Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer Opening Spam Pages


  • This topic is locked This topic is locked
27 replies to this topic

#1 pedromsouza

pedromsouza

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 08 October 2015 - 09:14 PM

Hi,

 

when I open internet explorer it opens one of these 3 pages even though the default start page is google website:

esurf.biz

play-bar.net

cdn.freefacti.com

 

I noticed that in LAN setup the option "use automatic setup script" was activated with the link:

 http://stopblock.me/wpad.dat?8c25bfbaf19919a7d161d189738546fd39884

 

I deactivated the checkbox and deleted the link but it keeps appearing.

 

I tried scanning with:

norton

malwarebytes

JRT

adwcleaner

 

What else should I do?

 

 



BC AdBot (Login to Remove)

 


#2 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 09 October 2015 - 06:43 AM

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 08:27:42, on 09/10/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

FIREFOX: 41.0.1 (x86 pt-BR)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Pedro\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\WINDOWS\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\ooVoo\ooVoo.exe
C:\Users\Pedro\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.0.0.2 play-bar.net
O1 - Hosts: 127.0.0.3 esurf.biz
O1 - Hosts: 127.0.0.4
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Pedro\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5B5BBE9ED55EE8341A285324EB610E46] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized (User 'Default user')
O4 - Startup: Enviar para o OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O15 - Trusted Zone: http://www.caixa.gov.br
O15 - Trusted Zone: www.google.com.br
O15 - Trusted Zone: www.itau.b.br
O15 - Trusted Zone: *.itau.b.br
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: banklineplus.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: www.itau.com.br
O15 - Trusted Zone: http://www.itau.com.br
O15 - Trusted Zone: *.itau.com.br
O15 - Trusted Zone: www.itaupersonnalite.com.br
O15 - Trusted Zone: http://www.itaupersonnalite.com.br
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{3de8bf27-ad5d-4742-9514-e7e38c42028e}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem101.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem101.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel® Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NS) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14544 bytes
 



#3 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 04:44 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, pedromsouza

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
  • IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

    ---------------------------------------------------------------------------------------------------

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
    • When the tool opens, click Yes to disclaimer.
    • Press the Scan button.
    • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
    • Please copy and paste the log in your next reply.
    Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

    ---------------------------------------------------------------------------------------------------

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#4 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 October 2015 - 07:43 AM

Hi Conspire! Thank you for helping!

 

This is the FRST.txt file:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-10-2015
Ran by Pedro (administrator) on PMSOUZA (10-10-2015 09:36:43)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 10 Home Single Language (X64) Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(http://www.lbtaskcontrol.com) C:\LBTaskControl\LBTaskControl.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
 

==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Run: [Spotify Web Helper] => C:\Users\Pedro\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-10] (Spotify Ltd)
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Run: [GoogleChromeAutoLaunch_5B5BBE9ED55EE8341A285324EB610E46] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36592672 2015-08-20] (ooVoo LLC)
ShellExecuteHooks-x32:  - {E37CB5F0-51F5-4395-A808-5FA49E399008} -  No File [ ]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2015-09-20]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1                   thislineskipsanyemptylines
Tcpip\..\Interfaces\{3de8bf27-ad5d-4742-9514-e7e38c42028e}: [NameServer] 8.8.8.8,8.8.4.4
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} ->  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002 -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-28] (Microsoft Corporation)
Handler: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files\QlikView\QvProtocol\qvp.dll [2015-06-02] (QlikTech AB)
Handler-x32: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll [2015-06-02] (QlikTech AB)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\g5j8p0d0.default-1444179867592
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3361239562-2013860233-1157577440-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Pedro\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-3361239562-2013860233-1157577440-1002: gastecnologia.com.br/sf/cef -> C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3361239562-2013860233-1157577440-1002: gastecnologia.com.br/sf/cef64 -> C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-10-10]
FF HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-10-06]
FF HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\uni\xpi => not found
 
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Text Mode) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\adelhekhakakocomdfejiipdnaadiiib [2015-09-18]
CHR Extension: (Google Docs) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-18]
CHR Extension: (Google Drive) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-18]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-18]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2015-09-18]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-09-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-20]
CHR Extension: (Rating Program Extension) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\imbankdmoclhcdmdejkklikkpaidaeij [2015-09-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2015-09-18]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-29]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242880 2015-07-02] (Foxit Software Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-08] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-10-09] (Enigma Software Group USA, LLC.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
S3 RpcLocator; %SystemRoot%\system32\locator.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20151005.001\BHDrvx64.sys [1650936 2015-09-04] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-19] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-09-19] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-10-09] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-10-09] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2015-10-10] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-12] (Sony Mobile Communications)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20151009.001\IDSvia64.sys [767216 2015-09-23] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20151009.016\ENG64.SYS [138488 2015-09-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20151009.016\EX64.SYS [2146040 2015-09-19] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-31] (Realtek                                            )
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605040.018\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [81408 2013-03-06] (MediaTek Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2015-10-10] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-10 09:36 - 2015-10-10 09:36 - 00030468 _____ C:\Users\Pedro\Desktop\FRST.txt
2015-10-10 09:35 - 2015-10-10 09:36 - 00000000 ____D C:\FRST
2015-10-10 09:33 - 2015-10-10 09:33 - 02194944 _____ (Farbar) C:\Users\Pedro\Desktop\frst64.exe
2015-10-10 09:27 - 2015-10-10 09:27 - 00000000 ____D C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP
2015-10-10 09:26 - 2015-10-10 09:26 - 00016148 _____ C:\WINDOWS\system32\PMSOUZA_Pedro_HistoryPrediction.bin
2015-10-10 09:26 - 2015-10-10 09:26 - 00000000 ___HD C:\OneDriveTemp
2015-10-09 17:32 - 2015-10-09 17:32 - 05635766 _____ (Swearware) C:\Users\Pedro\Downloads\combofix.exe
2015-10-09 13:58 - 2015-10-09 13:58 - 00003410 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2015-10-09 13:58 - 2015-10-09 13:58 - 00001134 _____ C:\Users\Pedro\Desktop\SpyHunter.lnk
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Enigma Software Group
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\sh4ldr
2015-10-09 13:56 - 2015-10-09 15:57 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-10-09 13:56 - 2015-10-09 13:56 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-10-09 13:55 - 2015-10-09 13:55 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Pedro\Downloads\SpyHunter-Installer (1).exe
2015-10-09 13:50 - 2015-10-09 13:50 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2015-10-09 13:49 - 2015-10-09 13:49 - 00002725 _____ C:\Users\Pedro\Desktop\µTorrent.lnk
2015-10-09 13:49 - 2015-10-09 13:49 - 00002725 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-09 13:47 - 2015-10-09 13:51 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2015-10-09 13:44 - 2015-10-09 13:44 - 01822048 _____ (BitTorrent Inc.) C:\Users\Pedro\Downloads\uTorrent.exe
2015-10-09 13:38 - 2015-10-09 13:38 - 00016148 _____ C:\WINDOWS\system32\BUKOWSKI_Pedro_HistoryPrediction.bin
2015-10-09 11:57 - 2015-10-09 11:57 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-10-09 11:56 - 2015-10-09 13:47 - 00000000 ____D C:\WINDOWS\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-10-09 11:27 - 2015-10-09 11:27 - 00000078 _____ C:\Users\Pedro\Desktop\validação.txt
2015-10-09 10:22 - 2015-10-09 10:22 - 00001015 _____ C:\Users\Pedro\Desktop\Spy Hunter PRO - Atalho.lnk
2015-10-09 10:21 - 2015-10-09 10:21 - 01376768 _____ C:\Users\Pedro\Downloads\7z920-x64.msi
2015-10-09 10:21 - 2015-10-09 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-09 10:21 - 2015-10-09 10:21 - 00000000 ____D C:\Program Files\7-Zip
2015-10-09 10:18 - 2015-10-09 10:20 - 14959010 _____ C:\Users\Pedro\Downloads\Spy Hunter PRO.rar
2015-10-09 09:29 - 2015-10-09 09:29 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Pedro\Downloads\SpyHunter-Installer.exe
2015-10-09 08:54 - 2015-10-09 08:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2015-10-09 08:53 - 2015-10-09 08:53 - 01390952 _____ (WiseCleaner.com ) C:\Users\Pedro\Downloads\WFDSetup.exe
2015-10-09 08:38 - 2015-10-09 09:07 - 00000000 ____D C:\Users\Pedro\Downloads\backups
2015-10-09 08:27 - 2015-10-09 09:04 - 00015079 _____ C:\Users\Pedro\Downloads\hijackthis.log
2015-10-09 08:27 - 2015-10-09 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pedro\Downloads\HijackThis.exe
2015-10-09 08:21 - 2015-10-09 08:21 - 00003632 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-10-09 07:33 - 2015-10-09 07:33 - 00065640 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-10-08 23:16 - 2015-10-08 23:16 - 00000174 _____ C:\Users\Pedro\Desktop\Bleeping Computer.url
2015-10-08 22:58 - 2015-10-06 15:46 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-10-08 22:58 - 2015-10-03 01:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-08 17:28 - 2015-10-08 17:28 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-08 17:28 - 2015-10-08 17:28 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-08 17:27 - 2015-10-08 17:28 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-08 17:27 - 2015-10-08 17:27 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-08 17:22 - 2015-10-08 17:22 - 00000000 ____D C:\SUPERDelete
2015-10-08 14:04 - 2015-10-08 14:05 - 23640968 _____ (SUPERAntiSpyware) C:\Users\Pedro\Downloads\SUPERAntiSpyware.exe
2015-10-08 13:49 - 2015-10-08 13:49 - 00000000 ____D C:\Users\Pedro\Downloads\SmartGesture_Win7_64_VER213
2015-10-08 13:48 - 2015-10-08 13:48 - 23977598 _____ C:\Users\Pedro\Downloads\SmartGesture_Win7_64_VER213.zip
2015-10-08 11:54 - 2015-10-10 09:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2015-10-07 15:24 - 2015-10-07 15:24 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2015-10-07 15:24 - 2015-10-07 15:24 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-10-07 15:22 - 2015-10-07 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-07 14:50 - 2015-10-07 14:50 - 00000000 ____D C:\Users\Todos os Usuários\VS
2015-10-07 14:50 - 2015-10-07 14:50 - 00000000 ____D C:\ProgramData\VS
2015-10-07 14:47 - 2015-10-07 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2016 CTP2.4
2015-10-07 14:47 - 2015-10-07 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-10-07 14:47 - 2015-10-07 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-10-07 14:24 - 2015-10-09 07:28 - 00000000 ____D C:\Users\Pedro\Desktop\QVW
2015-10-07 14:07 - 2015-10-07 14:14 - 55637744 _____ (Microsoft Corporation) C:\Users\Pedro\Downloads\SSMS-Web-Setup.exe
2015-10-07 07:19 - 2015-10-07 07:19 - 00000000 ____D C:\Users\Public\Foxit Software
2015-10-07 07:18 - 2015-10-07 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-10-07 07:18 - 2015-10-07 07:18 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-10-06 20:50 - 2015-10-07 09:58 - 00000000 ____D C:\Smart
2015-10-06 17:35 - 2015-10-08 23:01 - 00000000 ____D C:\WINDOWS\LastGood
2015-10-06 17:33 - 2015-10-08 18:32 - 00001123 _____ C:\WINDOWS\setupact.log
2015-10-06 17:33 - 2015-10-06 17:33 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-06 17:26 - 2015-10-09 08:21 - 00044776 _____ C:\WINDOWS\DPINST.LOG
2015-10-06 17:18 - 2015-10-09 07:01 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-06 17:17 - 2015-10-10 09:21 - 00016616 _____ C:\WINDOWS\PFRO.log
2015-10-06 17:16 - 2015-10-06 17:16 - 00003328 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3361239562-2013860233-1157577440-1002
2015-10-06 17:16 - 2015-10-06 17:16 - 00003232 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3361239562-2013860233-1157577440-1002
2015-10-06 17:16 - 2015-10-06 17:16 - 00002352 _____ C:\WINDOWS\System32\Tasks\{398F0DB8-F92B-4269-ABA7-3C666FDFBC9C}
2015-10-06 17:11 - 2015-10-06 17:11 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-10-06 17:11 - 2015-10-06 17:11 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-06 17:11 - 2015-10-06 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-06 17:11 - 2015-10-06 17:11 - 00000000 ____D C:\Program Files\CCleaner
2015-10-06 17:03 - 2015-10-06 17:03 - 00000000 ____D C:\Users\Pedro\AppData\Local\Windows Live
2015-10-06 17:01 - 2015-10-06 17:01 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-06 16:23 - 2015-10-06 16:23 - 00034104 _____ (Basil) C:\WINDOWS\system32\WinDivert.dll
2015-10-06 16:20 - 2015-10-10 09:21 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2015-10-06 16:20 - 2015-10-06 16:20 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2015-10-06 16:20 - 2015-10-06 16:20 - 00000000 ___HD C:\Program Files (x86)\Diebold
2015-10-06 16:20 - 2015-10-06 16:20 - 00000000 ____D C:\Program Files\Diebold
2015-10-06 16:20 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddpp.sys
2015-10-06 16:19 - 2015-10-06 16:19 - 00730322 _____ C:\Users\Pedro\AppData\Roaming\unins000.exe
2015-10-06 16:19 - 2015-10-06 16:19 - 00017889 _____ C:\Users\Pedro\AppData\Roaming\unins000.dat
2015-10-06 16:19 - 2015-10-06 16:19 - 00000000 ____D C:\Users\Pedro\AppData\Local\GAS Tecnologia
2015-10-06 15:11 - 2015-10-06 15:11 - 01801288 _____ (Malwarebytes) C:\Users\Pedro\Documents\JRT.exe
2015-10-06 09:48 - 2015-10-06 09:48 - 00001928 _____ C:\Users\Public\Desktop\ooVoo.lnk
2015-10-06 09:48 - 2015-10-06 09:48 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\ooVoo Details
2015-10-06 09:48 - 2015-10-06 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2015-10-06 09:48 - 2015-10-06 09:48 - 00000000 ____D C:\Program Files (x86)\ooVoo
2015-10-05 17:34 - 2015-10-05 17:34 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-05 17:34 - 2015-10-05 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-05 17:34 - 2015-10-05 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-05 16:15 - 2015-10-07 07:19 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Software
2015-10-05 16:12 - 2015-10-05 16:12 - 00000000 ____D C:\Users\Pedro\AppData\Local\Foxit Advanced PDF Editor
2015-10-05 16:12 - 2015-10-05 16:12 - 00000000 ____D C:\Users\Pedro\AppData\Local\Aspell
2015-10-05 16:03 - 2015-10-05 16:05 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\PrimoPDF
2015-10-05 16:02 - 2015-10-06 14:37 - 00000000 ____D C:\Program Files (x86)\Nitro PDF
2015-10-05 16:02 - 2015-09-01 10:41 - 00095008 _____ C:\WINDOWS\system32\Primomonnt.dll
2015-10-04 10:07 - 2015-10-04 10:07 - 00016148 _____ C:\WINDOWS\system32\PEDRO_Pedro_HistoryPrediction.bin
2015-10-03 13:14 - 2015-10-04 10:06 - 00000000 ___RD C:\Users\Pedro\Dropbox
2015-10-03 13:13 - 2015-10-03 13:13 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Dropbox
2015-10-03 13:12 - 2015-10-04 10:17 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-03 13:11 - 2015-10-04 10:06 - 00000000 ____D C:\Users\Pedro\AppData\Local\Dropbox
2015-10-03 13:11 - 2015-10-03 13:11 - 00000000 ____D C:\Users\Todos os Usuários\Dropbox
2015-10-03 13:11 - 2015-10-03 13:11 - 00000000 ____D C:\ProgramData\Dropbox
2015-09-30 19:14 - 2015-09-24 21:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 19:14 - 2015-09-24 20:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 19:14 - 2015-09-24 20:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 19:14 - 2015-09-24 20:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 19:14 - 2015-09-24 20:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 19:14 - 2015-09-24 20:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 19:14 - 2015-09-24 20:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 19:14 - 2015-09-24 20:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 19:14 - 2015-09-24 20:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 19:14 - 2015-09-24 20:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 19:14 - 2015-09-24 20:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 19:14 - 2015-09-24 20:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 19:14 - 2015-09-24 19:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 19:14 - 2015-09-24 19:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 19:14 - 2015-09-24 19:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 19:14 - 2015-09-24 19:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 19:14 - 2015-09-19 02:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 19:14 - 2015-09-17 03:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 19:14 - 2015-09-17 03:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 19:14 - 2015-09-17 03:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 19:14 - 2015-09-17 03:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 19:14 - 2015-09-17 03:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 19:14 - 2015-09-17 03:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 19:14 - 2015-09-17 03:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 19:14 - 2015-09-17 03:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 19:14 - 2015-09-17 03:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 19:14 - 2015-09-17 03:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 19:14 - 2015-09-17 03:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 19:14 - 2015-09-17 03:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 19:14 - 2015-09-17 03:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 19:14 - 2015-09-17 03:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 19:14 - 2015-09-17 03:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 19:14 - 2015-09-17 03:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 19:14 - 2015-09-17 03:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 19:14 - 2015-09-17 03:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 19:14 - 2015-09-17 03:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 19:14 - 2015-09-17 03:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 19:14 - 2015-09-17 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 19:14 - 2015-09-17 03:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 19:14 - 2015-09-17 03:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 19:14 - 2015-09-17 03:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 19:14 - 2015-09-17 03:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 19:14 - 2015-09-17 03:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 19:14 - 2015-09-17 03:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 19:14 - 2015-09-17 03:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 19:14 - 2015-09-17 03:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 19:14 - 2015-09-17 03:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 19:14 - 2015-09-17 03:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 19:14 - 2015-09-17 03:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 19:14 - 2015-09-17 03:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 19:14 - 2015-09-17 03:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 19:14 - 2015-09-17 03:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 19:14 - 2015-09-17 03:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 19:14 - 2015-09-17 03:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 19:14 - 2015-09-17 02:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 19:14 - 2015-09-17 02:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 19:14 - 2015-09-17 02:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 19:14 - 2015-09-17 02:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 19:14 - 2015-09-17 02:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 19:14 - 2015-09-17 02:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 19:14 - 2015-09-17 02:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 19:14 - 2015-09-17 02:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 19:14 - 2015-09-17 02:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 19:14 - 2015-09-17 02:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 19:14 - 2015-09-17 02:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 19:14 - 2015-09-17 02:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 19:14 - 2015-09-17 02:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 19:14 - 2015-09-17 02:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 19:14 - 2015-09-17 02:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 19:14 - 2015-09-17 02:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 19:14 - 2015-09-17 02:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 19:14 - 2015-09-17 02:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 19:14 - 2015-09-17 02:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 19:14 - 2015-09-17 02:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 19:14 - 2015-09-17 02:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 19:14 - 2015-09-17 02:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 19:14 - 2015-09-17 02:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 19:14 - 2015-09-17 02:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 19:14 - 2015-09-17 02:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 19:14 - 2015-09-17 02:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 19:14 - 2015-09-17 02:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 19:14 - 2015-09-17 02:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 19:14 - 2015-09-17 02:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 19:14 - 2015-09-17 02:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 19:14 - 2015-09-17 02:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 19:14 - 2015-09-17 02:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 19:14 - 2015-09-12 23:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 19:14 - 2015-09-12 22:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 19:13 - 2015-09-24 21:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 19:13 - 2015-09-24 21:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 19:13 - 2015-09-24 20:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 19:13 - 2015-09-24 20:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 19:13 - 2015-09-24 20:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 19:13 - 2015-09-24 20:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 19:13 - 2015-09-24 20:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 19:13 - 2015-09-24 19:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 19:13 - 2015-09-24 19:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 19:13 - 2015-09-17 03:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 19:13 - 2015-09-17 03:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 19:13 - 2015-09-17 03:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 19:13 - 2015-09-17 03:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 19:13 - 2015-09-17 03:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 19:13 - 2015-09-17 03:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 19:13 - 2015-09-17 03:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 19:13 - 2015-09-17 03:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 19:13 - 2015-09-17 03:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 19:13 - 2015-09-17 03:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 19:13 - 2015-09-17 03:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 19:13 - 2015-09-17 03:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 19:13 - 2015-09-17 03:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 19:13 - 2015-09-17 03:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 19:13 - 2015-09-17 03:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 19:13 - 2015-09-17 02:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 19:13 - 2015-09-17 02:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 19:13 - 2015-09-17 02:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 19:13 - 2015-09-17 02:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 19:13 - 2015-09-17 02:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 19:13 - 2015-09-17 02:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 19:13 - 2015-09-17 02:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 19:13 - 2015-09-17 02:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 19:13 - 2015-09-17 02:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 19:13 - 2015-09-17 02:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 19:13 - 2015-09-17 02:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 19:13 - 2015-09-17 02:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 19:13 - 2015-09-17 02:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 19:13 - 2015-09-17 02:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 19:13 - 2015-09-17 02:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 19:13 - 2015-09-17 02:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 19:13 - 2015-09-17 02:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 19:13 - 2015-09-17 02:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 19:13 - 2015-09-17 02:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 19:13 - 2015-09-17 02:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 19:13 - 2015-09-17 02:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 19:13 - 2015-09-17 02:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-28 18:14 - 2015-09-28 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-28 18:11 - 2015-09-28 18:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-28 05:54 - 2015-09-28 05:54 - 00003646 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2015-09-28 05:54 - 2015-09-28 05:54 - 00002874 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2015-09-28 05:41 - 2015-09-28 05:41 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Sun
2015-09-28 05:41 - 2015-09-28 05:41 - 00000000 ____D C:\Users\Pedro\.oracle_jre_usage
2015-09-26 13:13 - 2015-09-13 21:24 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll
2015-09-26 13:13 - 2015-09-13 21:24 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll
2015-09-24 16:07 - 2015-10-08 23:02 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2015-09-24 16:07 - 2015-10-08 23:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-24 16:07 - 2015-10-02 23:38 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-24 16:07 - 2015-10-02 23:38 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-24 16:07 - 2015-10-01 06:30 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-24 12:15 - 2015-09-24 12:15 - 00002248 _____ C:\Users\Pedro\Desktop\GSH Externo.rdp
2015-09-24 10:14 - 2015-09-24 10:14 - 00002276 _____ C:\Users\Pedro\Desktop\GSH Interno.rdp
2015-09-24 09:03 - 2015-09-24 09:03 - 00001128 _____ C:\Users\Pedro\Desktop\Notepad++.lnk
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Notepad++
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-09-24 07:42 - 2015-09-24 07:42 - 00000038 _____ C:\Users\Pedro\Documents\IBAN.txt
2015-09-23 20:56 - 2015-10-07 09:32 - 00000000 ____D C:\Users\Pedro\Desktop\PBLs
2015-09-23 11:33 - 2015-10-09 14:32 - 00000000 ____D C:\Users\Pedro\Desktop\SH
2015-09-23 08:26 - 2015-09-23 08:26 - 00000000 ____D C:\Users\Pedro\Desktop\Anotações
2015-09-23 08:20 - 2015-09-23 08:25 - 00000000 ____D C:\Users\Pedro\Desktop\Concursos - Diversos
2015-09-22 16:21 - 2015-09-22 16:21 - 00003324 _____ C:\WINDOWS\System32\Tasks\{97892F7D-3FEB-400E-8DA4-15D348503BCC}
2015-09-22 15:38 - 2015-09-24 06:16 - 00000051 _____ C:\AUTOEXEC.BAT
2015-09-22 15:38 - 2015-09-22 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfoMaker 6.5
2015-09-22 15:38 - 1997-07-03 12:23 - 00124416 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbtxt12.dll
2015-09-22 15:38 - 1997-07-03 12:17 - 00284672 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbdbf12.dll
2015-09-22 15:38 - 1997-06-30 20:05 - 00034900 _____ C:\WINDOWS\SysWOW64\pbdbf12.hlp
2015-09-22 15:38 - 1997-06-30 19:28 - 00021792 _____ C:\WINDOWS\SysWOW64\pbdb212.hlp
2015-09-22 15:38 - 1997-06-30 17:59 - 00034998 _____ C:\WINDOWS\SysWOW64\pbidp12.hlp
2015-09-22 15:38 - 1997-06-30 15:03 - 00030140 _____ C:\WINDOWS\SysWOW64\pbbtr12.hlp
2015-09-22 15:38 - 1997-06-27 10:28 - 00128000 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbbtr12.dll
2015-09-22 15:38 - 1997-06-25 16:04 - 00106496 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbidp12.dll
2015-09-22 15:38 - 1997-06-19 16:58 - 00028909 _____ C:\WINDOWS\SysWOW64\pbtxt12.hlp
2015-09-22 15:38 - 1997-06-18 23:56 - 00098304 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbdb212.dll
2015-09-22 15:33 - 2015-09-22 15:38 - 00000288 _____ C:\WINDOWS\winhelp.ini
2015-09-22 15:33 - 2015-09-22 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerBuilder 6.5
2015-09-22 15:32 - 1998-05-07 14:44 - 00000896 _____ C:\WINDOWS\SysWOW64\IVPB.LIC
2015-09-22 15:32 - 1997-10-09 15:29 - 00120320 _____ (Sybase Inc.) C:\WINDOWS\SysWOW64\occ020.dll
2015-09-22 15:32 - 1997-09-17 16:32 - 00024576 _____ (Sybase Inc.) C:\WINDOWS\SysWOW64\mside020.dll
2015-09-22 15:32 - 1997-09-16 15:25 - 00061952 _____ (Sybase Inc.) C:\WINDOWS\SysWOW64\sync.ocx
2015-09-22 15:32 - 1997-09-16 10:26 - 00068608 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBXLWB12.DLL
2015-09-22 15:32 - 1997-09-03 10:56 - 00004656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS16GT.DLL
2015-09-22 15:32 - 1997-07-01 10:53 - 00047715 _____ C:\WINDOWS\SysWOW64\PBDRV12.HLP
2015-09-22 15:32 - 1997-06-23 17:38 - 00288256 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBBAS12.DLL
2015-09-22 15:32 - 1997-06-20 13:53 - 00320512 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBFLT12.DLL
2015-09-22 15:32 - 1997-06-19 17:00 - 00020085 _____ C:\WINDOWS\SysWOW64\PBXLWB12.HLP
2015-09-22 15:32 - 1997-06-19 16:00 - 00010871 _____ C:\WINDOWS\SysWOW64\PBDRV12.CNT
2015-09-22 15:32 - 1997-06-18 23:33 - 00271360 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBUTL12.DLL
2015-09-22 15:32 - 1997-06-11 10:55 - 00047104 _____ C:\WINDOWS\SysWOW64\PBTRN12.DLL
2015-09-22 15:32 - 1997-05-01 00:00 - 00026224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC16GT.DLL
2015-09-22 15:32 - 1997-05-01 00:00 - 00011536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCCP32.CPL
2015-09-22 15:32 - 1997-05-01 00:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC32GT.DLL
2015-09-22 15:32 - 1997-05-01 00:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS32GT.DLL
2015-09-22 15:32 - 1996-10-29 00:00 - 00026340 _____ C:\WINDOWS\SysWOW64\ODBCINST.HLP
2015-09-22 15:32 - 1996-08-23 00:00 - 00000244 _____ C:\WINDOWS\SysWOW64\ODBCINST.CNT
2015-09-22 15:31 - 2015-09-24 06:16 - 00000000 ____D C:\Sybase
2015-09-22 15:31 - 1997-12-17 18:33 - 00304128 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2015-09-22 14:12 - 2015-09-22 14:12 - 00000000 ____D C:\Users\Usuário Padrão\Documents\Visual Studio 2005
2015-09-22 14:12 - 2015-09-22 14:12 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2005
2015-09-22 14:12 - 2015-09-22 14:12 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2005
2015-09-22 14:12 - 2015-03-30 00:43 - 00115888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SQSRVRES.DLL
2015-09-22 13:55 - 2015-09-22 13:55 - 00000000 ____D C:\Users\Usuário Padrão\Documents\Visual Studio 2008
2015-09-22 13:55 - 2015-09-22 13:55 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2015-09-22 13:55 - 2015-09-22 13:55 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2015-09-22 13:18 - 2015-09-22 13:18 - 00000000 ____D C:\Users\Pedro\Documents\Visual Studio 2005
2015-09-22 11:30 - 2015-09-22 11:30 - 00000000 ____D C:\Users\Pedro\Documents\Integration Services Script Task
2015-09-22 11:30 - 2015-09-22 11:30 - 00000000 ____D C:\Users\Pedro\Documents\Integration Services Script Component
2015-09-22 11:22 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
2015-09-22 11:21 - 2015-09-22 11:21 - 00000000 ____D C:\Users\Pedro\Documents\Visual Studio 2008
2015-09-22 11:20 - 2015-10-06 17:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-09-22 11:20 - 2015-09-22 11:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-09-22 11:05 - 2015-10-03 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2015-09-22 02:42 - 2015-10-10 09:27 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2015-09-22 02:42 - 2015-10-10 09:27 - 00000000 ____D C:\ProgramData\GbPlugin
2015-09-22 02:42 - 2015-10-10 09:21 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-09-21 19:03 - 2015-10-01 09:34 - 00000000 ____D C:\Users\Pedro\Desktop\MEI
2015-09-20 09:01 - 2015-09-20 09:01 - 00733280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SqlServerSpatial130.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 01652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msodbcsql11.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00696928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adalsql.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00584880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SqlServerSpatial130.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00095936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msodbcdiag11.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00043616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DTSPipelinePerf130.dll
2015-09-20 08:59 - 2015-09-20 08:59 - 02016448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msodbcsql11.dll
2015-09-20 08:59 - 2015-09-20 08:59 - 00876224 _____ (Microsoft Corporation) C:\WINDOWS\system32\adalsql.dll
2015-09-20 08:59 - 2015-09-20 08:59 - 00101056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msodbcdiag11.dll
2015-09-20 07:59 - 2015-10-08 11:53 - 00003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-09-20 07:59 - 2015-09-20 08:05 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-09-20 07:59 - 2015-09-20 08:05 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-09-20 07:59 - 2015-09-20 07:59 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-09-20 07:58 - 2015-10-08 11:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-09-20 07:58 - 2015-10-08 11:53 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2015-09-20 07:58 - 2015-09-20 07:58 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-09-20 01:25 - 2015-09-20 01:25 - 00026289 _____ C:\WINDOWS\SysWOW64\SQLServerManager13.msc
2015-09-18 19:56 - 2015-09-18 19:56 - 00000000 ____D C:\Users\Pedro\AppData\Local\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Users\Todos os Usuários\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\ProgramData\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QlikView
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Program Files\QlikView
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Program Files (x86)\QlikView
2015-09-18 19:36 - 2015-09-18 19:36 - 00003302 _____ C:\WINDOWS\System32\Tasks\{FA32B660-41FA-43E6-80BE-A638EBD79522}
2015-09-18 19:35 - 2015-09-18 19:35 - 00000000 ____D C:\Users\Pedro\AppData\Local\QlikTech Installations
2015-09-18 16:03 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Usuário Padrão\Documents\Visual Studio 2010
2015-09-18 16:03 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2015-09-18 16:03 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2015-09-18 14:51 - 2015-10-10 09:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-09-18 14:51 - 2015-10-09 13:53 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes Anti-Exploit
2015-09-18 14:51 - 2015-10-09 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-18 14:09 - 2015-09-18 14:47 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)
2015-09-18 14:09 - 2015-09-18 14:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-18 09:15 - 2015-09-18 09:15 - 00000000 ____D C:\Users\Pedro\AppData\Local\Microsoft_Corporation
2015-09-18 09:14 - 2015-10-08 09:54 - 00000000 ____D C:\Users\Pedro\Documents\SQL Server Management Studio
2015-09-18 09:09 - 2014-02-21 05:27 - 00172224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hadrres.dll
2015-09-18 09:09 - 2014-02-21 05:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fssres.dll
2015-09-18 09:03 - 2015-10-07 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2015-09-18 09:03 - 2015-10-07 14:47 - 00000000 ____D C:\WINDOWS\system32\1033
2015-09-18 09:02 - 2015-09-18 09:02 - 00000000 ____D C:\Users\Pedro\Documents\Visual Studio 2010
2015-09-18 09:01 - 2015-10-07 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\1046
2015-09-18 09:00 - 2015-10-07 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-09-18 09:00 - 2015-10-07 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-18 08:59 - 2015-09-18 08:59 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2015-09-18 08:59 - 2015-09-18 08:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-09-18 08:47 - 2015-10-04 10:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-09-18 05:38 - 2015-09-18 05:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-18 05:35 - 2015-10-10 09:26 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-18 05:35 - 2015-10-10 01:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-18 05:35 - 2015-09-18 05:35 - 00004136 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 05:35 - 2015-09-18 05:35 - 00003904 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-18 05:18 - 2015-10-06 21:26 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2015-09-18 05:00 - 2015-09-18 05:18 - 00000000 ____D C:\Users\Todos os Usuários\HitmanPro
2015-09-18 05:00 - 2015-09-18 05:18 - 00000000 ____D C:\ProgramData\HitmanPro
2015-09-18 04:53 - 2015-09-18 04:53 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2015-09-18 04:53 - 2015-09-18 04:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-16 06:41 - 2015-09-16 06:41 - 00000000 ___RD C:\Users\Pedro\3D Objects
2015-09-15 16:58 - 2015-09-18 04:29 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Acrylic Wi-Fi Professional
2015-09-15 16:58 - 2015-09-18 04:29 - 00000000 ____D C:\Program Files\Acrylic Wi-Fi Professional
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-10 09:37 - 2015-08-31 12:33 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2015-10-10 09:30 - 2015-07-31 00:18 - 02063708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 09:30 - 2015-07-10 13:55 - 00875902 _____ C:\WINDOWS\system32\prfh0416.dat
2015-10-10 09:30 - 2015-07-10 13:55 - 00192000 _____ C:\WINDOWS\system32\prfc0416.dat
2015-10-10 09:29 - 2015-08-10 14:28 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DF92342-D98F-4310-B406-B944D2ECB3C7}
2015-10-10 09:26 - 2014-07-18 09:06 - 00000000 ____D C:\Users\Pedro\OneDrive
2015-10-10 09:21 - 2015-07-10 09:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-10 02:10 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-10 02:10 - 2015-07-10 06:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-10-10 02:10 - 2014-10-21 22:05 - 00000000 ____D C:\Users\Pedro\AppData\Local\Spotify
2015-10-10 02:09 - 2014-10-21 22:03 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Spotify
2015-10-10 01:34 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-10 01:17 - 2014-12-09 10:33 - 00053760 _____ C:\Users\Pedro\Desktop\Fluxo de Caixa 2015.xlsx
2015-10-10 00:04 - 2015-03-30 22:26 - 00000000 ____D C:\LBTaskControl
2015-10-09 21:50 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-09 11:10 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-09 09:34 - 2015-07-30 23:55 - 00000000 ____D C:\Users\Pedro
2015-10-09 08:20 - 2013-04-25 19:40 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-10-09 07:13 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-08 17:47 - 2015-07-31 06:58 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-08 17:28 - 2015-07-31 06:52 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-08 17:28 - 2015-07-31 06:52 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-08 17:28 - 2014-07-18 08:41 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-08 17:28 - 2014-07-18 08:41 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-08 17:27 - 2015-08-10 19:14 - 00000000 ____D C:\Users\Todos os Usuários\ASUS Smart Gesture
2015-10-08 17:27 - 2015-08-10 19:14 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-10-08 17:27 - 2015-07-31 06:52 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-08 17:27 - 2015-07-31 06:52 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-08 17:22 - 2014-11-08 15:21 - 00000000 ____D C:\Program Files (x86)\PDFlite
2015-10-08 14:29 - 2013-04-25 19:44 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-10-08 11:14 - 2014-09-25 07:01 - 00000000 ____D C:\Users\Pedro\AppData\Local\CrashDumps
2015-10-08 08:56 - 2015-07-31 06:51 - 00000000 ____D C:\Users\Todos os Usuários\SetupTPDriver
2015-10-08 08:56 - 2015-07-31 06:51 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-10-07 15:21 - 2013-04-25 19:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-07 14:47 - 2014-08-18 13:03 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2015-10-07 14:47 - 2014-08-18 13:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-07 09:31 - 2014-12-08 14:43 - 00000119 _____ C:\WINDOWS\ODBC.INI
2015-10-06 22:55 - 2014-07-18 19:07 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2015-10-06 17:18 - 2015-07-10 09:20 - 00396352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-06 17:18 - 2015-05-30 20:43 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3361239562-2013860233-1157577440-1002.job
2015-10-06 17:18 - 2014-08-14 14:06 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3361239562-2013860233-1157577440-1002.job
2015-10-06 17:14 - 2014-07-18 10:14 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-06 17:08 - 2014-08-14 14:06 - 00000000 ____D C:\Users\Pedro\AppData\Local\Citrix
2015-10-06 17:07 - 2015-07-11 14:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-06 17:03 - 2014-09-19 17:12 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-10-06 17:03 - 2014-09-19 17:12 - 00000000 ____D C:\ProgramData\Skype
2015-10-06 17:03 - 2014-09-14 20:18 - 00000000 ____D C:\Program Files\WinRAR
2015-10-06 17:03 - 2014-09-12 11:07 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\SubiT
2015-10-06 17:02 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-06 17:02 - 2013-04-25 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-06 17:01 - 2015-02-20 14:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-06 17:00 - 2015-04-23 13:01 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2015-10-06 17:00 - 2015-04-23 13:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-06 16:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Web
2015-10-06 16:21 - 2014-11-20 19:29 - 00001024 _____ C:\.rnd
2015-10-06 16:21 - 2014-09-13 10:17 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2015-10-06 16:21 - 2014-09-13 10:17 - 00000000 ____D C:\ProgramData\Temp
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-06 16:14 - 2015-07-10 07:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-06 16:08 - 2014-10-09 19:46 - 00000000 ____D C:\Users\Pedro\AppData\Local\NPE
2015-10-06 16:05 - 2014-12-18 11:06 - 00000000 ____D C:\NPE
2015-10-06 15:45 - 2015-08-14 09:29 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-06 09:45 - 2014-09-19 17:13 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Skype
2015-10-05 16:11 - 2014-07-17 22:42 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2015-10-04 05:23 - 2015-08-12 11:06 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 05:23 - 2015-08-12 11:06 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 05:22 - 2015-08-12 11:06 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-03 14:08 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-03 13:21 - 2015-01-09 20:32 - 02460576 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-03 13:21 - 2014-07-18 09:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-03 01:58 - 2015-08-14 09:29 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 01:58 - 2015-08-14 09:29 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-09-30 11:30 - 2014-07-18 09:09 - 00000000 ____D C:\Users\Pedro\AppData\Local\Google
2015-09-28 05:54 - 2015-04-25 18:23 - 00000000 ____D C:\Users\Todos os Usuários\ASUS
2015-09-28 05:54 - 2015-04-25 18:23 - 00000000 ____D C:\ProgramData\ASUS
2015-09-28 05:54 - 2013-04-25 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-09-28 05:42 - 2014-07-25 10:50 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2015-09-28 05:42 - 2014-07-25 10:50 - 00000000 ____D C:\ProgramData\Oracle
2015-09-24 16:07 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-24 16:07 - 2014-01-24 08:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-24 16:06 - 2014-01-24 08:10 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2015-09-24 16:06 - 2014-01-24 08:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-24 16:05 - 2014-01-24 08:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-24 15:59 - 2014-01-24 08:16 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-09-24 12:15 - 2014-09-08 15:53 - 00002248 ____H C:\Users\Pedro\Documents\Default.rdp
2015-09-23 08:19 - 2015-04-23 12:29 - 00000000 ____D C:\Program Files\Rockstar Games
2015-09-23 08:19 - 2014-09-13 11:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-09-22 13:40 - 2014-07-18 10:22 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-22 13:18 - 2014-10-10 10:17 - 00000000 ____D C:\Users\Pedro\AppData\Local\Microsoft Help
2015-09-21 22:18 - 2015-01-14 15:01 - 00000000 ____D C:\Users\Pedro\.VirtualBox
2015-09-20 10:20 - 2014-01-24 08:02 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-09-20 09:57 - 2015-01-14 15:02 - 00000000 ____D C:\Users\Pedro\VirtualBox VMs
2015-09-20 09:38 - 2015-07-10 08:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-20 08:16 - 2015-08-09 22:34 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-09-20 07:58 - 2014-09-17 16:50 - 00000000 ____D C:\Users\Todos os Usuários\Norton
2015-09-20 07:58 - 2014-09-17 16:50 - 00000000 ____D C:\ProgramData\Norton
2015-09-20 07:55 - 2015-08-09 22:34 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Panda Security
2015-09-20 07:55 - 2015-08-09 22:09 - 00000000 ____D C:\Users\Todos os Usuários\Panda Security
2015-09-20 07:55 - 2015-08-09 22:09 - 00000000 ____D C:\ProgramData\Panda Security
2015-09-20 07:37 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-18 16:07 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-18 15:51 - 2015-08-09 22:35 - 00000000 ____D C:\Users\Todos os Usuários\panda_url_filtering
2015-09-18 15:51 - 2015-08-09 22:35 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-09-18 13:59 - 2015-07-29 17:35 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\LG Electronics
2015-09-18 13:59 - 2015-07-29 17:31 - 00000000 ____D C:\Users\Pedro\AppData\Local\LG Electronics
2015-09-18 04:28 - 2014-11-03 15:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\TeamViewer
2015-09-18 04:25 - 2015-08-01 19:05 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-18 04:25 - 2015-07-30 23:43 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-18 04:18 - 2015-09-05 06:32 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-09-15 13:12 - 2015-07-10 08:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 13:12 - 2015-07-10 08:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-15 11:08 - 2015-07-31 06:10 - 00002383 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-11 13:21 - 2014-10-15 13:30 - 00000000 ____D C:\Users\Pedro\Documents\Recebimentos Lionbridge
 
==================== Files in the root of some directories =======
 
2015-10-06 16:19 - 2015-10-06 16:19 - 0017889 _____ () C:\Users\Pedro\AppData\Roaming\unins000.dat
2015-10-06 16:19 - 2015-10-06 16:19 - 0730322 _____ () C:\Users\Pedro\AppData\Roaming\unins000.exe
2015-04-13 21:31 - 2015-04-13 21:31 - 0000000 ___SH () C:\Users\Pedro\AppData\Local\LumaEmu
2015-03-04 12:15 - 2015-03-05 20:48 - 0007601 _____ () C:\Users\Pedro\AppData\Local\Resmon.ResmonCfg
2015-07-30 23:49 - 2015-07-30 23:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-25 19:39 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-25 19:39 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-25 19:39 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-07-19 09:13 - 2014-07-19 09:15 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-07-19 09:12 - 2014-07-19 09:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.VBS
C:\Users\Todos os Usuários\SetStretch.VBS
 

Some files in TEMP:
====================
C:\Users\Pedro\AppData\Local\Temp\RHSetup.exe
 

==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

ATTENTION: ==> Could not access BCD.
 

LastRegBack: 2015-10-01 09:00
 
==================== End of FRST.txt ============================

This is the addition.txt file:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-10-2015
Ran by Pedro (2015-10-10 09:37:21)
Running from C:\Users\Pedro\Desktop
Windows 10 Home Single Language (X64) (2015-07-31 09:06:53)
Boot Mode: Normal
==========================================================
 

==================== Accounts: =============================
 
Administrador (S-1-5-21-3361239562-2013860233-1157577440-500 - Administrator - Disabled)
Convidado (S-1-5-21-3361239562-2013860233-1157577440-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3361239562-2013860233-1157577440-503 - Limited - Disabled)
Pedro (S-1-5-21-3361239562-2013860233-1157577440-1002 - Administrator - Enabled) => C:\Users\Pedro
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{66F9FC9F-E684-484F-A512-439F8EAFF2D2}) (Version: 13.0.600.65 - Microsoft Corporation)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0004 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version:  - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version:  - Microsoft)
Atualizações da NVIDIA 2.5.15.46 (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.122.702 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.2.4.3164 (HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\GoToMeeting) (Version: 7.2.4.3164 - CitrixOnline)
Hotfix para o Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{689D30EF-AEFD-3349-B75D-30FE99496CCE}.KB947789) (Version: 1 - Microsoft Corporation)
InfoMaker 6.5 (HKLM-x32\...\InfoMaker 6.5) (Version:  - )
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.0 - Receita Federal do Brasil)
LB Task Control versão 7.8 (HKLM-x32\...\{AD8E18B3-4103-4684-B165-B45A9DAE1D36}_is1) (Version: 7.8 - Guilherme K. Mogames)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - PTB (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - PTB) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{2295CD7A-B4DF-4750-AC64-76C014D78A8C}) (Version: 13.0.600.65 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0416-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer for SQL Server 2016 CTP2.4 (HKLM-x32\...\{C7E59BF5-3C2C-483C-92DB-E39B247C6FFE}) (Version: 13.0.600.65 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server  2016  Policies CTP2.4 (HKLM-x32\...\{8C88513C-6D51-45E7-A3A3-A1CF0A257746}) (Version: 13.0.600.65 - Microsoft Corporation)
Microsoft SQL Server  2016  T-SQL ScriptDom CTP2.4 (HKLM\...\{E3EF8638-20E9-4ED5-A856-1F4A90E0D435}) (Version: 13.0.600.65 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{AD816BDD-4ACC-4AC1-85B1-11958B9DC740}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation)
Microsoft SQL Server 2016 CTP2.4 (HKLM-x32\...\Microsoft SQL Server SQL16CTP2.4) (Version:  - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 PTB (HKLM-x32\...\{AA3E5E7A-993A-4E70-9A87-6AFAF492C84B}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{606D79CE-BB8E-4C96-B32C-9B1AE893F99E}) (Version: 13.0.3037.3 - Microsoft Corporation)
Microsoft SQL Server Management Studio - September 2015 (HKLM-x32\...\{ed0bdcdb-297a-4692-a61e-db040b5b4740}) (Version: 13.0.600.65 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{6D1C4D4E-E9FA-41F4-AC6F-ABBE327A349F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 CTP2.4 (HKLM\...\{E18D3700-E1C7-43F5-8CCC-C21C8968F430}) (Version: 13.0.600.65 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Shell (integrated mode) - PTB (HKLM-x32\...\{3CF0FA89-B331-3BCF-83AF-7958542996F1}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - PTB (HKLM-x32\...\{37C82C0C-4B8A-36A9-B470-8A2F531EBC18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - PTB (HKLM-x32\...\{689D30EF-AEFD-3349-B75D-30FE99496CCE}) (Version: 9.0.35191 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 pt-BR)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1 - Mozilla)
Norton Security (HKLM-x32\...\NS) (Version: 22.5.4.24 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA Driver de gráficos 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.9001 - ooVoo LLC.)
Pacote de Driver do Windows - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Painel de controle da NVIDIA 358.50 (Version: 358.50 - NVIDIA Corporation) Hidden
PDFlite 1.2.0.0 (HKLM-x32\...\PDFlite) (Version: 1.2.0.0 - Amnis Technology Ltd)
QlikView x64 (HKLM\...\{1ED3B75E-BED2-4863-9763-098DE00590B3}) (Version: 11.20.12904.0 - QlikTech International AB)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7304 - Realtek Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Spotify (HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
SQL Server 2016 CTP2.4 Client Tools (x32 Version: 13.0.600.65 - Microsoft Corporation) Hidden
SQL Server 2016 CTP2.4 Client Tools Extensions (x32 Version: 13.0.600.65 - Microsoft Corporation) Hidden
SQL Server 2016 CTP2.4 Common Files (x32 Version: 13.0.600.65 - Microsoft Corporation) Hidden
SQL Server 2016 CTP2.4 Management Studio (x32 Version: 13.0.600.65 - Microsoft Corporation) Hidden
SQL Server 2016 CTP2.4 Management Studio Extensions (x32 Version: 13.0.600.65 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sybase PowerBuilder 6.5 (HKLM-x32\...\PowerBuilder 6.5) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warsaw 1.9.0.10533 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.9.0.10533 - GAS Tecnologia)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Pedro\AppData\Local\Citrix\GoToMeeting\3019\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Restore Points =========================
 
06-10-2015 14:31:10 JRT Pre-Junkware Removal
08-10-2015 13:50:30 Removed ASUS Smart Gesture
09-10-2015 15:56:28 Installed RegHunter
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 10:25 - 2015-10-09 13:41 - 00000878 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1                   thislineskipsanyemptylines
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0372CAF8-7C96-438D-A02E-BD2CC551AC70} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {06A67FD3-F5F9-4820-A3C4-130F6A2A915A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {07536EB2-A4AB-4F6D-A294-6808061EDDF2} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {14195EE5-F5F5-4398-B25C-4A1DB22054E6} - \{CE6E6A65-6301-40EE-B998-BABDE91BDE9A} -> No File <==== ATTENTION
Task: {14C9EF7F-12E9-4B7B-8658-FF7B087A5B57} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {199157AF-47CF-43C7-8947-EB0C950741C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {203F924C-5B3B-402B-9955-05EBCDB4CD9F} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-10-09] (Enigma Software Group USA, LLC.)
Task: {29238E5C-A1DF-4985-9597-4CFBA2E9CC9A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2F3CB4EE-A8AC-48BF-81A0-A41692E76422} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3A36884E-875D-438D-B0F5-76094FFDDCE0} - \ASUS Live Update -> No File <==== ATTENTION
Task: {3B240879-8B47-47EF-A8A1-563E7E9AFCDB} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {3E8746E6-4D36-4EBD-9E5B-644E4A90267A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {4605C184-51DE-4F49-9B54-AB9CF1B61DFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.)
Task: {4C93EAA3-0DDB-40CD-9B90-0FCEC405F271} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {541982D8-D369-47FB-A586-F9C231E83C25} - \ASUS Splendid ACMON -> No File <==== ATTENTION
Task: {5FE7A672-F683-4368-A9C8-65D8293FC660} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {63119F02-76D8-43AB-9E0A-49BAC02C2F48} - System32\Tasks\G2MUploadTask-S-1-5-21-3361239562-2013860233-1157577440-1002 => C:\Users\Pedro\AppData\Local\Citrix\GoToMeeting\3164\g2mupload.exe [2015-08-09] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {6531D5D3-AD81-491C-8DE7-666F84C8D5FA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {66E9CFDB-23F1-4551-99A3-785319CF49E0} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {67B68993-CC20-46A8-86BB-17237988B663} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {6C561609-0B0B-458C-A0B4-FF5791C9D744} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {71FA95CF-C5B7-4004-9DE9-7F04C1115B38} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {7421C1A9-A683-4864-A889-F5C730183AB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {7691C688-8076-4B3C-AB0D-8FADD7B47E50} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS)
Task: {797A2E98-DE77-4B43-9461-2C6066EB035C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.)
Task: {863F1C50-06EC-4BD2-87F7-A8958805B0D8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
Task: {912EC850-4B2A-4C22-B881-0841AA3E957F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A0135EE6-DCE2-4984-87D9-203C23394FB7} - System32\Tasks\G2MUpdateTask-S-1-5-21-3361239562-2013860233-1157577440-1002 => C:\Users\Pedro\AppData\Local\Citrix\GoToMeeting\3164\g2mupdate.exe [2015-08-09] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {A1B7401C-D21C-43E3-A37A-DCB8AA8CE78A} - System32\Tasks\{FA32B660-41FA-43E6-80BE-A638EBD79522} => pcalua.exe -a C:\Users\Pedro\Downloads\QlikViewDesktop_x64Setup.exe -d C:\Users\Pedro\Downloads
Task: {B223D831-645C-4F25-BE5D-0A71FC080982} - \ASUS Splendid ColorU -> No File <==== ATTENTION
Task: {B2A2AE97-E5E3-4542-BADD-114A25B890AD} - System32\Tasks\{97892F7D-3FEB-400E-8DA4-15D348503BCC} => pcalua.exe -a "C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\SQLServer2008R2\x64\SetupARP.exe"
Task: {BA0B868D-10DC-4120-ACD0-FCA403B95415} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C448AE6C-876E-4660-A895-05263A0251B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {C806C2CD-C6D9-4B7F-A27B-0694B70AAEA5} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe
Task: {C99750BC-4841-4417-82ED-04CF88F7127D} - \Optimize Start Menu Cache Files-S-1-5-21-3361239562-2013860233-1157577440-1002 -> No File <==== ATTENTION
Task: {DB3E49DC-F8E8-4EF7-BF50-1AD52BD3529B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-28] (Microsoft Corporation)
Task: {DCCABCE3-1B68-4CA1-818A-E0E553516B54} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E4A0E413-6647-4146-B131-AA843759F028} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {E7A8C269-69AA-4434-9D3E-940E0B1AB354} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {F1873BFF-9B32-40D8-8D38-BFA01DE9D113} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F5917D1C-5F8F-4288-8081-76AA43C0652E} - \AsusVibeSchedule -> No File <==== ATTENTION
Task: {F6EBB563-F244-4FC0-AC9C-7CF52FA6773D} - System32\Tasks\{398F0DB8-F92B-4269-ABA7-3C666FDFBC9C} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.4.0.102&amp;LastError=12002
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3361239562-2013860233-1157577440-1002.job => C:\Users\Pedro\AppData\Local\Citrix\GoToMeeting\3164\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3361239562-2013860233-1157577440-1002.job => C:\Users\Pedro\AppData\Local\Citrix\GoToMeeting\3164\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-31 06:42 - 2015-07-14 23:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-08 15:22 - 2013-08-26 09:12 - 00087040 _____ () C:\WINDOWS\System32\redmonnt.dll
2015-09-28 18:11 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-18 18:52 - 2015-08-11 06:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-08-24 22:26 - 2012-08-24 22:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-04-15 17:13 - 2015-04-15 17:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-09-30 19:13 - 2015-09-17 02:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 19:13 - 2015-09-17 02:42 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 07:59 - 2015-07-10 07:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-30 19:14 - 2015-09-17 02:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 19:13 - 2015-09-17 02:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 08:00 - 2015-07-10 13:58 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-12 11:06 - 2015-10-04 05:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-25 06:41 - 2015-09-23 23:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 06:41 - 2015-09-23 23:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-09-28 18:25 - 2015-09-28 18:25 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-09-28 18:11 - 2015-09-28 18:11 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\LBTaskControl:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Program Files (x86)\Intel Driver Update Utility:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros:Win32App
AlternateDataStreams: C:\WINDOWS\System32:73D570E5_Cef.gbp
AlternateDataStreams: C:\WINDOWS\System32:73D570E5_Uni.gbp
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\ProgramData\P4G:Win32App
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\ProgramData\SetupTPDriver:Win32App
AlternateDataStreams: C:\ProgramData\Temp:58D8F144
AlternateDataStreams: C:\Users\Pedro\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Pedro\AppData\Roaming\SubiT:Win32App
AlternateDataStreams: C:\Users\Pedro\AppData\Local\Temp:Win32App
AlternateDataStreams: C:\Users\Todos os Usuários\P4G:Win32App
AlternateDataStreams: C:\Users\Todos os Usuários\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\Users\Todos os Usuários\SetupTPDriver:Win32App
AlternateDataStreams: C:\Users\Todos os Usuários\Temp:58D8F144
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 

==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\caixa.gov.br -> imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
 
IE restricted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\esurf.biz -> hxxp://esurf.biz
IE restricted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\freefacti.com -> hxxp://cdn.freefacti.com
IE restricted site: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\play-bar.net -> hxxp://play-bar.net
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AJRouter => 3
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: fhsvc => 3
MSCONFIG\Services: MSSQL$SQLFIN => 2
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: TeamViewer => 3
HKLM\...\StartupApproved\Run: => "CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "Diebold - Warsaw"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Privatefirewall"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{5B704012-4ABF-4BCC-8315-8793B6E8916D}D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [TCP Query User{D8B32479-01D9-488E-8E67-D564FC2B943B}D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{2C60EF4C-63CC-49DC-9965-825495D47179}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F5C212D3-5D8A-4FFC-A2B0-4B60D9D5AF35}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A5212E32-51D7-421A-BEA2-6E0FBCFE1E0E}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{277E67AD-15ED-42EB-91D9-6A51A4AA3F3A}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe
FirewallRules: [{ACF52AE7-02DC-44C0-BCB7-AC509B64FA11}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{C408120F-A8B4-4A62-A329-681B0DE9AB44}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{390AF5B6-CA4A-4991-9EC6-9B8BD34B812C}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{31F0C5EA-ECCB-4D89-912C-EDF11F193D60}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E8F35E80-60DE-4073-8A72-82C69FC75B36}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90C8DFA7-8D5A-4905-8489-BE5570F0C93F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4FE3AFDD-C0A9-4BA7-A26D-F31449F99815}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{CB414D0C-87D6-49DD-9E50-DE6BE26A23EF}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{A525B281-2399-4129-A1E4-8ECEDAEAA953}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0CD6D81B-5D13-494F-84C4-7657D7118745}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{057679AD-37AB-46ED-90CC-81E3BDAFF33D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{D682336E-E6F3-4764-B83A-61F7037548A9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{A8FFECAD-ECFC-469B-8E88-287887F0A338}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E043B11F-E545-419E-A1E1-754334EDCBCC}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{11B7AC0B-520C-46A4-A2C0-71F459A6D7F0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{700F6C05-09E7-45DA-A80D-24DC1596CDC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7E2F4B00-CDDC-49DB-A799-A431C013DA3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A012452-D35F-45B6-ACCC-9147CA3D0D67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{23B0E5A6-48FA-40CA-96C2-19C6F539C13D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{77AFD5D5-FC7E-47C4-BCD7-EB159D421DC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{057D48A5-7A41-483B-AA51-823F49DF2E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{07AF5CDE-9013-4463-8026-76EC6016A73F}D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{066D3A84-C064-4E06-BB93-CA6444F1E0C8}D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [{974FAA3C-FCAE-4D25-A7FF-4EB15C221749}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{31B97CAB-B767-4190-B808-C92DF34A433D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8BFEF7A0-02DC-4593-974E-A49685A2A201}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D5912E1-A6DA-49A3-B4BE-A47855DEF550}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1867844C-81FF-4302-80C0-17584A157460}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{73F56D24-0C13-44F4-8107-E45A029B3C30}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17D167A9-D7F6-4F9D-BD21-4258B43A7628}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4D598166-7F2D-4267-A21E-9BAB1578CAAD}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{71AB9911-C0F9-4B8D-9E86-E86BFC5CE000}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F7530EBC-A366-4D01-9935-0AA98CA24161}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E646313B-4329-4EDC-A091-CB10742A24AC}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe
 
==================== Faulty Device Manager Devices =============
 

==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/10/2015 02:10:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PMSOUZA)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
 
Error: (10/09/2015 09:33:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PMSOUZA)
Description: Falha na ativação do aplicativo Microsoft.WindowsStore_8wekyb3d8bbwe!App com o erro: -2147024891. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
 
Error: (10/09/2015 09:23:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PMSOUZA)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
 
Error: (10/09/2015 09:21:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PMSOUZA)
Description: Falha na ativação do aplicativo Microsoft.WindowsStore_8wekyb3d8bbwe!App com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
 
Error: (10/09/2015 09:20:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PMSOUZA)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2147024891. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
 
Error: (10/09/2015 09:10:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PMSOUZA)
Description: Falha na ativação do aplicativo Microsoft.Windows.Photos_8wekyb3d8bbwe!App com o erro: -2147023170. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
 
Error: (10/09/2015 04:33:10 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7612) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.
 
Error: (10/09/2015 04:33:10 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7612) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).
 
Error: (10/09/2015 04:32:59 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7612) Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -1032.
 
Error: (10/09/2015 04:32:59 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7612) Uma tentativa de criar o arquivo "C:\WINDOWS\system32\edbtmp.log" falhou com o erro de sistema 5 (0x00000005): "Acesso negado. ". A operação para criar o arquivo falhará com o erro -1032 (0xfffffbf8).
 

System errors:
=============
Error: (10/10/2015 09:21:41 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: O serviço ATKGFNEX Service depende do seguinte serviço: ASMMAP64. Esse serviço pode não ter sido instalado.
 
Error: (10/10/2015 09:21:29 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: O driver Bluetooth esperava um evento HCI com um determinado tamanho, mas não o recebeu.
 
Error: (10/10/2015 02:10:25 AM) (Source: DCOM) (EventID: 10010) (User: PMSOUZA)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
 
Error: (10/10/2015 02:10:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Acesso a Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
 
Error: (10/10/2015 02:10:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Armazenamento de Dados de Usuário_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
 
Error: (10/10/2015 02:10:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Dados de Contato_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
 
Error: (10/10/2015 02:10:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
 
Error: (10/09/2015 09:33:48 PM) (Source: DCOM) (EventID: 10001) (User: PMSOUZA)
Description: "C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe" -ServerName:App.AppXqagq4n4gvy0tjw576pgh6xr601s1h1mv.mca5AppNão DisponívelNão Disponível
 
Error: (10/09/2015 09:24:05 PM) (Source: DCOM) (EventID: 10001) (User: PMSOUZA)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXwmnqm0nvq2b90pwvr42qmtdjp7cj3w82.mca31App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mcaNão DisponívelNão Disponível
 
Error: (10/09/2015 09:24:05 PM) (Source: DCOM) (EventID: 10001) (User: PMSOUZA)
Description: "C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe" -ServerName:App.AppXqagq4n4gvy0tjw576pgh6xr601s1h1mv.mca5AppNão DisponívelNão Disponível
 

==================== Memory info ===========================
 
Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 51%
Total physical RAM: 7629.6 MB
Available physical RAM: 3679.48 MB
Total Virtual: 25629.6 MB
Available Virtual: 21462.08 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:298.92 GB) (Free:157.34 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:534.9 GB) (Free:330.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 83F5405D)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 258CB39A)
 
Partition: GPT.
 
==================== End of Addition.txt ============================



#5 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 08:55 AM

Hi there,

Download attached fixlist.txt file and save it to the Desktop.

Attached File  fixlist.txt   186bytes   7 downloads

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#6 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 October 2015 - 09:04 AM

Please find the fixlog below:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:08-10-2015
Ran by Pedro (2015-10-10 11:02:14) Run:1
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
hosts:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
C:\ProgramData\SetStretch.VBS
C:\Users\Todos os Usuários\SetStretch.VBS
end
*****************
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
C:\ProgramData\SetStretch.VBS => moved successfully
"C:\Users\Todos os Usuários\SetStretch.VBS" => File/Folder not found.
 
==== End of Fixlog 11:02:15 ====


#7 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 10:01 AM

Are you still seeing 3 web pages opening in IE?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#8 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 October 2015 - 10:04 AM

It's still opening http://esurf.biz/?ssid=1442523955&a=1005803



#9 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 10:25 AM

Only opens one?

Please run FRST again for review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#10 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 October 2015 - 10:31 AM

Yes, correct. I couldn't figure out how to post a print here.



#11 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 10:46 AM

Ok. Can you run FRST again then post the fresh log here for review?

Thanks.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#12 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 October 2015 - 10:49 AM

Sure!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-10-2015
Ran by Pedro (administrator) on PMSOUZA (10-10-2015 12:47:56)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 10 Home Single Language (X64) Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe866_old.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(http://www.lbtaskcontrol.com) C:\LBTaskControl\LBTaskControl.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Run: [Spotify Web Helper] => C:\Users\Pedro\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-10] (Spotify Ltd)
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Run: [GoogleChromeAutoLaunch_5B5BBE9ED55EE8341A285324EB610E46] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36592672 2015-08-20] (ooVoo LLC)
ShellExecuteHooks-x32:  - {E37CB5F0-51F5-4395-A808-5FA49E399008} -  No File [ ]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Pedro\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2015-09-20]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1                   thislineskipsanyemptylines
Tcpip\..\Interfaces\{3de8bf27-ad5d-4742-9514-e7e38c42028e}: [NameServer] 8.8.8.8,8.8.4.4
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} ->  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002 -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Toolbar: HKU\S-1-5-21-3361239562-2013860233-1157577440-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-28] (Microsoft Corporation)
Handler: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files\QlikView\QvProtocol\qvp.dll [2015-06-02] (QlikTech AB)
Handler-x32: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll [2015-06-02] (QlikTech AB)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\g5j8p0d0.default-1444179867592
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3361239562-2013860233-1157577440-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Pedro\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-3361239562-2013860233-1157577440-1002: gastecnologia.com.br/sf/cef -> C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3361239562-2013860233-1157577440-1002: gastecnologia.com.br/sf/cef64 -> C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-10-10]
FF HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-10-06]
FF HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\uni\xpi => not found
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Text Mode) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\adelhekhakakocomdfejiipdnaadiiib [2015-09-18]
CHR Extension: (Google Docs) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-18]
CHR Extension: (Google Drive) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-18]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-18]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2015-09-18]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-09-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-20]
CHR Extension: (Rating Program Extension) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\imbankdmoclhcdmdejkklikkpaidaeij [2015-09-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2015-09-18]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3361239562-2013860233-1157577440-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Pedro\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-29]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-08] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-10-09] (Enigma Software Group USA, LLC.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
S3 RpcLocator; %SystemRoot%\system32\locator.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20151005.001\BHDrvx64.sys [1650936 2015-09-04] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-19] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-09-19] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-10-09] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-10-09] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2015-10-10] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-08-12] (Sony Mobile Communications)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20151009.001\IDSvia64.sys [767216 2015-09-23] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20151009.016\ENG64.SYS [138488 2015-09-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20151009.016\EX64.SYS [2146040 2015-09-19] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-31] (Realtek                                            )
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605040.018\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [81408 2013-03-06] (MediaTek Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2015-10-10] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-10 12:47 - 2015-10-10 12:47 - 00000000 ____D C:\Users\Pedro\Desktop\FRST-OlderVersion
2015-10-10 11:58 - 2015-10-10 11:58 - 00000991 _____ C:\Users\Public\Desktop\SubiT.lnk
2015-10-10 11:58 - 2015-10-10 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubiT
2015-10-10 11:56 - 2015-10-10 11:57 - 12432223 _____ (SubiT ) C:\Users\Pedro\Downloads\subit-2.2.5-setup-release-win32.exe
2015-10-10 11:26 - 2015-10-10 11:41 - 00000000 ____D C:\Users\Pedro\Downloads\Mr. Robot S01 Season 1 Complete 720p HDTV x265 AAC E-Subs [GWC]
2015-10-10 10:03 - 2015-10-10 10:03 - 00016148 _____ C:\WINDOWS\system32\PMSOUZA_Pedro_HistoryPrediction.bin
2015-10-10 09:37 - 2015-10-10 09:37 - 00049060 _____ C:\Users\Pedro\Desktop\Addition.txt
2015-10-10 09:36 - 2015-10-10 12:47 - 00030575 _____ C:\Users\Pedro\Desktop\FRST.txt
2015-10-10 09:35 - 2015-10-10 12:47 - 00000000 ____D C:\FRST
2015-10-10 09:33 - 2015-10-10 12:47 - 02195456 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2015-10-10 09:27 - 2015-10-10 09:27 - 00000000 ____D C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP
2015-10-10 09:26 - 2015-10-10 09:26 - 00000000 ___HD C:\OneDriveTemp
2015-10-09 13:58 - 2015-10-09 13:58 - 00003410 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2015-10-09 13:58 - 2015-10-09 13:58 - 00001134 _____ C:\Users\Pedro\Desktop\SpyHunter.lnk
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Enigma Software Group
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\sh4ldr
2015-10-09 13:56 - 2015-10-09 15:57 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-10-09 13:56 - 2015-10-09 13:56 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-10-09 13:49 - 2015-10-09 13:49 - 00002725 _____ C:\Users\Pedro\Desktop\µTorrent.lnk
2015-10-09 13:49 - 2015-10-09 13:49 - 00002725 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-09 13:47 - 2015-10-10 11:55 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2015-10-09 13:38 - 2015-10-09 13:38 - 00016148 _____ C:\WINDOWS\system32\BUKOWSKI_Pedro_HistoryPrediction.bin
2015-10-09 11:57 - 2015-10-09 11:57 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-10-09 11:56 - 2015-10-09 13:47 - 00000000 ____D C:\WINDOWS\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-10-09 11:27 - 2015-10-09 11:27 - 00000078 _____ C:\Users\Pedro\Desktop\validação.txt
2015-10-09 10:21 - 2015-10-09 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-09 10:21 - 2015-10-09 10:21 - 00000000 ____D C:\Program Files\7-Zip
2015-10-09 08:54 - 2015-10-09 08:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2015-10-09 08:21 - 2015-10-09 08:21 - 00003632 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-10-09 07:33 - 2015-10-09 07:33 - 00065640 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-10-08 23:16 - 2015-10-08 23:16 - 00000174 _____ C:\Users\Pedro\Desktop\Bleeping Computer.url
2015-10-08 22:58 - 2015-10-06 15:46 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-10-08 22:58 - 2015-10-03 01:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-08 22:58 - 2015-10-03 01:58 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-08 17:28 - 2015-10-08 17:28 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-08 17:28 - 2015-10-08 17:28 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-08 17:28 - 2015-10-08 17:28 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-08 17:28 - 2015-10-08 17:28 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-08 17:28 - 2015-10-08 17:28 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-08 17:27 - 2015-10-08 17:28 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-08 17:27 - 2015-10-08 17:27 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-08 17:27 - 2015-10-08 17:27 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-08 17:27 - 2015-10-08 17:27 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-08 17:22 - 2015-10-08 17:22 - 00000000 ____D C:\SUPERDelete
2015-10-08 13:49 - 2015-10-08 13:49 - 00000000 ____D C:\Users\Pedro\Downloads\SmartGesture_Win7_64_VER213
2015-10-08 11:54 - 2015-10-10 09:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2015-10-07 15:24 - 2015-10-07 15:24 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2015-10-07 15:24 - 2015-10-07 15:24 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-10-07 15:22 - 2015-10-07 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-07 14:50 - 2015-10-07 14:50 - 00000000 ____D C:\Users\Todos os Usuários\VS
2015-10-07 14:50 - 2015-10-07 14:50 - 00000000 ____D C:\ProgramData\VS
2015-10-07 14:47 - 2015-10-07 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2016 CTP2.4
2015-10-07 14:47 - 2015-10-07 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-10-07 14:47 - 2015-10-07 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-10-07 14:24 - 2015-10-09 07:28 - 00000000 ____D C:\Users\Pedro\Desktop\QVW
2015-10-07 14:07 - 2015-10-07 14:14 - 55637744 _____ (Microsoft Corporation) C:\Users\Pedro\Downloads\SSMS-Web-Setup.exe
2015-10-07 07:19 - 2015-10-07 07:19 - 00000000 ____D C:\Users\Public\Foxit Software
2015-10-07 07:18 - 2015-10-07 07:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-10-07 07:18 - 2015-10-07 07:18 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-10-06 20:50 - 2015-10-07 09:58 - 00000000 ____D C:\Smart
2015-10-06 17:35 - 2015-10-08 23:01 - 00000000 ____D C:\WINDOWS\LastGood
2015-10-06 17:33 - 2015-10-08 18:32 - 00001123 _____ C:\WINDOWS\setupact.log
2015-10-06 17:33 - 2015-10-06 17:33 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-06 17:26 - 2015-10-09 08:21 - 00044776 _____ C:\WINDOWS\DPINST.LOG
2015-10-06 17:18 - 2015-10-09 07:01 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-06 17:17 - 2015-10-10 09:21 - 00016616 _____ C:\WINDOWS\PFRO.log
2015-10-06 17:16 - 2015-10-06 17:16 - 00003328 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3361239562-2013860233-1157577440-1002
2015-10-06 17:16 - 2015-10-06 17:16 - 00003232 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3361239562-2013860233-1157577440-1002
2015-10-06 17:16 - 2015-10-06 17:16 - 00002352 _____ C:\WINDOWS\System32\Tasks\{398F0DB8-F92B-4269-ABA7-3C666FDFBC9C}
2015-10-06 17:11 - 2015-10-06 17:11 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-10-06 17:11 - 2015-10-06 17:11 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-06 17:11 - 2015-10-06 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-10-06 17:11 - 2015-10-06 17:11 - 00000000 ____D C:\Program Files\CCleaner
2015-10-06 17:03 - 2015-10-06 17:03 - 00000000 ____D C:\Users\Pedro\AppData\Local\Windows Live
2015-10-06 17:01 - 2015-10-06 17:01 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-06 16:23 - 2015-10-06 16:23 - 00034104 _____ (Basil) C:\WINDOWS\system32\WinDivert.dll
2015-10-06 16:20 - 2015-10-10 09:21 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2015-10-06 16:20 - 2015-10-06 16:20 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2015-10-06 16:20 - 2015-10-06 16:20 - 00000000 ___HD C:\Program Files (x86)\Diebold
2015-10-06 16:20 - 2015-10-06 16:20 - 00000000 ____D C:\Program Files\Diebold
2015-10-06 16:20 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddpp.sys
2015-10-06 16:19 - 2015-10-06 16:19 - 00730322 _____ C:\Users\Pedro\AppData\Roaming\unins000.exe
2015-10-06 16:19 - 2015-10-06 16:19 - 00017889 _____ C:\Users\Pedro\AppData\Roaming\unins000.dat
2015-10-06 16:19 - 2015-10-06 16:19 - 00000000 ____D C:\Users\Pedro\AppData\Local\GAS Tecnologia
2015-10-06 15:11 - 2015-10-06 15:11 - 01801288 _____ (Malwarebytes) C:\Users\Pedro\Documents\JRT.exe
2015-10-06 09:48 - 2015-10-06 09:48 - 00001928 _____ C:\Users\Public\Desktop\ooVoo.lnk
2015-10-06 09:48 - 2015-10-06 09:48 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\ooVoo Details
2015-10-06 09:48 - 2015-10-06 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2015-10-06 09:48 - 2015-10-06 09:48 - 00000000 ____D C:\Program Files (x86)\ooVoo
2015-10-05 17:34 - 2015-10-05 17:34 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-05 17:34 - 2015-10-05 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-05 17:34 - 2015-10-05 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-05 16:15 - 2015-10-07 07:19 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Foxit Software
2015-10-05 16:12 - 2015-10-05 16:12 - 00000000 ____D C:\Users\Pedro\AppData\Local\Foxit Advanced PDF Editor
2015-10-05 16:12 - 2015-10-05 16:12 - 00000000 ____D C:\Users\Pedro\AppData\Local\Aspell
2015-10-05 16:03 - 2015-10-05 16:05 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\PrimoPDF
2015-10-05 16:02 - 2015-10-06 14:37 - 00000000 ____D C:\Program Files (x86)\Nitro PDF
2015-10-05 16:02 - 2015-09-01 10:41 - 00095008 _____ C:\WINDOWS\system32\Primomonnt.dll
2015-10-04 10:07 - 2015-10-04 10:07 - 00016148 _____ C:\WINDOWS\system32\PEDRO_Pedro_HistoryPrediction.bin
2015-10-03 13:14 - 2015-10-04 10:06 - 00000000 ___RD C:\Users\Pedro\Dropbox
2015-10-03 13:13 - 2015-10-03 13:13 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Dropbox
2015-10-03 13:12 - 2015-10-04 10:17 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-03 13:11 - 2015-10-04 10:06 - 00000000 ____D C:\Users\Pedro\AppData\Local\Dropbox
2015-10-03 13:11 - 2015-10-03 13:11 - 00000000 ____D C:\Users\Todos os Usuários\Dropbox
2015-10-03 13:11 - 2015-10-03 13:11 - 00000000 ____D C:\ProgramData\Dropbox
2015-09-30 19:14 - 2015-09-24 21:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 19:14 - 2015-09-24 20:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 19:14 - 2015-09-24 20:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 19:14 - 2015-09-24 20:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 19:14 - 2015-09-24 20:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 19:14 - 2015-09-24 20:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 19:14 - 2015-09-24 20:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 19:14 - 2015-09-24 20:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 19:14 - 2015-09-24 20:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 19:14 - 2015-09-24 20:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 19:14 - 2015-09-24 20:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 19:14 - 2015-09-24 20:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 19:14 - 2015-09-24 19:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 19:14 - 2015-09-24 19:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 19:14 - 2015-09-24 19:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 19:14 - 2015-09-24 19:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 19:14 - 2015-09-24 19:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 19:14 - 2015-09-19 02:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 19:14 - 2015-09-17 03:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 19:14 - 2015-09-17 03:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 19:14 - 2015-09-17 03:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 19:14 - 2015-09-17 03:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 19:14 - 2015-09-17 03:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 19:14 - 2015-09-17 03:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 19:14 - 2015-09-17 03:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 19:14 - 2015-09-17 03:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 19:14 - 2015-09-17 03:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 19:14 - 2015-09-17 03:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 19:14 - 2015-09-17 03:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 19:14 - 2015-09-17 03:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 19:14 - 2015-09-17 03:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 19:14 - 2015-09-17 03:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 19:14 - 2015-09-17 03:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 19:14 - 2015-09-17 03:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 19:14 - 2015-09-17 03:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 19:14 - 2015-09-17 03:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 19:14 - 2015-09-17 03:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 19:14 - 2015-09-17 03:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 19:14 - 2015-09-17 03:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 19:14 - 2015-09-17 03:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 19:14 - 2015-09-17 03:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 19:14 - 2015-09-17 03:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 19:14 - 2015-09-17 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 19:14 - 2015-09-17 03:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 19:14 - 2015-09-17 03:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 19:14 - 2015-09-17 03:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 19:14 - 2015-09-17 03:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 19:14 - 2015-09-17 03:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 19:14 - 2015-09-17 03:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 19:14 - 2015-09-17 03:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 19:14 - 2015-09-17 03:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 19:14 - 2015-09-17 03:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 19:14 - 2015-09-17 03:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 19:14 - 2015-09-17 03:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 19:14 - 2015-09-17 03:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 19:14 - 2015-09-17 03:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 19:14 - 2015-09-17 03:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 19:14 - 2015-09-17 03:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 19:14 - 2015-09-17 03:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 19:14 - 2015-09-17 03:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 19:14 - 2015-09-17 02:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 19:14 - 2015-09-17 02:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 19:14 - 2015-09-17 02:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 19:14 - 2015-09-17 02:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 19:14 - 2015-09-17 02:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 19:14 - 2015-09-17 02:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 19:14 - 2015-09-17 02:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 19:14 - 2015-09-17 02:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 19:14 - 2015-09-17 02:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 19:14 - 2015-09-17 02:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 19:14 - 2015-09-17 02:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-30 19:14 - 2015-09-17 02:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 19:14 - 2015-09-17 02:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 19:14 - 2015-09-17 02:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 19:14 - 2015-09-17 02:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 19:14 - 2015-09-17 02:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 19:14 - 2015-09-17 02:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 19:14 - 2015-09-17 02:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 19:14 - 2015-09-17 02:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 19:14 - 2015-09-17 02:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 19:14 - 2015-09-17 02:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 19:14 - 2015-09-17 02:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 19:14 - 2015-09-17 02:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 19:14 - 2015-09-17 02:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 19:14 - 2015-09-17 02:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 19:14 - 2015-09-17 02:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 19:14 - 2015-09-17 02:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 19:14 - 2015-09-17 02:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 19:14 - 2015-09-17 02:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 19:14 - 2015-09-17 02:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 19:14 - 2015-09-17 02:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 19:14 - 2015-09-17 02:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 19:14 - 2015-09-17 02:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 19:14 - 2015-09-17 02:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 19:14 - 2015-09-17 02:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 19:14 - 2015-09-17 02:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 19:14 - 2015-09-17 02:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 19:14 - 2015-09-17 02:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 19:14 - 2015-09-17 02:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 19:14 - 2015-09-17 02:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 19:14 - 2015-09-17 02:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 19:14 - 2015-09-17 02:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 19:14 - 2015-09-17 02:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 19:14 - 2015-09-17 02:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 19:14 - 2015-09-12 23:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 19:14 - 2015-09-12 22:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 19:13 - 2015-09-24 21:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 19:13 - 2015-09-24 21:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 19:13 - 2015-09-24 20:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 19:13 - 2015-09-24 20:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 19:13 - 2015-09-24 20:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 19:13 - 2015-09-24 20:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 19:13 - 2015-09-24 20:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 19:13 - 2015-09-24 19:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 19:13 - 2015-09-24 19:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 19:13 - 2015-09-17 03:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 19:13 - 2015-09-17 03:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 19:13 - 2015-09-17 03:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 19:13 - 2015-09-17 03:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 19:13 - 2015-09-17 03:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 19:13 - 2015-09-17 03:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 19:13 - 2015-09-17 03:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 19:13 - 2015-09-17 03:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 19:13 - 2015-09-17 03:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 19:13 - 2015-09-17 03:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 19:13 - 2015-09-17 03:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 19:13 - 2015-09-17 03:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 19:13 - 2015-09-17 03:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 19:13 - 2015-09-17 03:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 19:13 - 2015-09-17 03:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 19:13 - 2015-09-17 02:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 19:13 - 2015-09-17 02:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 19:13 - 2015-09-17 02:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 19:13 - 2015-09-17 02:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 19:13 - 2015-09-17 02:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 19:13 - 2015-09-17 02:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 19:13 - 2015-09-17 02:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 19:13 - 2015-09-17 02:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 19:13 - 2015-09-17 02:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 19:13 - 2015-09-17 02:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 19:13 - 2015-09-17 02:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 19:13 - 2015-09-17 02:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 19:13 - 2015-09-17 02:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 19:13 - 2015-09-17 02:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 19:13 - 2015-09-17 02:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 19:13 - 2015-09-17 02:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 19:13 - 2015-09-17 02:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 19:13 - 2015-09-17 02:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 19:13 - 2015-09-17 02:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 19:13 - 2015-09-17 02:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 19:13 - 2015-09-17 02:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 19:13 - 2015-09-17 02:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 19:13 - 2015-09-17 02:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-28 18:14 - 2015-09-28 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-28 18:11 - 2015-09-28 18:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-28 05:54 - 2015-09-28 05:54 - 00003646 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2015-09-28 05:54 - 2015-09-28 05:54 - 00002874 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2015-09-28 05:41 - 2015-09-28 05:41 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Sun
2015-09-28 05:41 - 2015-09-28 05:41 - 00000000 ____D C:\Users\Pedro\.oracle_jre_usage
2015-09-26 13:13 - 2015-09-13 21:24 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll
2015-09-26 13:13 - 2015-09-13 21:24 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll
2015-09-24 16:07 - 2015-10-08 23:02 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2015-09-24 16:07 - 2015-10-08 23:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-24 16:07 - 2015-10-02 23:38 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-24 16:07 - 2015-10-02 23:38 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-24 16:07 - 2015-10-02 23:38 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-24 16:07 - 2015-10-01 06:30 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-24 12:15 - 2015-09-24 12:15 - 00002248 _____ C:\Users\Pedro\Desktop\GSH Externo.rdp
2015-09-24 10:14 - 2015-09-24 10:14 - 00002276 _____ C:\Users\Pedro\Desktop\GSH Interno.rdp
2015-09-24 09:03 - 2015-09-24 09:03 - 00001128 _____ C:\Users\Pedro\Desktop\Notepad++.lnk
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Notepad++
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-24 09:03 - 2015-09-24 09:03 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-09-24 07:42 - 2015-09-24 07:42 - 00000038 _____ C:\Users\Pedro\Documents\IBAN.txt
2015-09-23 20:56 - 2015-10-07 09:32 - 00000000 ____D C:\Users\Pedro\Desktop\PBLs
2015-09-23 11:33 - 2015-10-09 14:32 - 00000000 ____D C:\Users\Pedro\Desktop\SH
2015-09-23 08:26 - 2015-09-23 08:26 - 00000000 ____D C:\Users\Pedro\Desktop\Anotações
2015-09-23 08:20 - 2015-09-23 08:25 - 00000000 ____D C:\Users\Pedro\Desktop\Concursos - Diversos
2015-09-22 16:21 - 2015-09-22 16:21 - 00003324 _____ C:\WINDOWS\System32\Tasks\{97892F7D-3FEB-400E-8DA4-15D348503BCC}
2015-09-22 15:38 - 2015-09-24 06:16 - 00000051 _____ C:\AUTOEXEC.BAT
2015-09-22 15:38 - 2015-09-22 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfoMaker 6.5
2015-09-22 15:38 - 1997-07-03 12:23 - 00124416 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbtxt12.dll
2015-09-22 15:38 - 1997-07-03 12:17 - 00284672 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbdbf12.dll
2015-09-22 15:38 - 1997-06-30 20:05 - 00034900 _____ C:\WINDOWS\SysWOW64\pbdbf12.hlp
2015-09-22 15:38 - 1997-06-30 19:28 - 00021792 _____ C:\WINDOWS\SysWOW64\pbdb212.hlp
2015-09-22 15:38 - 1997-06-30 17:59 - 00034998 _____ C:\WINDOWS\SysWOW64\pbidp12.hlp
2015-09-22 15:38 - 1997-06-30 15:03 - 00030140 _____ C:\WINDOWS\SysWOW64\pbbtr12.hlp
2015-09-22 15:38 - 1997-06-27 10:28 - 00128000 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbbtr12.dll
2015-09-22 15:38 - 1997-06-25 16:04 - 00106496 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbidp12.dll
2015-09-22 15:38 - 1997-06-19 16:58 - 00028909 _____ C:\WINDOWS\SysWOW64\pbtxt12.hlp
2015-09-22 15:38 - 1997-06-18 23:56 - 00098304 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\pbdb212.dll
2015-09-22 15:33 - 2015-09-22 15:38 - 00000288 _____ C:\WINDOWS\winhelp.ini
2015-09-22 15:33 - 2015-09-22 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerBuilder 6.5
2015-09-22 15:32 - 1998-05-07 14:44 - 00000896 _____ C:\WINDOWS\SysWOW64\IVPB.LIC
2015-09-22 15:32 - 1997-10-09 15:29 - 00120320 _____ (Sybase Inc.) C:\WINDOWS\SysWOW64\occ020.dll
2015-09-22 15:32 - 1997-09-17 16:32 - 00024576 _____ (Sybase Inc.) C:\WINDOWS\SysWOW64\mside020.dll
2015-09-22 15:32 - 1997-09-16 15:25 - 00061952 _____ (Sybase Inc.) C:\WINDOWS\SysWOW64\sync.ocx
2015-09-22 15:32 - 1997-09-16 10:26 - 00068608 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBXLWB12.DLL
2015-09-22 15:32 - 1997-09-03 10:56 - 00004656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS16GT.DLL
2015-09-22 15:32 - 1997-07-01 10:53 - 00047715 _____ C:\WINDOWS\SysWOW64\PBDRV12.HLP
2015-09-22 15:32 - 1997-06-23 17:38 - 00288256 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBBAS12.DLL
2015-09-22 15:32 - 1997-06-20 13:53 - 00320512 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBFLT12.DLL
2015-09-22 15:32 - 1997-06-19 17:00 - 00020085 _____ C:\WINDOWS\SysWOW64\PBXLWB12.HLP
2015-09-22 15:32 - 1997-06-19 16:00 - 00010871 _____ C:\WINDOWS\SysWOW64\PBDRV12.CNT
2015-09-22 15:32 - 1997-06-18 23:33 - 00271360 _____ (INTERSOLV, Inc.) C:\WINDOWS\SysWOW64\PBUTL12.DLL
2015-09-22 15:32 - 1997-06-11 10:55 - 00047104 _____ C:\WINDOWS\SysWOW64\PBTRN12.DLL
2015-09-22 15:32 - 1997-05-01 00:00 - 00026224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC16GT.DLL
2015-09-22 15:32 - 1997-05-01 00:00 - 00011536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCCP32.CPL
2015-09-22 15:32 - 1997-05-01 00:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC32GT.DLL
2015-09-22 15:32 - 1997-05-01 00:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS32GT.DLL
2015-09-22 15:32 - 1996-10-29 00:00 - 00026340 _____ C:\WINDOWS\SysWOW64\ODBCINST.HLP
2015-09-22 15:32 - 1996-08-23 00:00 - 00000244 _____ C:\WINDOWS\SysWOW64\ODBCINST.CNT
2015-09-22 15:31 - 2015-09-24 06:16 - 00000000 ____D C:\Sybase
2015-09-22 15:31 - 1997-12-17 18:33 - 00304128 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2015-09-22 14:12 - 2015-09-22 14:12 - 00000000 ____D C:\Users\Usuário Padrão\Documents\Visual Studio 2005
2015-09-22 14:12 - 2015-09-22 14:12 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2005
2015-09-22 14:12 - 2015-09-22 14:12 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2005
2015-09-22 14:12 - 2015-03-30 00:43 - 00115888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SQSRVRES.DLL
2015-09-22 13:55 - 2015-09-22 13:55 - 00000000 ____D C:\Users\Usuário Padrão\Documents\Visual Studio 2008
2015-09-22 13:55 - 2015-09-22 13:55 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2015-09-22 13:55 - 2015-09-22 13:55 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2015-09-22 13:18 - 2015-09-22 13:18 - 00000000 ____D C:\Users\Pedro\Documents\Visual Studio 2005
2015-09-22 11:30 - 2015-09-22 11:30 - 00000000 ____D C:\Users\Pedro\Documents\Integration Services Script Task
2015-09-22 11:30 - 2015-09-22 11:30 - 00000000 ____D C:\Users\Pedro\Documents\Integration Services Script Component
2015-09-22 11:22 - 2015-09-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
2015-09-22 11:21 - 2015-09-22 11:21 - 00000000 ____D C:\Users\Pedro\Documents\Visual Studio 2008
2015-09-22 11:20 - 2015-10-06 17:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-09-22 11:20 - 2015-09-22 11:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-09-22 11:05 - 2015-10-03 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2015-09-22 02:42 - 2015-10-10 09:27 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2015-09-22 02:42 - 2015-10-10 09:27 - 00000000 ____D C:\ProgramData\GbPlugin
2015-09-22 02:42 - 2015-10-10 09:21 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-09-21 19:03 - 2015-10-01 09:34 - 00000000 ____D C:\Users\Pedro\Desktop\MEI
2015-09-20 09:01 - 2015-09-20 09:01 - 00733280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SqlServerSpatial130.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 01652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msodbcsql11.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00696928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adalsql.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00584880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SqlServerSpatial130.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00095936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msodbcdiag11.dll
2015-09-20 09:00 - 2015-09-20 09:00 - 00043616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DTSPipelinePerf130.dll
2015-09-20 08:59 - 2015-09-20 08:59 - 02016448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msodbcsql11.dll
2015-09-20 08:59 - 2015-09-20 08:59 - 00876224 _____ (Microsoft Corporation) C:\WINDOWS\system32\adalsql.dll
2015-09-20 08:59 - 2015-09-20 08:59 - 00101056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msodbcdiag11.dll
2015-09-20 07:59 - 2015-10-08 11:53 - 00003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-09-20 07:59 - 2015-09-20 08:05 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-09-20 07:59 - 2015-09-20 08:05 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-09-20 07:59 - 2015-09-20 07:59 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-09-20 07:58 - 2015-10-08 11:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-09-20 07:58 - 2015-10-08 11:53 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2015-09-20 07:58 - 2015-09-20 07:58 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-09-20 01:25 - 2015-09-20 01:25 - 00026289 _____ C:\WINDOWS\SysWOW64\SQLServerManager13.msc
2015-09-18 19:56 - 2015-09-18 19:56 - 00000000 ____D C:\Users\Pedro\AppData\Local\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Users\Todos os Usuários\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\ProgramData\QlikTech
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QlikView
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Program Files\QlikView
2015-09-18 19:38 - 2015-09-18 19:38 - 00000000 ____D C:\Program Files (x86)\QlikView
2015-09-18 19:36 - 2015-09-18 19:36 - 00003302 _____ C:\WINDOWS\System32\Tasks\{FA32B660-41FA-43E6-80BE-A638EBD79522}
2015-09-18 19:35 - 2015-09-18 19:35 - 00000000 ____D C:\Users\Pedro\AppData\Local\QlikTech Installations
2015-09-18 16:03 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Usuário Padrão\Documents\Visual Studio 2010
2015-09-18 16:03 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2015-09-18 16:03 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2015-09-18 14:51 - 2015-10-10 09:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-09-18 14:51 - 2015-10-09 13:53 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes Anti-Exploit
2015-09-18 14:51 - 2015-10-09 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-18 14:09 - 2015-09-18 14:47 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes' Anti-Malware (portable)
2015-09-18 14:09 - 2015-09-18 14:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-18 09:15 - 2015-09-18 09:15 - 00000000 ____D C:\Users\Pedro\AppData\Local\Microsoft_Corporation
2015-09-18 09:14 - 2015-10-08 09:54 - 00000000 ____D C:\Users\Pedro\Documents\SQL Server Management Studio
2015-09-18 09:09 - 2014-02-21 05:27 - 00172224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hadrres.dll
2015-09-18 09:09 - 2014-02-21 05:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fssres.dll
2015-09-18 09:03 - 2015-10-07 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2015-09-18 09:03 - 2015-10-07 14:47 - 00000000 ____D C:\WINDOWS\system32\1033
2015-09-18 09:02 - 2015-09-18 09:02 - 00000000 ____D C:\Users\Pedro\Documents\Visual Studio 2010
2015-09-18 09:01 - 2015-10-07 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\1046
2015-09-18 09:00 - 2015-10-07 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-09-18 09:00 - 2015-10-07 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-18 08:59 - 2015-09-18 08:59 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2015-09-18 08:59 - 2015-09-18 08:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-09-18 08:47 - 2015-10-04 10:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-09-18 05:38 - 2015-09-18 05:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-18 05:35 - 2015-10-10 12:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-18 05:35 - 2015-10-10 09:26 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-18 05:35 - 2015-09-18 05:35 - 00004136 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 05:35 - 2015-09-18 05:35 - 00003904 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-18 05:18 - 2015-10-06 21:26 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2015-09-18 05:00 - 2015-09-18 05:18 - 00000000 ____D C:\Users\Todos os Usuários\HitmanPro
2015-09-18 05:00 - 2015-09-18 05:18 - 00000000 ____D C:\ProgramData\HitmanPro
2015-09-18 04:53 - 2015-09-18 04:53 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2015-09-18 04:53 - 2015-09-18 04:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-16 06:41 - 2015-09-16 06:41 - 00000000 ___RD C:\Users\Pedro\3D Objects
2015-09-15 16:58 - 2015-09-18 04:29 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Acrylic Wi-Fi Professional
2015-09-15 16:58 - 2015-09-18 04:29 - 00000000 ____D C:\Program Files\Acrylic Wi-Fi Professional
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-10 12:48 - 2015-08-31 12:33 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2015-10-10 12:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-10 11:58 - 2014-09-12 11:07 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\SubiT
2015-10-10 09:30 - 2015-07-31 00:18 - 02063708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 09:30 - 2015-07-10 13:55 - 00875902 _____ C:\WINDOWS\system32\prfh0416.dat
2015-10-10 09:30 - 2015-07-10 13:55 - 00192000 _____ C:\WINDOWS\system32\prfc0416.dat
2015-10-10 09:29 - 2015-08-10 14:28 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DF92342-D98F-4310-B406-B944D2ECB3C7}
2015-10-10 09:26 - 2014-07-18 09:06 - 00000000 ____D C:\Users\Pedro\OneDrive
2015-10-10 09:21 - 2015-07-10 09:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-10 02:10 - 2015-07-10 06:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-10-10 02:10 - 2014-10-21 22:05 - 00000000 ____D C:\Users\Pedro\AppData\Local\Spotify
2015-10-10 02:09 - 2014-10-21 22:03 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Spotify
2015-10-10 01:34 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-10 01:17 - 2014-12-09 10:33 - 00053760 _____ C:\Users\Pedro\Desktop\Fluxo de Caixa 2015.xlsx
2015-10-10 00:04 - 2015-03-30 22:26 - 00000000 ____D C:\LBTaskControl
2015-10-09 21:50 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-09 11:10 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-09 09:34 - 2015-07-30 23:55 - 00000000 ____D C:\Users\Pedro
2015-10-09 08:20 - 2013-04-25 19:40 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-10-09 07:13 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-08 17:47 - 2015-07-31 06:58 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-08 17:28 - 2015-07-31 06:52 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-08 17:28 - 2015-07-31 06:52 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-08 17:28 - 2015-07-31 06:52 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-08 17:28 - 2015-07-31 06:52 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-08 17:28 - 2014-07-18 08:41 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-08 17:28 - 2014-07-18 08:41 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-08 17:27 - 2015-08-10 19:14 - 00000000 ____D C:\Users\Todos os Usuários\ASUS Smart Gesture
2015-10-08 17:27 - 2015-08-10 19:14 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-10-08 17:27 - 2015-07-31 06:52 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-08 17:27 - 2015-07-31 06:52 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-08 17:22 - 2014-11-08 15:21 - 00000000 ____D C:\Program Files (x86)\PDFlite
2015-10-08 14:29 - 2013-04-25 19:44 - 00000000 ____D C:\Program Files (x86)\WildGames
2015-10-08 11:14 - 2014-09-25 07:01 - 00000000 ____D C:\Users\Pedro\AppData\Local\CrashDumps
2015-10-08 08:56 - 2015-07-31 06:51 - 00000000 ____D C:\Users\Todos os Usuários\SetupTPDriver
2015-10-08 08:56 - 2015-07-31 06:51 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-10-07 15:21 - 2013-04-25 19:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-07 14:47 - 2014-08-18 13:03 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2015-10-07 14:47 - 2014-08-18 13:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-07 09:31 - 2014-12-08 14:43 - 00000119 _____ C:\WINDOWS\ODBC.INI
2015-10-06 22:55 - 2014-07-18 19:07 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\vlc
2015-10-06 17:18 - 2015-07-10 09:20 - 00396352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-06 17:18 - 2015-05-30 20:43 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3361239562-2013860233-1157577440-1002.job
2015-10-06 17:18 - 2014-08-14 14:06 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3361239562-2013860233-1157577440-1002.job
2015-10-06 17:14 - 2014-07-18 10:14 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-06 17:08 - 2014-08-14 14:06 - 00000000 ____D C:\Users\Pedro\AppData\Local\Citrix
2015-10-06 17:07 - 2015-07-11 14:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-06 17:03 - 2014-09-19 17:12 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-10-06 17:03 - 2014-09-19 17:12 - 00000000 ____D C:\ProgramData\Skype
2015-10-06 17:03 - 2014-09-14 20:18 - 00000000 ____D C:\Program Files\WinRAR
2015-10-06 17:02 - 2015-07-10 08:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-06 17:02 - 2013-04-25 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-06 17:01 - 2015-02-20 14:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-06 17:00 - 2015-04-23 13:01 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2015-10-06 17:00 - 2015-04-23 13:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-06 16:53 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Web
2015-10-06 16:21 - 2014-11-20 19:29 - 00001024 _____ C:\.rnd
2015-10-06 16:21 - 2014-09-13 10:17 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2015-10-06 16:21 - 2014-09-13 10:17 - 00000000 ____D C:\ProgramData\Temp
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2015-10-06 16:21 - 2014-07-21 11:35 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-06 16:14 - 2015-07-10 07:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-06 16:08 - 2014-10-09 19:46 - 00000000 ____D C:\Users\Pedro\AppData\Local\NPE
2015-10-06 16:05 - 2014-12-18 11:06 - 00000000 ____D C:\NPE
2015-10-06 15:45 - 2015-08-14 09:29 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-06 09:45 - 2014-09-19 17:13 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Skype
2015-10-05 16:11 - 2014-07-17 22:42 - 00000000 ____D C:\Users\Pedro\AppData\Local\Packages
2015-10-04 05:23 - 2015-08-12 11:06 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 05:23 - 2015-08-12 11:06 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 05:22 - 2015-08-12 11:06 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-03 14:08 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-03 13:21 - 2015-01-09 20:32 - 02460576 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-03 13:21 - 2014-07-18 09:09 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-03 01:58 - 2015-08-14 09:29 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 01:58 - 2015-08-14 09:29 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-30 19:26 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-09-30 11:30 - 2014-07-18 09:09 - 00000000 ____D C:\Users\Pedro\AppData\Local\Google
2015-09-28 05:54 - 2015-04-25 18:23 - 00000000 ____D C:\Users\Todos os Usuários\ASUS
2015-09-28 05:54 - 2015-04-25 18:23 - 00000000 ____D C:\ProgramData\ASUS
2015-09-28 05:54 - 2013-04-25 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-09-28 05:42 - 2014-07-25 10:50 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2015-09-28 05:42 - 2014-07-25 10:50 - 00000000 ____D C:\ProgramData\Oracle
2015-09-24 16:07 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-24 16:07 - 2014-01-24 08:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-24 16:06 - 2014-01-24 08:10 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2015-09-24 16:06 - 2014-01-24 08:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-24 16:05 - 2014-01-24 08:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-24 15:59 - 2014-01-24 08:16 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-09-24 12:15 - 2014-09-08 15:53 - 00002248 ____H C:\Users\Pedro\Documents\Default.rdp
2015-09-23 08:19 - 2015-04-23 12:29 - 00000000 ____D C:\Program Files\Rockstar Games
2015-09-23 08:19 - 2014-09-13 11:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-09-22 13:40 - 2014-07-18 10:22 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-22 13:18 - 2014-10-10 10:17 - 00000000 ____D C:\Users\Pedro\AppData\Local\Microsoft Help
2015-09-21 22:18 - 2015-01-14 15:01 - 00000000 ____D C:\Users\Pedro\.VirtualBox
2015-09-20 10:20 - 2014-01-24 08:02 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-09-20 09:57 - 2015-01-14 15:02 - 00000000 ____D C:\Users\Pedro\VirtualBox VMs
2015-09-20 09:38 - 2015-07-10 08:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-20 08:16 - 2015-08-09 22:34 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-09-20 07:58 - 2014-09-17 16:50 - 00000000 ____D C:\Users\Todos os Usuários\Norton
2015-09-20 07:58 - 2014-09-17 16:50 - 00000000 ____D C:\ProgramData\Norton
2015-09-20 07:55 - 2015-08-09 22:34 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Panda Security
2015-09-20 07:55 - 2015-08-09 22:09 - 00000000 ____D C:\Users\Todos os Usuários\Panda Security
2015-09-20 07:55 - 2015-08-09 22:09 - 00000000 ____D C:\ProgramData\Panda Security
2015-09-20 07:37 - 2015-07-10 08:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-18 16:07 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-18 15:51 - 2015-08-09 22:35 - 00000000 ____D C:\Users\Todos os Usuários\panda_url_filtering
2015-09-18 15:51 - 2015-08-09 22:35 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-09-18 13:59 - 2015-07-29 17:35 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\LG Electronics
2015-09-18 13:59 - 2015-07-29 17:31 - 00000000 ____D C:\Users\Pedro\AppData\Local\LG Electronics
2015-09-18 04:28 - 2014-11-03 15:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\TeamViewer
2015-09-18 04:25 - 2015-08-01 19:05 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-18 04:25 - 2015-07-30 23:43 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-18 04:18 - 2015-09-05 06:32 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-09-15 13:12 - 2015-07-10 08:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 13:12 - 2015-07-10 08:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-15 11:08 - 2015-07-31 06:10 - 00002383 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-11 13:21 - 2014-10-15 13:30 - 00000000 ____D C:\Users\Pedro\Documents\Recebimentos Lionbridge
 
==================== Files in the root of some directories =======
 
2015-10-06 16:19 - 2015-10-06 16:19 - 0017889 _____ () C:\Users\Pedro\AppData\Roaming\unins000.dat
2015-10-06 16:19 - 2015-10-06 16:19 - 0730322 _____ () C:\Users\Pedro\AppData\Roaming\unins000.exe
2015-04-13 21:31 - 2015-04-13 21:31 - 0000000 ___SH () C:\Users\Pedro\AppData\Local\LumaEmu
2015-03-04 12:15 - 2015-03-05 20:48 - 0007601 _____ () C:\Users\Pedro\AppData\Local\Resmon.ResmonCfg
2015-07-30 23:49 - 2015-07-30 23:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-25 19:39 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-25 19:39 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-07-19 09:13 - 2014-07-19 09:15 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-07-19 09:12 - 2014-07-19 09:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Some files in TEMP:
====================
C:\Users\Pedro\AppData\Local\Temp\RHSetup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD. 
 
 
LastRegBack: 2015-10-01 09:00
 
==================== End of FRST.txt ============================


#13 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 11:00 AM

Open Internet Explorer > Click the Gear icon > Select Internet Options > Go to Advanced tab > Under Reset Internet Explorer Settings press Reset

Tell me if that has gotten rid of esurf hijacker.


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#14 pedromsouza

pedromsouza
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 10 October 2015 - 01:04 PM

It didn't work. I have tried that before, but gave it another shot. After restarting windows, it's still there. I'm intrigued with the word "ssid" in the url. Is it possible it's something wrong my modem or wi-fi router?

 

esurfbiz.jpg



#15 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:50 PM

Posted 10 October 2015 - 09:50 PM

Possibly.
 
Please run this batch file and then proceed to reset your wifi router.

I need you to make a batch file.

Open a new Notepad session
  • Click the Start button, click Run
  • In the run box type notepad
  • Click OK
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
@Echo on
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
In the notepad

Click File, Save as..., and set the Save in to your Desktop
In the filename box, type (including quotation marks) as the filename: "flush.bat"
Click Save


You should now have a file on your desktop with an icon like this post-78707-1263753228.jpg

Double click on flush.bat & allow it to run. A small black screen may briefly flash on and off, that normal. Reboot once done.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users