}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [TCP Query User{F92DE777-5AD1-434B-8C2A-710C6D44B240}C:\windows\syswow64\ftp.exe] => (Allow) C:\windows\syswow64\ftp.exe
FirewallRules: [UDP Query User{33D2E8BA-1732-4DF0-8D0A-B6814EB2B042}C:\windows\syswow64\ftp.exe] => (Allow) C:\windows\syswow64\ftp.exe
FirewallRules: [{9099E666-D017-4966-9ACD-403B59EBD208}] => (Allow) E:\Steam\SteamApps\common\Canyon Capers\CanyonCapers.exe
FirewallRules: [{4B7D6D82-8CE1-4C72-BCFD-3B22EEC12C47}] => (Allow) E:\Steam\SteamApps\common\Canyon Capers\CanyonCapers.exe
FirewallRules: [{80DD88DE-76A6-4F78-BDA3-985959CEACD0}] => (Allow) E:\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{A753D649-8F89-408E-8CC0-E5D2B650ED39}] => (Allow) E:\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{779DAC41-39C4-4746-A799-B19335283E70}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6CC19056-F542-472F-A9B8-19F40D95B982}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D97F8A7A-2DFC-4086-9140-D8142752CDC6}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5541B555-39E3-4249-881D-F05AB804DA2D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F08AA887-A9C7-4AB8-A599-F76F1FA069A7}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{1016D86B-234F-4C14-9C7A-61048647CD54}] => (Allow) E:\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6A1FCA81-F8A8-4603-95F6-936CEDFAA326}] => (Allow) E:\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{6B9F51C0-6AA8-4FEF-800A-E0C109453A19}] => (Allow) E:\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [TCP Query User{9702BADC-5710-457C-8520-F58870A3F986}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{4B856A92-4267-44D0-98DD-543ABB778858}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1CB47757-3111-449D-B0BB-2F841CD9ACDD}] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{D55D4962-42D6-4EAE-9628-94811B8472F9}] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{73A6EB4C-0D68-4507-91BE-E432893CFA3B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{251D0849-30C8-4F2B-BD5F-03D1947B8739}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{50F4EE67-34D3-4220-8057-498ADBA4D259}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{6CBD497C-48D1-4457-8A42-B2F83BD78BAC}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{13ED8946-6DA7-4973-B128-264CB76C3340}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{CF2C9432-CCEE-4FD2-9A25-2775C99D1FCF}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{BAD76AC8-60A5-4A34-9649-F2AEF5530D56}] => (Allow) E:\Steam\SteamApps\common\ACE\Binaries\Win32\CyphGame.exe
FirewallRules: [{A4A6509F-05DA-4697-93EE-346DD3485A64}] => (Allow) E:\Steam\SteamApps\common\ACE\Binaries\Win32\CyphGame.exe
FirewallRules: [TCP Query User{6BE1713A-DFBF-413F-8BBA-C6A8B8E13076}E:\jogos\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) E:\jogos\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{A4CDA909-1DB3-4975-91B8-EBB7C2FA7AF4}E:\jogos\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) E:\jogos\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [{D7D78C3E-0421-431A-BCB5-2FDE5A7349A4}] => (Allow) E:\Steam\SteamApps\common\Rustbucket Rumble\RustbucketRumble.exe
FirewallRules: [{B5150555-3AA1-4011-BD3E-35A990B7DEB8}] => (Allow) E:\Steam\SteamApps\common\Rustbucket Rumble\RustbucketRumble.exe
FirewallRules: [{2D890255-DE29-4159-A920-CCC97ECB48CB}] => (Allow) E:\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{564A21EC-758B-4044-BA1C-CA2215A8D091}] => (Allow) E:\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [TCP Query User{60AC5ADD-6A44-4BEB-9643-8FBB4E98D94F}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{50F7C71D-609D-46EE-A1B4-0F976DFB7CD6}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [{0387FE61-9728-48CC-9E03-47DFAF34CBC2}] => (Allow) E:\Steam\SteamApps\common\The Four Kings Casino and Slots\Casino.exe
FirewallRules: [{D26FC08C-6BDD-4E6A-BF74-981AF145C794}] => (Allow) E:\Steam\SteamApps\common\The Four Kings Casino and Slots\Casino.exe
FirewallRules: [TCP Query User{188E0191-22E7-41FC-8E65-A34F5A5A4706}C:\users\luizfernando\appdata\local\apps\2.0\02at85lo.35r\xk8vqg8c.lqd\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\luizfernando\appdata\local\apps\2.0\02at85lo.35r\xk8vqg8c.lqd\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{49FCE097-CF5C-4D25-8008-96EA1E998FE7}C:\users\luizfernando\appdata\local\apps\2.0\02at85lo.35r\xk8vqg8c.lqd\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Allow) C:\users\luizfernando\appdata\local\apps\2.0\02at85lo.35r\xk8vqg8c.lqd\leve..tion_4f84b7a5873ddfc9_0000.0009_1feaa37cbf125788\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [TCP Query User{45B27A6C-5B5D-4755-BE85-25383EC44033}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{80ABC87F-D273-422E-9B82-F7E3B750A5E2}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [{B4EDECC1-F0F9-4A6E-9887-7AB951DB6CC3}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
FirewallRules: [{FBBC195D-264D-4025-8622-1FE50E2B63E5}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
FirewallRules: [{BC817292-A62E-4F80-87FA-ADFFC5B4F94C}] => (Allow) C:\Program Files (x86)\GSA Search Engine Ranker\Search_Engine_Ranker.exe
FirewallRules: [{5F35596C-6659-4D13-A5F7-9F0E05449E0E}] => (Allow) E:\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{D5419B73-CB47-4B5F-990E-42A30D72057B}] => (Allow) E:\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{EEF5C4EE-5CD2-4CC1-B67A-1B524A9E3EAD}] => (Allow) E:\Steam\SteamApps\common\Jamestown\Jamestown.exe
FirewallRules: [{59F1BD06-9BCD-4D8C-A45F-21A9963B9964}] => (Allow) E:\Steam\SteamApps\common\Jamestown\Jamestown.exe
FirewallRules: [{03D3E4A8-AB99-40A8-903E-C3AF0BB85256}] => (Allow) E:\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{2B66CD05-637B-4492-9935-11DA7C8E1104}] => (Allow) E:\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{0FC71095-254F-4298-9F4D-0516050DB4A5}] => (Allow) E:\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{B060755A-8661-46DD-B067-C223C846DEA8}] => (Allow) E:\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [TCP Query User{A0FE0B33-4108-4C04-829E-9AF58FC74BD6}E:\jogos\hearthstone\hearthstone.exe] => (Allow) E:\jogos\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B8598AE4-3AEE-44D4-9411-7C40AFE09522}E:\jogos\hearthstone\hearthstone.exe] => (Allow) E:\jogos\hearthstone\hearthstone.exe
FirewallRules: [{279C970D-A91E-49E0-A2E8-F244097E2732}] => (Allow) E:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{0F426937-6EBE-42FD-B3EC-91DDD397FF25}] => (Allow) E:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{BC670EC6-F0D1-41CD-BCCA-B1123B490C05}E:\jogos\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe] => (Allow) E:\jogos\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe
FirewallRules: [UDP Query User{9B8D8BD4-6610-4FD0-95B9-49A0BFB4A35F}E:\jogos\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe] => (Allow) E:\jogos\assassins creed chronicles china\binaries\win32\accgame-win32-shipping.exe
FirewallRules: [{16B71742-8F2C-48B7-A872-4B0ED06D0519}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{1462491A-A954-4819-8369-4D9E5E1F7A5A}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{232DE75F-B8C6-4711-9FCD-894BC607D489}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{914D5BFB-3700-4B60-8C57-7BBB7C81A5DB}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{5C67808A-CDFA-4AE3-A4E6-6A22B59EBCEE}] => (Allow) E:\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{0C706489-4DFA-4214-A7B2-82193BDC52FA}] => (Allow) E:\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{B17ECA94-3E5A-40FD-A7A1-8E60576D8BA0}] => (Allow) E:\Steam\SteamApps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{416E0A75-2134-4D96-B1BE-E948EB073593}] => (Allow) E:\Steam\SteamApps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{804E1237-CF92-4E7D-A005-79652EB91418}] => (Allow) E:\Jogos\Arc\Arc.exe
FirewallRules: [{166B09FA-2018-4E5A-8C75-97A6892067A1}] => (Allow) E:\Jogos\Arc\Arc.exe
FirewallRules: [{E3908BAB-AFE5-40CA-8FE1-00574B25441A}] => (Allow) E:\Jogos\Arc\ArcWebGameClient.exe
FirewallRules: [{C8E323A8-CC1E-4077-966F-B8C7F8BD05BE}] => (Allow) E:\Jogos\Arc\ArcWebGameClient.exe
FirewallRules: [{A47AE66F-53AD-4DD4-B5AC-D96F21486CF1}] => (Allow) E:\Jogos\Arc\ArcBrowser.exe
FirewallRules: [{2C530A05-BFDE-4C15-94F9-ED03BACA70EC}] => (Allow) E:\Jogos\Arc\ArcBrowser.exe
FirewallRules: [{D2F27F00-137E-4648-80C8-890277809794}] => (Allow) E:\Jogos\Arc\ArcWebBooster.exe
FirewallRules: [{A9F83EA6-B236-4F1F-8867-10D03CB4765E}] => (Allow) E:\Jogos\Arc\ArcWebBooster.exe
FirewallRules: [{EC41104C-94B8-40C0-922D-938D1D80A87E}] => (Allow) E:\Jogos\Arc\XunLei\download\MiniThunderPlatform.exe
FirewallRules: [{908C76B4-25A5-420F-BF44-80D277C7E69F}] => (Allow) E:\Jogos\Arc\XunLei\download\MiniThunderPlatform.exe
FirewallRules: [TCP Query User{8A61B24F-3263-4C9C-8F0D-F5068B64E13E}E:\arc\games\sso\bin\seiya.exe] => (Allow) E:\arc\games\sso\bin\seiya.exe
FirewallRules: [UDP Query User{C6B82A00-6782-46DF-82CD-39D2B1B29383}E:\arc\games\sso\bin\seiya.exe] => (Allow) E:\arc\games\sso\bin\seiya.exe
FirewallRules: [{6C03453A-6A7A-4758-88F9-C4F9AAD04D9D}] => (Allow) C:\Users\LuizFernando\AppData\Roaming\GT\1.25.9.3850\bin\GT.exe
FirewallRules: [{19712ABD-5D2A-46EA-98C4-1F6B23B82E91}] => (Allow) C:\Users\LuizFernando\AppData\Roaming\GT\1.25.9.3850\bin\GT.exe
FirewallRules: [TCP Query User{83F19A51-09EE-4629-83A1-65E0A3A5735A}E:\jogos\cabal2 (us)\c2launcher.exe] => (Allow) E:\jogos\cabal2 (us)\c2launcher.exe
FirewallRules: [UDP Query User{5D19CBD1-7AE0-4194-8E5B-56BA6CBF80FC}E:\jogos\cabal2 (us)\c2launcher.exe] => (Allow) E:\jogos\cabal2 (us)\c2launcher.exe
FirewallRules: [TCP Query User{3869D8CC-F29A-4C52-B947-750864F75B7A}E:\jogos\qube\binaries\win64\qube.exe] => (Allow) E:\jogos\qube\binaries\win64\qube.exe
FirewallRules: [UDP Query User{098282D7-6DDB-48C2-ADBF-1969C680CE85}E:\jogos\qube\binaries\win64\qube.exe] => (Allow) E:\jogos\qube\binaries\win64\qube.exe
FirewallRules: [{07D4D46B-0243-4977-B2A7-2F1FDD9A29AE}] => (Allow) E:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{21ACF931-A2B8-46EC-ACF7-DCC4AFBDECF6}] => (Allow) E:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{007D061A-EAAD-450D-A01A-436BF998E50B}] => (Allow) E:\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{418BB849-160C-45D5-8E58-278DB9955920}] => (Allow) E:\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{1D376BD1-F1A8-4C79-90CA-3D210E08159B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A8019620-E593-403D-BF15-F2D32712143A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D80E898D-9331-49D9-B294-CEEFC9E40686}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2EE0BB74-0A3A-4BF9-AB21-81237C72773B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{52D34D67-4F20-421D-88F7-A66AF8575C8B}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{B8091C6D-9EB5-4FCE-9056-139065E65311}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0468DEF4-A3AF-4E0E-95D8-4F9A57B17C60}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{10257411-BFE6-401B-86D4-D31278401F3D}C:\users\luizfernando\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\luizfernando\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{3F636717-BE61-46CB-9D10-C5AB121BDD30}C:\users\luizfernando\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\luizfernando\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{E32B54BD-BD5F-4E1C-93E5-B5A937FC1548}C:\users\luizfernando\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\luizfernando\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{D72405D8-6FDC-48D7-B526-B1F7844F1E4D}C:\users\luizfernando\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\luizfernando\appdata\local\popcorn time\nw.exe
FirewallRules: [{D635B04D-7362-4B5A-9BF6-0E36C50E0B9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7F207ACF-6BDF-4981-9371-A83BD36DE152}] => (Allow) E:\Jogos\CABAL2 (US)\cabal2.exe
FirewallRules: [{01ED4D80-9C48-4507-BCE5-5136DD2A4A32}] => (Allow) E:\Jogos\CABAL2 (US)\cabal2.exe
FirewallRules: [{81EEA5FD-A69C-4EFB-BFF4-409DFBA64E5C}] => (Allow) E:\Jogos\CABAL2 (US)\cabal2.exe
FirewallRules: [{7603EA76-888E-410F-9E81-21C0FB23D557}] => (Allow) E:\Jogos\CABAL2 (US)\cabal2.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2015 02:31:53 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 11:13:35 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 11:13:25 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 06:50:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa backgroundTaskHost.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1068

Hora de Início: 01d0b9c7592af3da

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\system32\backgroundTaskHost.exe

ID do Relatório: 4d25842b-25bb-11e5-82c2-60a44c5bdf4f

Nome completo do pacote com falha: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt

ID do aplicativo relativo ao pacote com falha: App

Error: (07/08/2015 05:57:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest1". Erro no arquivo de manifesto ou de política "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest2", na linha C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest3.
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.

Error: (07/08/2015 05:20:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa backgroundTaskHost.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 14ac

Hora de Início: 01d0b9ba9441dddd

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\system32\backgroundTaskHost.exe

ID do Relatório: bb2c143e-25ae-11e5-82c2-60a44c5bdf4f

Nome completo do pacote com falha: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt

ID do aplicativo relativo ao pacote com falha: App

Error: (07/08/2015 05:05:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa backgroundTaskHost.exe versão 6.3.9600.17415 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: d4c

Hora de Início: 01d0b9b8af3b7704

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Windows\system32\backgroundTaskHost.exe

ID do Relatório: a5fd197b-25ac-11e5-82c2-60a44c5bdf4f

Nome completo do pacote com falha: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt

ID do aplicativo relativo ao pacote com falha: App

Error: (07/08/2015 04:26:29 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 04:15:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Service_KMS.exe, versão: 11.0.0.0, carimbo de data/hora: 0x52a8d15d
Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000
Código de exceção: 0x00000000
Deslocamento da falha: 0x00007ffd86830565
ID do processo com falha: 0x8fc
Hora de início do aplicativo com falha: 0xService_KMS.exe0
Caminho do aplicativo com falha: Service_KMS.exe1
Caminho do módulo com falha: Service_KMS.exe2
ID do Relatório: Service_KMS.exe3
Nome completo do pacote com falha: Service_KMS.exe4
ID do aplicativo relativo ao pacote com falha: Service_KMS.exe5

Error: (07/08/2015 02:52:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BAKKA)
Description: Falha na ativação do aplicativo Facebook.Facebook_8xx8rvfyw5nnt!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.


System errors:
=============
Error: (07/09/2015 01:17:11 PM) (Source: HTTP) (EventID: 15006) (User: )
Description: \Device\Http\ReqQueue\SystemRoot\System32\LogFiles\HTTPERR\httperr1.log

Error: (07/09/2015 03:22:55 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (07/09/2015 03:02:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro:
%%1053

Error: (07/09/2015 03:02:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service.

Error: (07/08/2015 08:25:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro:
%%1053

Error: (07/08/2015 08:25:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service.

Error: (07/08/2015 05:31:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (07/08/2015 04:15:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Service KMSELDI foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (07/08/2015 04:15:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: AUTORIDADE NT)
Description: Falha na inicialização do Módulo de Extensibilidade de WLAN.

Caminho do Módulo: C:\Windows\system32\Rtlihvs.dll
Código de Erro: 126

Error: (07/08/2015 04:10:13 PM) (Source: DCOM) (EventID: 10016) (User: AUTORIDADE NT)
Description: específico do aplicativoLocalAtivação{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}AUTORIDADE NTSISTEMAS-1-5-18LocalHost (Usando LRPC)Não DisponívelNão Disponível


Microsoft Office:
=========================
Error: (07/09/2015 02:31:53 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 11:13:35 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 11:13:25 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 06:50:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415106801d0b9c7592af3da4294967295C:\Windows\system32\backgroundTaskHost.exe4d25842b-25bb-11e5-82c2-60a44c5bdf4fFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp

Error: (07/08/2015 05:57:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestE:\Coisas\Canal\Imagens\SoftonicDownloader_para_tipcam.exe

Error: (07/08/2015 05:20:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.1741514ac01d0b9ba9441dddd4294967295C:\Windows\system32\backgroundTaskHost.exebb2c143e-25ae-11e5-82c2-60a44c5bdf4fFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp

Error: (07/08/2015 05:05:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415d4c01d0b9b8af3b77044294967295C:\Windows\system32\backgroundTaskHost.exea5fd197b-25ac-11e5-82c2-60a44c5bdf4fFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp

Error: (07/08/2015 04:26:29 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (07/08/2015 04:15:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe11.0.0.052a8d15dunknown0.0.0.0000000000000000000007ffd868305658fc01d0b9b2701c4f68C:\Program Files\KMSpico\Service_KMS.exeunknownbf60979e-25a5-11e5-82c2-60a44c5bdf4f

Error: (07/08/2015 02:52:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BAKKA)
Description: Facebook.Facebook_8xx8rvfyw5nnt!App-2147023170


CodeIntegrity Errors:
===================================
  Date: 2015-07-09 13:31:28.251
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-08 13:56:13.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-06 16:04:29.601
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-05 14:09:27.992
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-04 04:18:44.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-03 10:35:09.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 13:46:19.837
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-01 03:16:33.640
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-29 03:46:20.818
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-06-21 14:57:40.974
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX™-8350 Eight-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 6062.92 MB
Available physical RAM: 4206.43 MB
Total Pagefile: 14212.92 MB
Available Pagefile: 11131.82 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:227.95 GB) (Free:43.35 GB) NTFS
Drive e: () (Fixed) (Total:703.12 GB) (Free:81.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E110762F)
Partition 1: (Not Active) - (Size=703.1 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=227.9 GB) - (Type=07 NTFS)

==================== End of log ============================

 

I don't have my original Windows 8.1 DVD.



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:33 PM

Posted 09 July 2015 - 09:39 PM

Greetings kurocygnus and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Unfortunately you have an illegal copy of Microsoft Office on your system. I am going to ask you to uninstall it before we do any more work on the computer. If you are willing to do that please let me know when it has been done and we can start to clean you badly compromised machine.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:33 PM

Posted 12 July 2015 - 08:38 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:33 PM

Posted 14 July 2015 - 08:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users