1. #1

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Unhappy My PC was infected by malwares and after many attempts I think it still infected

    Hi,

    These are my logs:

    Farbar:
    Addition.txt--> Addition.txt
    FRST.txt--> FRST.txt

    Security Check:
    checkup.txt--> checkup.txt

    Please help me, I already use a lot of programs to desinfect my pc including the anti-virus, but my PC still infected.

    Thank's.


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Hi, xistose.

    Please copy/paste logs rather than attaching them. Thank you.

    Please do the following:


    1. Right click on the Start button
    2. Click on Command prompt
    3. Inside the Command Prompt windows copy and paste the following command
      licensingdiag.exe -report "%userprofile%\Desktop\report.txt" -log "%userprofile%\Desktop\repfiles.cab"
    4. Once finished please go to your desktop -> You will see two files report.txt and repfiles.cab
    5. Please open up report.txt and copy/paste the contents in your next reply


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  3. #3

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Addition.txt:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
    Ran by Vinícius (2015-07-31 10:15:08)
    Running from C:\Users\Vinícius\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrador (S-1-5-21-3203197593-2648915773-4125324600-500 - Administrator - Disabled)
    Convidado (S-1-5-21-3203197593-2648915773-4125324600-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3203197593-2648915773-4125324600-1006 - Limited - Enabled)
    Vinícius (S-1-5-21-3203197593-2648915773-4125324600-1002 - Administrator - Enabled) => C:\Users\Vinícius

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivírus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    %SQL_PRODUCT_SHORT_NAME% Data Tools - BI for Visual Studio 2013 (x32 Version: 12.0.2430.0 - Microsoft Corporation) Hidden
    %SQL_PRODUCT_SHORT_NAME% SSIS 64Bit For SSDTBI (Version: 12.0.2430.0 - Microsoft Corporation) Hidden
    µTorrent (HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.12) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
    Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
    Android Studio (HKLM-x32\...\Android Studio) (Version: 1.0 - Google Inc.)
    Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
    Application Insights Tools for Visual Studio Express 2013 for Web (x32 Version: 2.4 - Microsoft Corporation) Hidden
    Arquivos de Suporte à Instalação do Microsoft SQL Server 2008 (HKLM\...\{97795787-51D2-44BC-A41A-A4AC7D1D9C31}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Arquivos de Suporte à Instalação do Microsoft SQL Server 2008 (HKLM-x32\...\{3896BA74-3B13-4C53-AEFF-723693FA0F43}) (Version: 10.3.5500.0 - Microsoft Corporation)
    Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
    Astah Professional 7_0_0 (HKLM\...\astah* professional_is1) (Version: - Change Vision, Inc.)
    ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
    ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
    ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
    ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
    Atheros Outlook Addin 2010 (HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
    Atualizações da NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    Azure Resource Manager Tools (VS 2013) - v1.1 (x32 Version: 1.1.0.0 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.6.30508.1601 - Microsoft Corporation) Hidden
    AzureTools.Notifications.VwdExpress (x32 Version: 2.6.30508.1601 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
    Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.21.0.1497 - Bitdefender)
    Bizagi Process Modeler (HKLM-x32\...\InstallShield_{EC5DF025-9CC7-4075-B56E-128D3E026BC6}) (Version: 2.7.02 - Bizagi Limited)
    Bizagi Process Modeler (Version: 2.7.02 - Bizagi Limited) Hidden
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
    Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
    CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
    CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
    ChromecastApp (HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
    Cloud Deployment Project for Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.0.0 - Microsoft Corporation) Hidden
    Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
    Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
    Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
    CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Designer de Interface do Usuário XAML para Microsoft Visual Studio 2013 - PTB (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.6.1 - Bloodshed Software)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Entity Framework Designer para Visual Studio 2012 - PTB (HKLM-x32\...\{A1A05029-8D1E-4959-B604-1BAEBC8B9EB9}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Estudo de aprimoramento de produto para HP Deskjet 2540 series (HKLM\...\{44FE0FDF-E044-4EA9-AC22-325CDD4C3241}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Ferramentas de Coleta de Desempenho do Microsoft Visual Studio 2013 - PTB (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Ferramentas de Diagnóstico para Microsoft Visual Studio 2013 - PTB (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Ferramentas do Windows Phone 8.1 para Visual Studio 2013 - PTB (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
    Ferramentas do Windows Phone 8.1 para Visual Studio Professional 2013 - PTB (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
    FFmpeg (Windows) for Audacity versão 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
    Free ISO Creator version 1.0 (HKLM-x32\...\{FBEF93EA-D52F-45B5-91D3-ABEACE4C7615}_is1) (Version: 1.0 - freeisocreator.com)
    Free Pascal 2.6.4 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team)
    Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    GDR 4213 para o SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
    Git version 1.8.3-preview20130601 (HKLM-x32\...\Git_is1) (Version: 1.8.3-preview20130601 - The Git Development Community)
    GNU CLISP 2.49 (HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\GNU CLISP 2.49) (Version: 2.49 - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
    Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games)
    Gravador VSS da Microsoft para SQL Server 2014 (HKLM\...\{5A806EF2-6E97-4308-963B-492F2B8C22F7}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
    Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.8.0.1 - )
    HF pAppLoc version 1.1 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1 - Inquisitor)
    Hotfix 2430 para o SQL Server 2014 (KB2999197) (HKLM-x32\...\KB2999197) (Version: 12.0.2430.0 - Microsoft Corporation)
    HP Deskjet 2540 series Ajuda (HKLM-x32\...\{70B5D5B2-8014-4C22-9963-361B1F07B81A}) (Version: 30.0.0 - Hewlett Packard)
    HP Deskjet 2540 series Software básico do dispositivo (HKLM\...\{A4BA74B3-3DCB-47CC-9C80-C2CBAC26C6EB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
    IBM Cognos Insight (HKLM-x32\...\{8A915052-335A-4A78-98D8-54C35A664E08}) (Version: 10.2.2254.0 - IBM)
    IBM Cognos TM1 Performance Modeler (HKLM-x32\...\{B4765E05-352C-41BF-9D44-05E1A8C4D2D3}) (Version: 10.2.2254.0 - IBM)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
    ILLUSION ジンコウガクエン2 (HKLM-x32\...\{AF83EF7D-353A-4E0C-9919-C4E4BCB5F742}) (Version: 1.00.0000 - ILLUSION)
    ILLUSION ジンコウガクエン2 きゃらめいく (HKLM-x32\...\{A56F495B-7075-4510-AC91-485416140DA2}) (Version: 1.00.0000 - ILLUSION)
    Instalação do Microsoft SQL Server 2014 (em inglês) (HKLM-x32\...\{67564C6A-30EA-42BE-BD06-69FA908E23A7}) (Version: 12.0.2430.0 - Microsoft Corporation)
    Install Finalizer (x32 Version: 2.2.11003.1601 - Microsoft Corporation) Hidden
    Install Finalizer (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
    Install Finalizer (x32 Version: 2.6.30508.1601 - Microsoft Corporation) Hidden
    Intel XDK (HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\ARP_for_prd_xdk_0.0.1995) (Version: 0.0.1995 - Intel Corporation)
    Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.5.1080 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
    Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.1 - Receita Federal do Brasil)
    IRPF2015 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2015) (Version: 1.1 - Receita Federal do Brasil)
    Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
    Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
    Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
    Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
    Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
    Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    K-Lite Mega Codec Pack 10.3.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
    KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
    LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    LocalESPCui for pt-br (x32 Version: 8.59.29989 - Microsoft) Hidden
    LocalESPCui for pt-br Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Malwarebytes Anti-Malware versão 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    Microsoft File Transfer Manager (HKLM-x32\...\{4C8169AB-B6C1-413B-81B6-73B77127D82F}) (Version: 5.00.34 - Microsoft)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK - PTB Lang Pack (HKLM-x32\...\{DC372AEA-8483-4785-B291-62F67EBFF02F}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{AD808004-719D-3045-B1FA-C0C845BB7C63}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (ENU) (HKLM-x32\...\{8EBF82FA-BD9E-4154-94DB-0946B48C346B}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft Advertising SDK for Windows 8.1 - ENU (HKLM-x32\...\{916DF45F-3E75-47C1-8ACE-6D87B1646E4F}) (Version: 8.1.40402.2 - Microsoft Corporation)
    Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU (HKLM-x32\...\{3529AF14-7F67-470D-96B7-64074CC7A650}) (Version: 8.1.40505.0 - Microsoft Corporation)
    Microsoft AS OLE DB Provider para SQL Server 2014 (HKLM\...\{DAAC232D-7FBF-48FB-B50D-CE6686DFDD90}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft ASP.NET and Web Frameworks 2012.2 - PTB (HKLM-x32\...\{eba49574-464d-4ee1-a213-06c7af6577d5}) (Version: 2.1.20219.0 - Microsoft Corporation)
    Microsoft ASP.NET and Web Frameworks 2012.2 (HKLM-x32\...\{71a40c60-27c2-443a-b7c7-6e4f3aad1d5a}) (Version: 2.1.20219.0 - Microsoft Corporation)
    Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio Express 2012 for Web (HKLM-x32\...\{CEB3E62B-D8BC-4DC2-838B-C7B547D2C4F6}) (Version: 1.5.50306.0 - Microsoft Corporation)
    Microsoft ASP.NET and Web Tools 2013.4 - Visual Studio 2013 - ptb (HKLM-x32\...\{10154711-1B5B-3391-8D78-F65FD42246B3}) (Version: 12.4.60425.0 - Microsoft Corporation)
    Microsoft ASP.NET and Web Tools 2013.4 - Visual Studio 2013 (HKLM-x32\...\{BC0C3227-2CFC-317B-9067-9AECE0FB01E3}) (Version: 12.4.60425.0 - Microsoft Corporation)
    Microsoft ASP.NET and Web Tools 2013.4 - Visual Studio Express 2013 for Web - ptb (HKLM-x32\...\{B23C176A-FCE8-395A-B929-0E122637293C}) (Version: 12.4.60425.0 - Microsoft Corporation)
    Microsoft ASP.NET and Web Tools 2013.4 - Visual Studio Express 2013 for Web (HKLM-x32\...\{EFDD0922-B74D-3DAF-9916-21C1064EE414}) (Version: 12.4.60425.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 - PTB (HKLM-x32\...\{F27C4797-70EE-42E6-B16B-799E66CA8608}) (Version: 3.0.30710.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages - PTB (HKLM-x32\...\{C60DB577-A1FF-4F3B-91D0-ECCA94BB3444}) (Version: 1.0.20710.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Azure Authoring Tools - v2.6 (HKLM\...\{FCD738C5-E26D-4E62-A2DA-2F0C65F81729}) (Version: 2.6.6496.2 - Microsoft Corporation)
    Microsoft Azure Compute Emulator - v2.6 (HKLM\...\Microsoft Azure Compute Emulator - v2.6) (Version: 2.6.6496.2 - Microsoft Corporation)
    Microsoft Azure HDInsight Tools for Visual Studio 2013 (HKLM-x32\...\{2359FE6C-71F4-42A9-AA21-99226119836B}) (Version: 2.0.1000.0 - Microsoft Corporation)
    Microsoft Azure Libraries for .NET – v2.6 (HKLM\...\{E083D718-4414-45A6-B25B-7ADE4D483FD4}) (Version: 2.6.0424.100 - Microsoft Corporation)
    Microsoft Azure Mobile App SDK V1.0 (HKLM-x32\...\{467BBA68-2F71-4E1A-BD96-4CEC44CE1664}) (Version: 1.0.30320.0 - Microsoft Corporation)
    Microsoft Azure PowerShell - June 2015 (HKLM-x32\...\{EBA8CDA4-F325-41F8-9FE2-71F45CE1BB6F}) (Version: 0.9.3 - Microsoft Corporation)
    Microsoft Azure Quickstarts (HKLM-x32\...\{A6ACA586-9C39-3F57-82B6-9345FF1672F9}) (Version: 1.6 - Microsoft Corporation)
    Microsoft Azure Storage Emulator - v4.0 (HKLM-x32\...\Microsoft Azure Storage Emulator - v4.0) (Version: 4.0.6891.3 - Microsoft Corporation)
    Microsoft Azure Storage Tools - v3.1.0 (HKLM-x32\...\{B24BC91A-09AF-4695-8CE5-D62582B57946}) (Version: 3.1.0.0 - Microsoft Corporation)
    Microsoft Azure Tools for Microsoft Visual Studio 2013 - v2.6 (HKLM-x32\...\{38c05380-3bc1-4bcf-ac7b-ec18b7aa17c4}) (Version: 2.6.30508.1601 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 Language Pack - PTB (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - PTB) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Hive ODBC Driver (HKLM\...\{AC9970E8-7F55-4F50-A6D3-2BC041589904}) (Version: 1.0.5.5 - Microsoft Corporation)
    Microsoft Hive ODBC Driver (HKLM-x32\...\{7A580208-9E61-47FD-9AEB-DDDAA67CF0F6}) (Version: 1.0.5.5 - Microsoft Corporation)
    Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{6575A3BA-88BD-4C68-8B09-D1D82E29F400}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft Office Developer Tools for Visual Studio 2013 - April 2015 Update (HKLM-x32\...\{45ba782b-98e9-43b0-a967-eb040045ff09}) (Version: 12.0.40429.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
    Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{0C03FE92-568D-4222-BAB1-3CACC9D4BA27}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{AD816BDD-4ACC-4AC1-85B1-11958B9DC740}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{A7F761B0-FD2E-4F9F-A98B-4261C563552A}) (Version: 11.1.3407.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{0464CEA9-6FB9-4F41-A65E-DC2F91B9397B}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{312C6B88-8592-4A30-8D9B-D372732D292C}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{0B739312-487E-4754-8356-5887CC40859D}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Setup (English) (HKLM\...\{2975950A-6723-4FD2-9719-78DD9C30A7F4}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{5BC5068F-1F64-4D2D-948F-E75F30B850CB}) (Version: 12.1.4213.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{D410C532-5E36-4683-BFE7-A6707B3BFF30}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 PTB (HKLM\...\{E451FC79-21BE-4BDA-86DB-9F3B34DE181D}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - PTB (12.0.50512.0) (HKLM-x32\...\{BC7E0AFB-2E46-4C8D-8C1B-E3BDE9C9AA1A}) (Version: 12.0.50512.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools 2013 (HKLM-x32\...\{a2da4f68-c404-4aa4-bf90-f6087c61a739}) (Version: 12.0.50512.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - PTB (12.0.30919.1) (HKLM-x32\...\{6CF636F7-1C41-4CC4-B985-386ADF2707EF}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data-Tier Application Framework (x64) (HKLM\...\{8EEC46D2-8208-4799-8328-2AA00F96AB8A}) (Version: 12.0.1294.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{6D1C4D4E-E9FA-41F4-AC6F-ABBE327A349F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types para SQL Server 2014 (HKLM\...\{18773A95-38A3-4A65-80EA-1732D988CD45}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Microsoft System CLR Types para SQL Server 2014 (HKLM-x32\...\{ED2E65D0-BAA6-4526-B3E5-91B27C7298B4}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual F# 3.1.2 (HKLM-x32\...\{d705b4dc-2aa8-4215-9b13-4fad5dcda72b}) (Version: 12.0.30815.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - PTB (HKLM-x32\...\{37C82C0C-4B8A-36A9-B470-8A2F531EBC18}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Integrated) (HKLM-x32\...\{55b160d2-8221-45fd-ab30-4388c69c0f3b}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio 2013 Shell (Isolated) (HKLM-x32\...\{dd77c2ff-db69-44f7-9e5c-63aa540dfe07}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Web - ENU (HKLM-x32\...\{f56bac4b-ef69-49d9-b010-1d7de651418d}) (Version: 11.0.50727.26 - Microsoft Corporation)
    Microsoft Visual Studio Express 2013 for Web - ENU (HKLM-x32\...\{3e544097-53d1-4252-98a6-93cc12a6d487}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{e20d88d6-6150-4602-b4ef-49e138467d4d}) (Version: 11.0.51108 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 Language Support (HKLM-x32\...\{44774b10-3e2b-443c-899b-56c46b370aa7}) (Version: 11.0.50727.0 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
    Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - PTB (HKLM-x32\...\{FC140D8E-C522-46C9-BD4B-ECF1570D9F1E}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
    Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
    Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - )
    Modelo de Redirecionamento do Python Tools (x32 Version: 1.1 - Microsoft Corporation) Hidden
    Modelo de Redirecionamento do Python Tools (x32 Version: 1.3 - Microsoft Corporation) Hidden
    Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
    Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
    Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
    MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
    NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
    NVIDIA Driver de áudio HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA Driver de gráficos 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
    NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    Open XML SDK 2.5 Productivity Tool for Microsoft Office (HKLM-x32\...\{6396F38A-45C6-4FA2-BA24-3985B106782F}) (Version: 2.5.5631 - Microsoft Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
    Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
    Pacote de Idiomas do Microsoft Visual Studio 2013 - PTB (x32 Version: 12.0.21005.13 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Express 2012 para Web - PTB (HKLM-x32\...\{3274d2be-0d88-457f-9af9-fdce2a43d243}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Pacote de Idiomas do Microsoft Visual Studio Express 2013 para Web - PTB (HKLM-x32\...\{0374b2b8-899d-42b3-ba7f-72283b7bc934}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Pacote de Idiomas do Microsoft Visual Studio Team Foundation Server 2012 Team Explorer - PTB (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 - Português (Brasil) (HKLM\...\{D2CB3B27-E6A2-3080-9F7C-123A7EF621FE}) (Version: 10.0.40219 - Microsoft Corporation)
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - Português (Brasil) (HKLM-x32\...\{87648848-404B-39D4-BF91-63913533D4A7}) (Version: 10.0.40219 - Microsoft Corporation)
    Pacote de Idiomas do Modelo de Objeto da Atualização 4 do Microsoft Team Foundation Server 2013 (x64) - PTB (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Modelo de Objeto do Microsoft Visual Studio Team Foundation Server 2012 - PTB (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Shell do Microsoft Visual Studio 2013 (Isolado) - PTB (HKLM-x32\...\{7279c910-803f-46e7-9d1e-e3825b78e8d3}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Pacote de Idiomas do Team Explorer para Microsoft Visual Studio 2013 - PTB (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Visualizador de Ajuda Microsoft 2.0 - PTB (HKLM-x32\...\Pacote de Idiomas do Visualizador de Ajuda Microsoft 2.0 - PTB) (Version: 2.0.50727 - Microsoft Corporation)
    Pacote de Idiomas do Visualizador de Ajuda Microsoft 2.0 - PTB (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Visualizador de Ajuda Microsoft 2.1 - PTB (HKLM-x32\...\Pacote de Idiomas do Visualizador de Ajuda Microsoft 2.1 - PTB) (Version: 2.1.21005 - Microsoft Corporation)
    Pacote de Idiomas do Visualizador de Ajuda Microsoft 2.1 - PTB (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
    Painel de controle da NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden
    piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
    Políticas do Microsoft SQL Server 2014 (HKLM-x32\...\{2BA22777-2310-4681-9D78-D96A7EA4BE01}) (Version: 12.0.2000.8 - Microsoft Corporation)
    PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    Preparação do Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Preparação do Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Pré-requisitos para o SSDT (HKLM-x32\...\{033AEAE9-BA49-4D4D-A260-7BAB983D5685}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
    Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.212 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6733 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
    Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.05 - Serpro - Serviço Federal de Processamento de Dados)
    Recursos de Desenvolvedor do Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Recursos do Shell do Microsoft Visual Studio 2012 (Mínimo) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Recursos do Shell do Microsoft Visual Studio 2013 (Mínimo) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
    Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    RSDLite (HKLM-x32\...\{2540D9B6-1D17-4D7B-972F-067FE5DC8C5A}) (Version: 6.1.5 - Motorola)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
    SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Secure Download Manager (HKLM-x32\...\{F0858165-B8DB-4347-89B8-6D9F882B9BF3}) (Version: 3.1.60 - Kivuto Solutions Inc.)
    Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (Version: - Microsoft) Hidden
    Service Pack 1 para o SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
    Serviço de Linguagem T-SQL do Microsoft SQL Server 2014 (HKLM\...\{D7353F96-EA67-4FFE-911D-665F5774F9AD}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Serviço de Linguagem T-SQL do Microsoft SQL Server 2014 (HKLM-x32\...\{B9F17C0B-CA08-4E72-B304-9A4013E4C33A}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
    SharePoint Client Components (HKLM\...\{95160003-1163-0409-1000-0000000FF1CE}) (Version: 16.0.4002.1211 - Microsoft Corporation)
    SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Shift 2 Unleashed (HKLM-x32\...\Steam App 47920) (Version: - Slightly Mad Studios)
    Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
    SQL Server 2014 Analysis Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Client Tools (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Common Files (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality client (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality service (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Data quality service (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Data Tools - BI for Visual Studio 2013 (x32 Version: 12.0.2430.0 - Microsoft Corporation) Hidden
    SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Distributed Replay (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Distributed Replay (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Documentation Components (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Full text search (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Integration Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Management Studio (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Master Data Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server 2014 Master Data Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 Reporting Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 RS_SharePoint_SharedService (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 SQL Data Quality Common (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    SQL Server 2014 SQL Data Quality Common (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
    SQL Server Browser para SQL Server 2014 (HKLM-x32\...\{ACC52B4B-9F0D-4266-8CEB-348F64CC2C7C}) (Version: 12.1.4100.1 - Microsoft Corporation)
    Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
    Standard ML of New Jersey (HKLM-x32\...\{F7CA0FDB-0C97-480B-A532-2A579917CFDB}) (Version: 0.0.0.0 - University of Chicago)
    Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
    Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
    Suplemento do Microsoft Visual Studio 2013 in para Windows Phone - Pacote de Idiomas PTB (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
    TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
    Uninstall Finalizer (x32 Version: 2.2.11003.1601 - Microsoft Corporation) Hidden
    Uninstall Finalizer (x32 Version: 2.3.20320.1602 - Microsoft Corporation) Hidden
    Uninstall Finalizer (x32 Version: 2.6.30508.1601 - Microsoft Corporation) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{45AD9785-5503-4B26-981A-AF62A355ADF2}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
    Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
    Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
    Visual Studio 2010 Prerequisites - English (HKLM\...\{45DAD85A-A8D6-3E01-B28C-F7791661A717}) (Version: 10.0.30319 - Microsoft Corporation)
    Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
    VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
    WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    Windows Azure Authoring Tools - v2.3 (HKLM\...\{CA53F7A1-A71D-4C7F-ABD2-7BDD26FE0D74}) (Version: 2.3.6491.3 - Microsoft Corporation)
    Windows Azure Command Line Tools (HKLM-x32\...\{BC1F0712-15DE-42D8-B846-C346031F7CF3}) (Version: 0.8.5 - Microsoft Corporation)
    Windows Azure Libraries for .NET – v2.2 (HKLM\...\{0DCF275C-3D88-48CC-B374-ACA7365EF966}) (Version: 2.2.0924.200 - Microsoft Corporation)
    Windows Azure Libraries for .NET – v2.3 (HKLM\...\{C0591F2A-45AD-4189-86A7-C2B1DF3D148D}) (Version: 2.3.0424.070 - Microsoft Corporation)
    Windows Azure Tools for Microsoft LightSwitch for Visual Studio 2013 - v2.3 (HKLM-x32\...\{ad100c2d-0566-4608-9d2a-819f337f7c15}) (Version: 2.3.20305.1601 - Microsoft Corporation)
    Windows Azure Tools for Microsoft Visual Studio 2012 - v2.3 (HKLM-x32\...\{d330fe59-916f-4dcd-8de7-fbf00e4525b1}) (Version: 2.3.20320.1602 - Microsoft Corporation)
    Windows Azure Tools for Microsoft Visual Studio 2013 - v2.2 (HKLM-x32\...\{1775e863-fea5-4931-9399-58f5247d0e99}) (Version: 2.2.11003.1601 - Microsoft Corporation)
    Windows Azure Tools for Microsoft Visual Studio 2013 - v2.3 (HKLM-x32\...\{7223ffe5-5cbb-45ca-8aa3-a455015ab1cf}) (Version: 2.3.20320.1602 - Microsoft Corporation)
    Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
    Windows Phone 8.1 Update 1 SDK and Emulators - ENU (HKLM-x32\...\{6cfef729-1789-43af-bce8-560e1d3d062e}) (Version: 12.0.30723.0 - Microsoft Corporation)
    Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
    Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
    Xamarin (HKLM-x32\...\{6618788F-FDAE-4B4D-AECD-9ECD75809D42}) (Version: 3.11.446.0 - Xamarin)
    Xamarin Studio 5.9 (HKLM-x32\...\{003729BE-9032-4538-A575-02CA5C40442E}) (Version: 5.9.0.464 - Xamarin)
    Xamarin Universal Installer (HKLM-x32\...\{e2170c24-4ed1-4aca-8a8f-defa79cb4dae}) (Version: 3.5.0.0 - Xamarin, Inc)
    XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)
    Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
    Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3203197593-2648915773-4125324600-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-3203197593-2648915773-4125324600-1002_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
    CustomCLSID: HKU\S-1-5-21-3203197593-2648915773-4125324600-1002_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Vinícius\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3203197593-2648915773-4125324600-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
    CustomCLSID: HKU\S-1-5-21-3203197593-2648915773-4125324600-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Vinícius\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3203197593-2648915773-4125324600-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Vinícius\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    29-07-2015 19:36:59 Windows Update
    30-07-2015 22:23:27 Installed Windows Resource Kit Tools - SubInAcl.exe

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0D3A423C-93D3-44D9-901F-ED62BB8FCCE1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core => C:\Users\Vinícius\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-20] (Facebook Inc.)
    Task: {1F90F676-2253-4313-857B-E3EAAA6DEDE3} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic
    Task: {20BD1938-B179-4B66-9945-4F2481D94F1C} - System32\Tasks\R@1n-KMS\KMS-Restart => start KMS-R@1n
    Task: {256B8B8A-9788-40D5-BB43-C2BEDFB8A335} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
    Task: {28BC350F-96D5-43A5-ACA4-5200D541615A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
    Task: {2E7A3D63-1A19-43DB-87B7-2861EDDAE5DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {337DD065-0759-4644-9A48-AD6BEC158E76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {36F516F4-F2CC-4BC6-BC86-81EEDB338426} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
    Task: {374F7B82-2303-419C-B44F-D1CC7F4011A2} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3203197593-2648915773-4125324600-1002
    Task: {3E885834-1640-44AB-9833-2280538493EF} - System32\Tasks\Origin => C:\Users\Vinícius\AppData\Roaming\Origin\update.vbe <==== ATTENTION
    Task: {3FFD3AAD-814D-4554-91FA-E7824C51EBC6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
    Task: {4B2405EA-8139-416F-BD50-BE1AC335834A} - System32\Tasks\HP AR Program Upload - 77abde1a6deb41228ae89229b5589159e11cec9748e843d190ac644faf4a831e => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
    Task: {548936AA-4BAB-4F19-B3B4-DA5DE2E56DD3} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {548A4FD3-663D-4385-AFE9-D9C504D08F95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
    Task: {56BC53BD-7A3D-4828-B097-49ED6757F930} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA => C:\Users\Vinícius\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
    Task: {584EA4B5-A6EB-4409-B217-599835A51DC0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
    Task: {5E76FDBD-F37C-477B-A4FA-0FD6D32D53F7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VINICIUS-ULTRA-Vinícius Vinicius-Ultra => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation)
    Task: {64E87F97-DDAE-400B-87AD-4746D769B126} - System32\Tasks\{9BED4074-EA38-4D99-8B3C-6E2802518591} => pcalua.exe -a C:\Users\Vinícius\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=cmi
    Task: {7B86516D-D970-4FAD-83DF-7E6DFE10632F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
    Task: {8B7876F5-4FFE-4B63-9213-CBF6F1737548} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
    Task: {92893A81-DF8D-401B-8042-F9B690901516} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
    Task: {99FCFAB8-BC82-4BF0-812D-B6245BC772AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core => C:\Users\Vinícius\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
    Task: {A0D6DA34-32F5-4144-83AF-F935EE27BB92} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-07-27] (Bitdefender)
    Task: {A4718947-2E6F-4533-A9B0-2A3C52EDE376} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
    Task: {A8B80FA8-EF6D-4A93-BAB5-08782E2909BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
    Task: {B2D1C2BA-0EB3-4323-BB25-7AC850349024} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
    Task: {B45D139E-D8D3-433B-A41E-FAA2980C2A90} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {BE4CAEDD-5171-409D-8922-B6E8D61480EE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA => C:\Users\Vinícius\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-20] (Facebook Inc.)
    Task: {C06A11C1-D6B6-43D1-8FA1-C8E857D2FC53} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3203197593-2648915773-4125324600-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
    Task: {C30B47DA-6F03-40E7-9FC2-34F7ECB8BB62} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {C3900483-D523-4498-A3A1-4DAB20577DA1} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\OatTask => C:\Office Activation Technologies\Install.cmd [2016-08-14] ()
    Task: {C70DF139-F020-4239-A928-B4C709D4832D} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
    Task: {D52FAAE9-F7BE-4DFC-82B7-5AABDEBE4A71} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
    Task: {E742E1C9-A174-4E0F-B8CC-141F7D701850} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    Task: {E94DCC39-9822-4F51-B7F6-44A26ED48BAB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    Task: {F423F67F-58E0-453F-B0E4-9F91778DA8D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core.job => C:\Users\Vinícius\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA.job => C:\Users\Vinícius\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core.job => C:\Users\Vinícius\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA.job => C:\Users\Vinícius\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-05-22 12:20 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
    2015-05-22 12:20 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
    2015-05-22 12:20 - 2015-03-23 17:57 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
    2015-05-22 12:20 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
    2015-07-21 10:52 - 2015-07-21 10:52 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_003\ashttpbr.mdl
    2015-07-21 10:52 - 2015-07-21 10:52 - 00743000 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_003\ashttpdsp.mdl
    2015-07-21 10:52 - 2015-07-21 10:52 - 02795272 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_003\ashttpph.mdl
    2015-07-21 10:52 - 2015-07-21 10:52 - 01414048 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00450_003\ashttprbl.mdl
    2015-01-07 19:50 - 2015-07-23 01:06 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-04-17 13:14 - 2013-10-23 14:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
    2015-03-25 11:32 - 2013-07-22 16:41 - 00083968 _____ () C:\WINDOWS\System32\_pdfxp64.dll
    2015-05-26 17:44 - 2015-06-18 07:25 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
    2012-08-24 21:26 - 2012-08-24 21:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2012-10-09 17:02 - 2012-10-09 17:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
    2012-10-09 16:59 - 2012-10-09 16:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2012-10-09 17:02 - 2012-10-09 17:02 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2014-01-23 16:05 - 2014-01-23 16:05 - 01424552 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
    2012-08-24 21:17 - 2012-08-24 21:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2015-01-07 19:50 - 2015-07-23 01:06 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2015-07-31 10:10 - 2015-07-31 10:11 - 00852684 _____ () C:\Users\Vinícius\Downloads\SecurityCheck.exe

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Vinícius\SkyDrive:ms-properties
    AlternateDataStreams: C:\Users\Vinícius\Downloads\FRST64.exe:BDU
    AlternateDataStreams: C:\Users\Vinícius\Downloads\SecurityCheck.exe:BDU

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.25.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: ASLDRService => 2
    MSCONFIG\Services: ASUS InstantOn => 2
    MSCONFIG\Services: AtherosSvc => 2
    MSCONFIG\Services: ATKGFNEXSrv => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: cphs => 3
    MSCONFIG\Services: ExpressCache => 2
    MSCONFIG\Services: GfExperienceService => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
    MSCONFIG\Services: Intel(R) ME Service => 2
    MSCONFIG\Services: irstrtsv => 2
    MSCONFIG\Services: jhi_service => 2
    MSCONFIG\Services: LMS => 2
    MSCONFIG\Services: MBAMService => 2
    MSCONFIG\Services: Motorola Device Manager => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: NvNetworkService => 2
    MSCONFIG\Services: NvStreamSvc => 2
    MSCONFIG\Services: nvsvc => 2
    MSCONFIG\Services: Origin Client Service => 3
    MSCONFIG\Services: PSI_SVC_2_x64 => 2
    MSCONFIG\Services: PST Service => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: UNS => 2
    MSCONFIG\Services: ZAtheros Bt and Wlan Coex Agent => 2
    HKLM\...\StartupApproved\Run: => "ShadowPlay"
    HKLM\...\StartupApproved\Run: => "3D BubbleSound"
    HKLM\...\StartupApproved\Run32: => "HP Software Update"
    HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
    HKLM\...\StartupApproved\Run32: => "YTDownloader"
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\StartupApproved\Run: => "Facebook Update"
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\StartupApproved\Run: => "Google Update"
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\StartupApproved\Run: => "KiesPreload"
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\StartupApproved\Run: => "KiesAirMessage"
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\StartupApproved\Run: => "YTDownloader"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
    FirewallRules: [{A584D241-470F-4B0A-8DDA-4BED4BD8D038}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{80EDD02F-F281-4817-99EF-41AAC2C26E40}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{A70373FA-D0D6-4F34-8E34-27F8750D399B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{9FFC63D0-EF04-41C9-9A93-90B402CCFD68}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{CD47C8B7-66F7-45F9-B993-53146D370718}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{D92EEC73-E8FC-422A-93F8-DF4BC0C2BF6F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{C58B15A8-A8E8-4CF6-BB76-6F0C8F4FC196}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{1EC7BE46-10E3-4CF6-99CD-A77DBF285146}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{5ACF5B45-21B6-4D7F-89E1-28A120DEF39D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{F30932CF-8DE7-4D7A-A9FA-D2BAA3FD0F23}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{784ED778-B5D7-4185-8717-B051FDBB3107}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{679C8F37-54F2-4B7B-9805-5E11DF447406}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{D030BB50-5BE1-4B25-81B5-99123094AFA3}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{58C84738-9CD5-4C30-8A8B-CD24A72953A5}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{29E9FBFE-DA30-49C8-A758-81D2033AC290}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{515854B9-6A01-43F7-8557-11A2ACE5B69C}] => (Allow) LPort=1688
    FirewallRules: [{1485C41C-45A4-4055-8C80-3CCD96CE16D8}] => (Allow) C:\Users\Vinícius\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{A3E5A3C9-2B33-4CE0-A650-73A38E050762}] => (Allow) C:\Users\Vinícius\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
    FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
    FirewallRules: [{7CD6380B-7609-429E-85D5-8982B0D2B088}] => (Allow) %systemroot%\system32\alg.exe
    FirewallRules: [TCP Query User{E6C6C9E4-61F1-4323-975B-B0B210F2A507}C:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) C:\program files (x86)\motorola\rsd lite\sdl.exe
    FirewallRules: [UDP Query User{D870E4BA-81F9-4FEB-9C54-3ACCA55593B8}C:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) C:\program files (x86)\motorola\rsd lite\sdl.exe
    FirewallRules: [TCP Query User{1353FCDB-226B-4BB0-AAE3-751B176BC6AF}C:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) C:\program files (x86)\motorola\rsd lite\sdl.exe
    FirewallRules: [UDP Query User{425E9843-88B1-4F69-9A40-D4D1211FD883}C:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) C:\program files (x86)\motorola\rsd lite\sdl.exe
    FirewallRules: [{3AE84054-00E2-48B8-8FF2-D2D12F331D7C}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
    FirewallRules: [{D408F4F2-B5F6-40D3-9071-9993228264B1}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
    FirewallRules: [{CA8D4057-D3B2-49C8-B210-349F09087585}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{EF8F4C7E-4D44-409E-8DC9-3ED57FAA48C4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{E7F6387B-8FB8-4906-8EA1-742DC1BAFAE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{19B9947A-F49D-47DA-9947-4DE790431209}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{2FA9CBCC-2AC0-43FD-84C9-1D196B62BCBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{58CF02C3-DA16-4B33-95C9-E25EEBE64A75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{60836DC6-7351-45E4-89D9-01101CA19EBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{CBBE1617-C775-4531-B34B-32C3BC89E665}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{75FA04F2-C5DB-405A-A0C2-BAC69B42E91D}] => (Allow) C:\Users\Vinícius\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
    FirewallRules: [{6B3C19D9-CB7E-431A-9EE7-424E4248C7FB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{DCC21C1B-3210-43B8-9237-34D158DB6C98}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [TCP Query User{8B06DE09-F8CF-4A9D-AA0A-4A3EE880DA7F}C:\users\vinícius\appdata\local\android\android-studio\bin\studio64.exe] => (Allow) C:\users\vinícius\appdata\local\android\android-studio\bin\studio64.exe
    FirewallRules: [UDP Query User{E5C80669-6EE4-4F53-911C-E1947415B50D}C:\users\vinícius\appdata\local\android\android-studio\bin\studio64.exe] => (Allow) C:\users\vinícius\appdata\local\android\android-studio\bin\studio64.exe
    FirewallRules: [TCP Query User{0CBC353B-02E2-41C9-AAD2-43F1BC84E249}C:\program files\java\jdk1.7.0_67\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_67\bin\java.exe
    FirewallRules: [UDP Query User{6AB6F769-06A6-4A23-BC3C-28AEBBBE0AC5}C:\program files\java\jdk1.7.0_67\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_67\bin\java.exe
    FirewallRules: [TCP Query User{2513D9DA-701F-4670-95F0-25A154C1F3B8}C:\program files\java\jdk1.7.0_67\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_67\jre\bin\java.exe
    FirewallRules: [UDP Query User{3517DDB7-3818-4F7A-9104-FEBB94AFFD96}C:\program files\java\jdk1.7.0_67\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_67\jre\bin\java.exe
    FirewallRules: [{50B280B1-139A-44D9-BD34-DA3E23526827}] => (Allow) LPort=12292
    FirewallRules: [{D03A96B9-312E-42BE-8330-9706148F2D6D}] => (Allow) D:\SteamLibrary\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
    FirewallRules: [{0548350E-92F6-4134-BF20-C53A09DDCA33}] => (Allow) D:\SteamLibrary\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
    FirewallRules: [{7D8B443D-5671-4794-ADDA-179B0E132900}] => (Allow) D:\SteamLibrary\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
    FirewallRules: [{D667C0DF-5E4D-46C0-BD50-502B07B3B3DF}] => (Allow) D:\SteamLibrary\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
    FirewallRules: [{D1A5EA97-DB0A-46EC-BC85-D6914E57B183}] => (Allow) D:\SteamLibrary\SteamApps\common\Grand Theft Auto 3\gta3.exe
    FirewallRules: [{A37BEB29-7539-4418-8515-DEB57FCECC47}] => (Allow) D:\SteamLibrary\SteamApps\common\Grand Theft Auto 3\gta3.exe
    FirewallRules: [{45577DEB-F20C-4147-AE16-3D9B339BB442}] => (Allow) D:\SteamLibrary\SteamApps\common\Need For Speed Shift 2\SHIFT2U.exe
    FirewallRules: [{66D920F2-4B52-43FA-B779-4D6F1D0A618B}] => (Allow) D:\SteamLibrary\SteamApps\common\Need For Speed Shift 2\SHIFT2U.exe
    FirewallRules: [{F080E5FA-9DC7-4C5E-80CC-AAC1A4A1A77C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{B8D1542A-1367-4D81-A8AF-F278F92AF85C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{BD26B709-640C-494F-B7A4-2CB5B00D6217}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
    FirewallRules: [{BCD420D3-2F21-4005-83C0-A922F8CD2E12}] => (Allow) LPort=5357
    FirewallRules: [{A6705864-FCD2-4DB1-91AC-FD5C7B83CD1E}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{6FAFBBA6-87DF-4874-9E05-B8327093DC77}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{1DBC44C4-4752-45B6-ACD9-99009FA35AF3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [TCP Query User{917258D6-A523-4B92-9E2C-651D59767907}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{2E096D39-CA87-482A-90DD-47D6B7A4264E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{17822BB8-3C2A-489F-A574-55CDF69510F2}C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\cognosinsight.exe] => (Allow) C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\cognosinsight.exe
    FirewallRules: [UDP Query User{D0A53D99-BD35-4A6F-8419-B17DBAD3D743}C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\cognosinsight.exe] => (Allow) C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\cognosinsight.exe
    FirewallRules: [TCP Query User{A1FAD05F-40AE-465C-8FC6-1894BA23EC5E}C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\x64\tm1ipmp.exe] => (Allow) C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\x64\tm1ipmp.exe
    FirewallRules: [UDP Query User{B932E164-B12B-4697-8BCA-660789DB223C}C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\x64\tm1ipmp.exe] => (Allow) C:\users\vinícius\appdata\local\programs\ibm\cognos insight\bins\bin_10.2.2254.0\x64\tm1ipmp.exe
    FirewallRules: [{5A91E887-EA0F-4A94-9E6A-2D395E1CA861}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{D0A0E04B-CC10-4DEA-AE1B-0FE9A61A537D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{BE205890-CBA2-4F87-AEE1-C0C9F89005DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{6D9795F4-5599-4C97-B8D7-D4035ECA4EE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{E6C5D629-23C4-44FE-BE83-92706FF46FCA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{ED8B8346-F296-4F2C-B120-B53780FA4D9E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{D9893B46-7374-438E-B031-800CBBCB8374}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{7AED62E9-0E77-4803-B44B-B355196AF6CE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{DADEA844-65A2-4CBC-95B0-B9791368F18F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{7078A3FB-5142-4C33-A090-5F5182EDFBB3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{1453F709-8DD7-4DC3-98B0-AE293CBFA18C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{7C370A19-907E-4E25-9AAD-BC067C946E56}] => (Allow) LPort=2869
    FirewallRules: [{8DF967E6-AEEA-4066-AC5F-2720F34AC2F4}] => (Allow) LPort=1900
    FirewallRules: [{A7671BF5-FBE8-4811-9DAF-978BB05C2C4C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
    FirewallRules: [{0F93E034-66C3-45B0-898D-59C51BA15DE4}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
    FirewallRules: [{867D095B-E2D2-4839-A220-AE383BA66FEB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{650CDB80-8903-472E-8655-5DD6012D3343}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{DE0072CB-0724-4EB9-913B-311EBC0CF16F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{9F731643-E1EB-489B-979D-ABD328D5C847}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{C62A9F9A-D2BB-42B8-ADFD-01041F1C7E1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{F54A55E0-ED0B-4637-BD39-8BADFFDFD09B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{4BB07FEF-898F-48D9-B73D-5BEA745DFA61}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{7D9FBD19-1EEC-45C4-BAF0-537C90390B95}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{1C9DFD46-6930-4866-AE4A-E5477359CB91}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/31/2015 09:47:49 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
    Description: Report Server Windows Service (MSSQLSERVER) não pode se conectar ao banco de dados do servidor de relatório.

    Error: (07/31/2015 09:47:13 AM) (Source: PerfNet) (EventID: 2004) (User: )
    Description:

    Error: (07/31/2015 09:47:11 AM) (Source: Perflib) (EventID: 1008) (User: )
    Description: BITSC:\Windows\System32\bitsperf.dll8

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: NT SERVICE)
    Description: O Windows não pode localizar o perfil local e está fazendo seu logon com um perfil temporário. As alterações que você fizer nesse perfil serão perdidas quando você fizer logoff.

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: NT SERVICE)
    Description: O Windows fez o backup deste perfil de usuário. O Windows tentará usar automaticamente esse perfil na próxima vez em que o usuário fizer logon.

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: NT SERVICE)
    Description: O Windows não pode carregar o perfil armazenado localmente. As possíveis causas do erro são direitos de segurança insuficientes ou um perfil local corrompido.

    DETALHE - O banco de dados do Registro de configuração está corrompido.

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: AUTORIDADE NT)
    Description: O Windows não pôde carregar o Registro. Isso geralmente é causado por memória insuficiente ou direitos de segurança insuficientes.

    DETALHE - O banco de dados do Registro de configuração está corrompido.
    para C:\Users\MSSQLServerOLAPService\ntuser.dat

    Error: (07/31/2015 09:26:35 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (07/31/2015 08:48:31 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Falha na geração de contexto de ativação para "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Assembly dependente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" não pôde ser localizado.
    Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

    Error: (07/31/2015 08:22:31 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
    Description: Report Server Windows Service (MSSQLSERVER) não pode se conectar ao banco de dados do servidor de relatório.


    System errors:
    =============
    Error: (07/31/2015 09:47:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Go To NOT devido ao seguinte erro:
    %%3

    Error: (07/31/2015 09:46:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Subtract Comment Box devido ao seguinte erro:
    %%3

    Error: (07/31/2015 09:46:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço BDDefense devido ao seguinte erro:
    %%2

    Error: (07/31/2015 09:46:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço BDMNetMon devido ao seguinte erro:
    %%2

    Error: (07/31/2015 09:46:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Serviço Bitdefender Virus Shield suspenso ao iniciar.

    Error: (07/31/2015 09:44:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: O serviço Superfetch terminou com o erro:
    %%1062

    Error: (07/31/2015 09:36:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
    Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070004: Atualizar para Windows 10 Pro.

    Error: (07/31/2015 08:22:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Go To NOT devido ao seguinte erro:
    %%3

    Error: (07/31/2015 08:21:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço Subtract Comment Box devido ao seguinte erro:
    %%3

    Error: (07/31/2015 08:21:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Não foi possível iniciar o serviço BDDefense devido ao seguinte erro:
    %%2


    Microsoft Office:
    =========================
    Error: (07/31/2015 09:47:49 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
    Description: Report Server Windows Service (MSSQLSERVER)

    Error: (07/31/2015 09:47:13 AM) (Source: PerfNet) (EventID: 2004) (User: )
    Description:

    Error: (07/31/2015 09:47:11 AM) (Source: Perflib) (EventID: 1008) (User: )
    Description: BITSC:\Windows\System32\bitsperf.dll8

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: NT SERVICE)
    Description:

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: NT SERVICE)
    Description:

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: NT SERVICE)
    Description: O banco de dados do Registro de configuração está corrompido.

    Error: (07/31/2015 09:46:55 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: AUTORIDADE NT)
    Description: O banco de dados do Registro de configuração está corrompido.
    C:\Users\MSSQLServerOLAPService\ntuser.dat

    Error: (07/31/2015 09:26:35 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1046\vcredist_arm.exe

    Error: (07/31/2015 08:48:31 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1046\vcredist_arm.exe

    Error: (07/31/2015 08:22:31 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
    Description: Report Server Windows Service (MSSQLSERVER)


    CodeIntegrity:
    ===================================
    Date: 2015-05-11 17:21:00.191
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 17:20:59.816
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:43.859
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:43.334
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:42.797
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:42.283
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:41.747
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:41.238
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:40.792
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2015-05-11 16:41:40.357
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
    Percentage of memory in use: 56%
    Total physical RAM: 8109.46 MB
    Available physical RAM: 3560.18 MB
    Total Virtual: 9389.46 MB
    Available Virtual: 5703.79 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:68.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:292.15 GB) NTFS
    Drive e: (IRM_CCSA_X64FRE_PT-BR_DV5) (CDROM) (Total:3.63 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 698.6 GB) (Disk ID: C3A6C1AE)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 1 (Size: 21 GB) (Disk ID: D6E8B622)

    Partition: GPT Partition Type.

    ==================== End of log ============================
    FRST.txt


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
    Ran by Vinícius (administrator) on VINICIUS-ULTRA (31-07-2015 10:12:00)
    Running from C:\Users\Vinícius\Downloads
    Loaded Profiles: Vinícius & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MsDtsServer120 & MSSQLSERVER (Available Profiles: Vinícius & SQL Server Distributed Replay Controller & MSSQLServerOLAPService & ReportServer & SQL Server Distributed Replay Client & MSSQLFDLauncher & SQLSERVERAGENT & MsDtsServer120 & MSSQLSERVER)
    Platform: Windows 8.1 Pro (X64) Language: Português (Brasil)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
    (Microsoft Corporation) C:\Windows\System32\vmms.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\wscript.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\odscanui.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Corporation) C:\Windows\System32\sfc.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
    HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-06] (Bitdefender)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\Run: [Google Update] => C:\Users\Vinícius\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-02-03] (Google Inc.)
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\Run: [Agente da Carteira Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
    AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
    Startup: C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk [2015-05-21]
    ShortcutTarget: Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    URLSearchHook: [S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Carteira Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-09] (Qualcomm Atheros Commnucations)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
    BHO-x32: Carteira Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
    BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
    Toolbar: HKLM - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
    Toolbar: HKLM-x32 - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
    DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/...?1433444180853
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-04-14] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
    Tcpip\..\Interfaces\{0D9342D2-2B81-45D6-B6D7-301E403DB6C5}: [DhcpNameServer] 200.222.123.101 200.165.132.154 192.168.0.1
    Tcpip\..\Interfaces\{3A888CAE-C57E-44D3-A67E-A01CE9A7346C}: [DhcpNameServer] 200.222.123.101 200.165.132.154 192.168.0.1
    Tcpip\..\Interfaces\{E1F8E88B-CB69-4DC9-AEF1-BB440694ED10}: [DhcpNameServer] 192.168.25.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
    FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Vinícius\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-19] (Citrix Online)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @ibm.cognos.com/InsightProvagentPlugin,version=1 -> C:\Users\Vinícius\AppData\Local\Programs\IBM\Cognos Insight\npinsightpa.dll [2013-07-31] (IBM)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @ibm.cognos.com/PerfmodelerProvagentPlugin,version=1 -> C:\Users\Vinícius\AppData\Roaming\IBM\Cognos Performance Modeler\npperfmodelerpa.dll [2013-07-31] (IBM)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vinícius\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Vinícius\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Vinícius\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: gastecnologia.com.br/sf/uni -> C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-12-01] (GAS Tecnologia)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF SearchPlugin: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\searchplugins\flickr.xml [2015-05-13]
    FF SearchPlugin: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\searchplugins\opensubtitles.xml [2015-07-07]
    FF SearchPlugin: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\searchplugins\secure-torrentz-search.xml [2014-11-27]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2014-08-05]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2014-08-05]
    FF Extension: Tabs Always In Titlebar - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\TabsAlwaysInTitlebar@SoapyBrew.xpi [2014-11-27]
    FF Extension: Thumbnail Zoom Plus - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-11-27]
    FF Extension: Google Translator for Firefox - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\translator@zoli.bod.xpi [2014-11-27]
    FF Extension: Microsoft .NET Framework Assistant - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-11-27]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
    FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-05-22]
    FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-05-22]
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
    FF HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
    FF Extension: Guardião - Itaú 30 horas - C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-12-01]

    Chrome:
    =======
    CHR Profile: C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Cast) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-05-03]
    CHR Extension: (Bitdefender Wallet) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-05-22]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
    CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
    S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations) [File not signed]
    S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
    S4 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-05-12] (Apple Inc.) [File not signed]
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-15] (Microsoft Corporation)
    S4 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
    S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
    S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
    S4 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
    S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
    R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [216768 2015-06-09] (Microsoft Corporation)
    R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
    R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2015-06-09] (Microsoft Corporation)
    R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe [51156160 2015-04-20] (Microsoft Corporation)
    S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
    S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
    S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-28] (Electronic Arts)
    S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
    S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
    R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-20] (Microsoft Corporation)
    S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [139968 2014-02-21] (Microsoft Corporation)
    S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [345280 2014-02-21] (Microsoft Corporation)
    S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-09] (Microsoft Corporation)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
    R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
    S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-12] (Bitdefender)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
    S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros) [File not signed]
    S2 jedyhusi; No ImagePath
    S2 riqeneho; No ImagePath

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4282904 2015-05-12] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
    R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
    R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
    S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
    R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
    S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2015-06-16] (BitDefender SRL)
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
    S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
    S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
    R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
    R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
    R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
    S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
    R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
    R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
    R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
    R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
    R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68952 2015-05-11] (Microsoft Corporation)
    R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
    S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-03-15] (Microsoft Corporation)
    S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-28] (Microsoft Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-03-15] (Microsoft Corporation)
    S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-03-15] (Microsoft Corporation)
    S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
    R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
    S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)
    R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
    S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
    S2 BDDefense; \??\C:\WINDOWS\system32\drivers\BDDefense.sys [X]
    S2 BDMNetMon; system32\DRIVERS\BDMNetMon.sys [X]
    S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
    S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
    S3 MotDev; \SystemRoot\system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
    S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
    S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-31 10:12 - 2015-07-31 10:12 - 00032415 _____ C:\Users\Vinícius\Downloads\FRST.txt
    2015-07-31 10:11 - 2015-07-31 10:12 - 00000000 ____D C:\FRST
    2015-07-31 10:11 - 2015-07-31 10:11 - 02168832 _____ (Farbar) C:\Users\Vinícius\Downloads\FRST64.exe
    2015-07-31 10:10 - 2015-07-31 10:11 - 00852684 _____ C:\Users\Vinícius\Downloads\SecurityCheck.exe
    2015-07-31 10:05 - 2015-07-31 10:06 - 00000000 ___HD C:\$Windows.~BT
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000020 ___SH C:\Users\TEMP.NT Service.005\ntuser.ini
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Modelos
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Meus Documentos
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Menu Iniciar
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Documents\Minhas Músicas
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Documents\Minhas Imagens
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Documents\Meus Vídeos
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Dados de Aplicativos
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Configurações Locais
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\AppData\Local\Histórico
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\AppData\Local\Dados de Aplicativos
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Ambiente de Rede
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 _SHDL C:\Users\TEMP.NT Service.005\Ambiente de Impressão
    2015-07-31 09:46 - 2015-07-31 09:46 - 00000000 ____D C:\Users\TEMP.NT Service.005
    2015-07-31 09:46 - 2015-03-11 18:26 - 00000000 ___RD C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-07-31 09:46 - 2015-01-07 20:59 - 00000000 ___RD C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-07-31 09:46 - 2015-01-07 20:59 - 00000000 ___RD C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-07-31 09:46 - 2014-10-30 11:59 - 00000000 ____D C:\Users\TEMP.NT Service.005\Documents\Visual Studio 2010
    2015-07-31 09:46 - 2014-08-20 13:37 - 00000000 ____D C:\Users\TEMP.NT Service.005\Documents\Visual Studio 2013
    2015-07-31 09:46 - 2014-07-18 13:55 - 00000000 ____D C:\Users\TEMP.NT Service.005\Documents\Visual Studio 2012
    2015-07-31 09:46 - 2014-03-15 19:03 - 00000000 ____D C:\Users\TEMP.NT Service.005\AppData\Local\Microsoft Help
    2015-07-31 09:46 - 2014-02-22 01:37 - 00000369 _____ C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2015-07-31 09:46 - 2014-02-22 01:37 - 00000369 _____ C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2015-07-31 09:46 - 2013-08-22 12:36 - 00000000 ____D C:\Users\TEMP.NT Service.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-07-30 23:15 - 2015-07-30 23:19 - 00000156 _____ C:\WINDOWS\Reimage.ini
    2015-07-30 23:15 - 2015-07-30 23:15 - 00772016 _____ (Reimage®) C:\Users\Vinícius\Downloads\ReimageRepair.exe
    2015-07-30 22:24 - 2015-07-30 22:24 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
    2015-07-30 22:23 - 2015-07-30 22:23 - 00379392 _____ C:\Users\Vinícius\Downloads\subinacl.msi
    2015-07-30 19:12 - 2015-07-30 19:30 - 00000000 _____ C:\Recovery.txt
    2015-07-30 18:50 - 2015-07-30 18:50 - 00000048 _____ C:\WINDOWS\56B137A44E3CC9FC.log
    2015-07-30 18:48 - 2015-07-30 18:49 - 00000000 ____D C:\Users\Todos os Usuários\Elaborate Bytes
    2015-07-30 18:48 - 2015-07-30 18:49 - 00000000 ____D C:\ProgramData\Elaborate Bytes
    2015-07-30 18:48 - 2015-07-30 18:48 - 05262920 _____ C:\Users\Vinícius\Downloads\SetupCloneDVD2933.exe
    2015-07-30 18:48 - 2015-07-30 18:48 - 00000085 ___SH C:\Users\Todos os Usuários\.zreglib
    2015-07-30 18:48 - 2015-07-30 18:48 - 00000085 ___SH C:\ProgramData\.zreglib
    2015-07-30 17:27 - 2015-07-30 19:40 - 00000000 ____D C:\Users\Vinícius\AppData\Local\niemiro
    2015-07-30 16:50 - 2015-07-30 19:40 - 00000000 ____D C:\SFCFix
    2015-07-30 15:47 - 2015-07-31 00:41 - 00000000 ____D C:\WINDOWS\system32\catroot2.old2
    2015-07-30 14:21 - 2015-07-31 08:21 - 00081168 _____ C:\WINDOWS\PFRO.log
    2015-07-30 09:58 - 2015-06-12 14:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-07-30 09:58 - 2015-06-12 13:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-07-30 09:57 - 2015-07-14 18:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2015-07-30 09:57 - 2015-07-14 18:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
    2015-07-30 09:57 - 2015-07-14 18:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
    2015-07-30 09:57 - 2015-06-11 17:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2015-07-30 09:57 - 2015-06-11 17:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2015-07-30 09:57 - 2015-06-09 15:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2015-07-30 09:57 - 2015-05-11 21:24 - 01423192 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2015-07-30 09:57 - 2015-05-11 21:24 - 01390936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2015-07-30 09:57 - 2015-05-11 21:24 - 01380184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2015-07-30 09:57 - 2015-05-11 21:24 - 01264472 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2015-07-30 09:57 - 2015-05-11 21:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2015-07-30 09:57 - 2015-05-11 21:24 - 00068952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2015-07-30 09:57 - 2015-05-11 21:24 - 00019800 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
    2015-07-30 09:57 - 2015-04-30 22:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2015-07-30 09:57 - 2015-04-30 22:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2015-07-30 09:57 - 2015-04-30 22:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2015-07-30 09:56 - 2015-06-09 19:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2015-07-30 09:56 - 2015-06-09 19:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2015-07-30 09:56 - 2015-06-09 19:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2015-07-30 09:15 - 2015-07-30 09:15 - 00000000 ____D C:\Users\Vinícius\AppData\Local\CEF
    2015-07-30 08:29 - 2015-07-31 09:46 - 00000739 _____ C:\WINDOWS\setupact.log
    2015-07-30 08:29 - 2015-07-30 19:02 - 00000000 _____ C:\WINDOWS\setuperr.log
    2015-07-30 08:28 - 2015-07-31 00:27 - 00595264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-07-29 21:38 - 2015-07-29 21:38 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
    2015-07-29 21:38 - 2015-07-29 21:38 - 00000000 ____D C:\WINDOWS\system32\NV
    2015-07-29 15:10 - 2015-07-25 10:34 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 42730128 _____ C:\WINDOWS\system32\nvcompiler.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 30487880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 22950544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 16151688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 15892200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 15129192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 14503880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 13268712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 11836680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 11055248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
    2015-07-29 14:45 - 2015-07-23 01:06 - 03008880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 02933576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 02600592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
    2015-07-27 14:52 - 2015-07-27 14:52 - 00003518 _____ C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
    2015-07-27 14:52 - 2015-07-27 14:52 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-07-21 09:05 - 2015-07-14 11:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-07-21 09:05 - 2015-07-14 11:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-07-21 09:05 - 2015-07-14 11:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-07-21 09:05 - 2015-07-14 11:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-07-19 20:22 - 2015-07-19 20:22 - 00000000 _____ C:\WINDOWS\SysWOW64\REN57E8.tmp
    2015-07-14 15:47 - 2015-05-02 21:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2015-07-14 15:47 - 2015-04-29 20:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
    2015-07-14 15:46 - 2015-06-29 19:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2015-07-14 15:46 - 2015-06-29 12:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2015-07-14 15:46 - 2015-06-29 12:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2015-07-14 15:46 - 2015-06-29 12:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2015-07-14 15:46 - 2015-06-29 12:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-07-14 15:46 - 2015-06-26 20:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2015-07-14 15:46 - 2015-06-26 20:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2015-07-14 15:46 - 2015-05-12 10:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2015-07-14 15:46 - 2015-05-11 13:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
    2015-07-14 15:46 - 2015-05-07 14:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-07-14 15:46 - 2015-05-07 14:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2015-07-14 15:46 - 2015-05-07 13:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-07-14 15:46 - 2015-05-07 13:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2015-07-14 15:46 - 2015-05-07 12:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
    2015-07-14 15:46 - 2015-05-07 12:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
    2015-07-14 15:46 - 2015-05-03 12:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-14 15:46 - 2015-05-03 12:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2015-07-14 15:46 - 2015-05-03 11:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-14 15:46 - 2015-05-03 11:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2015-07-14 15:46 - 2015-05-03 11:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2015-07-14 15:46 - 2015-05-03 11:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2015-07-14 15:46 - 2015-04-28 10:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
    2015-07-14 15:46 - 2015-04-28 10:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
    2015-07-14 15:46 - 2015-04-24 23:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
    2015-07-14 15:46 - 2015-04-23 12:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2015-07-14 15:46 - 2015-04-23 12:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2015-07-14 15:44 - 2015-07-09 16:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2015-07-14 15:44 - 2015-07-09 15:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
    2015-07-14 15:44 - 2015-07-09 13:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-07-14 15:44 - 2015-07-09 12:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
    2015-07-14 15:44 - 2015-07-09 12:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
    2015-07-14 15:44 - 2015-07-09 12:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
    2015-07-14 15:44 - 2015-07-09 12:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2015-07-14 15:44 - 2015-07-09 12:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-07-14 15:44 - 2015-07-09 12:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
    2015-07-14 15:44 - 2015-07-09 12:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
    2015-07-14 15:44 - 2015-07-09 12:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
    2015-07-14 15:44 - 2015-07-09 12:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2015-07-14 15:44 - 2015-07-09 12:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-07-14 15:44 - 2015-06-28 02:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2015-07-14 15:44 - 2015-06-28 02:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2015-07-14 15:44 - 2015-06-28 02:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2015-07-14 15:44 - 2015-06-28 02:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2015-07-14 15:44 - 2015-06-27 13:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2015-07-14 15:44 - 2015-06-27 00:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2015-07-14 15:44 - 2015-06-27 00:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2015-07-14 15:44 - 2015-06-27 00:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2015-07-14 15:44 - 2015-06-27 00:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2015-07-14 15:44 - 2015-06-27 00:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2015-07-14 15:44 - 2015-06-26 23:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2015-07-14 15:44 - 2015-06-26 23:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2015-07-14 15:44 - 2015-06-26 23:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2015-07-14 15:44 - 2015-06-26 23:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-07-14 15:44 - 2015-06-26 22:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2015-07-14 15:44 - 2015-06-26 22:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-07-14 15:44 - 2015-06-24 23:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2015-07-14 15:44 - 2015-06-15 19:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    2015-07-14 15:44 - 2015-06-15 19:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2015-07-14 15:44 - 2015-06-15 18:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
    2015-07-14 15:44 - 2015-06-15 18:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2015-07-14 15:44 - 2015-06-15 17:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-07-14 15:44 - 2015-06-15 16:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2015-07-14 15:44 - 2015-05-30 18:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2015-07-14 15:44 - 2015-05-30 16:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-07-14 15:44 - 2015-05-30 16:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-07-14 15:44 - 2015-03-08 21:25 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmickvpexchange.dll
    2015-07-14 15:44 - 2015-03-08 21:24 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicguestinterface.dll
    2015-07-14 15:44 - 2015-03-08 21:23 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicshutdown.dll
    2015-07-14 15:44 - 2015-03-08 21:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimesync.dll
    2015-07-14 15:44 - 2015-03-08 21:22 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicheartbeat.dll
    2015-07-14 15:44 - 2015-03-08 21:21 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicvss.dll
    2015-07-14 15:44 - 2015-03-08 21:20 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicrdv.dll
    2015-07-14 15:43 - 2015-07-02 18:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-07-14 15:43 - 2015-07-02 17:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-07-14 15:43 - 2015-07-02 17:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-07-14 15:43 - 2015-07-02 17:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-07-14 15:43 - 2015-07-02 17:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-07-14 15:43 - 2015-07-02 16:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-07-14 15:43 - 2015-07-02 16:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-07-14 15:43 - 2015-07-02 15:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-07-14 15:43 - 2015-07-01 19:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-07-14 15:43 - 2015-07-01 18:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-07-14 15:43 - 2015-03-08 23:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
    2015-07-14 15:42 - 2015-06-16 02:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2015-07-14 15:42 - 2015-06-16 02:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2015-07-14 15:42 - 2015-06-15 19:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-07-14 15:42 - 2015-06-15 19:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2015-07-14 15:42 - 2015-06-15 19:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2015-07-14 15:42 - 2015-06-15 19:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-07-14 15:42 - 2015-06-15 19:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
    2015-07-14 15:42 - 2015-06-15 18:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
    2015-07-14 15:42 - 2015-06-15 18:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2015-07-14 15:42 - 2015-06-15 18:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2015-07-14 15:42 - 2015-06-15 18:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2015-07-14 15:42 - 2015-06-15 18:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2015-07-14 15:42 - 2015-06-15 18:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2015-07-14 15:42 - 2015-06-15 18:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2015-07-14 15:42 - 2015-06-15 18:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2015-07-14 15:42 - 2015-06-15 18:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2015-07-14 15:42 - 2015-06-15 18:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-07-14 15:42 - 2015-06-15 18:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-07-14 15:42 - 2015-06-15 18:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2015-07-14 15:42 - 2015-06-15 18:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
    2015-07-14 15:42 - 2015-06-15 18:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-07-14 15:42 - 2015-06-15 17:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2015-07-14 15:42 - 2015-06-15 17:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
    2015-07-14 15:42 - 2015-06-15 17:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
    2015-07-14 15:42 - 2015-06-15 17:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2015-07-14 15:42 - 2015-06-15 17:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2015-07-14 15:42 - 2015-06-15 17:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2015-07-14 15:42 - 2015-06-15 17:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2015-07-14 15:42 - 2015-06-15 17:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2015-07-14 15:42 - 2015-06-15 17:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2015-07-14 15:42 - 2015-06-15 17:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2015-07-14 15:42 - 2015-06-15 17:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2015-07-14 15:42 - 2015-06-15 17:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2015-07-14 15:42 - 2015-06-15 17:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-07-14 15:42 - 2015-06-15 17:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2015-07-14 15:42 - 2015-06-11 00:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2015-07-14 15:42 - 2015-06-10 13:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2015-07-14 15:42 - 2015-05-07 13:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
    2015-07-03 10:49 - 2015-07-09 10:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-07-02 13:32 - 2015-07-02 13:32 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\java

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-31 10:11 - 2015-05-20 14:09 - 01608211 _____ C:\WINDOWS\WindowsUpdate.log
    2015-07-31 10:11 - 2014-03-14 19:16 - 00000000 ___DC C:\WINDOWS\Panther
    2015-07-31 10:01 - 2014-04-02 22:58 - 00005038 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VINICIUS-ULTRA-Vinícius Vinicius-Ultra
    2015-07-31 10:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-07-31 09:50 - 2014-03-15 08:06 - 00000000 ___DO C:\Users\Vinícius\SkyDrive
    2015-07-31 09:49 - 2015-03-27 14:02 - 00000000 ____D C:\Users\Vinícius\Documents\Arquivos do Outlook
    2015-07-31 09:49 - 2014-03-15 15:33 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-31 09:49 - 2014-03-14 03:52 - 00000408 _____ C:\Users\Vinícius\AppData\Roaming\sp_data.sys
    2015-07-31 09:48 - 2014-03-15 18:11 - 27590656 _____ C:\WINDOWS\system32\vmguest.iso
    2015-07-31 09:46 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-07-31 09:29 - 2015-02-03 22:09 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA.job
    2015-07-31 09:29 - 2014-03-15 15:33 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-31 09:18 - 2014-04-12 06:22 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-07-31 08:32 - 2015-05-03 09:20 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203197593-2648915773-4125324600-1002
    2015-07-31 08:26 - 2014-03-15 13:56 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{684F638A-01A2-41DE-84F0-52307E662A4B}
    2015-07-31 00:00 - 2014-03-14 19:24 - 00000000 ____D C:\Users\Vinícius
    2015-07-30 22:46 - 2014-03-23 10:52 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\TeamViewer
    2015-07-30 22:39 - 2014-04-20 10:34 - 00000970 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA.job
    2015-07-30 19:05 - 2014-03-14 19:24 - 00001908 _____ C:\WINDOWS\diagwrn.xml
    2015-07-30 19:05 - 2014-03-14 19:24 - 00001908 _____ C:\WINDOWS\diagerr.xml
    2015-07-30 18:48 - 2015-05-01 18:07 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
    2015-07-30 18:04 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-07-30 17:53 - 2013-11-14 04:29 - 02372490 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-07-30 17:53 - 2013-11-14 04:13 - 00989242 _____ C:\WINDOWS\system32\prfh0416.dat
    2015-07-30 17:53 - 2013-11-14 04:13 - 00253936 _____ C:\WINDOWS\system32\prfc0416.dat
    2015-07-30 14:29 - 2015-02-03 22:09 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core.job
    2015-07-30 13:40 - 2014-07-09 11:38 - 00000000 ____D C:\Temp
    2015-07-30 13:37 - 2015-05-02 12:48 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\Skype
    2015-07-30 13:24 - 2015-06-11 09:30 - 00000000 ____D C:\Users\Vinícius\Desktop\MRV - DP
    2015-07-30 10:39 - 2014-04-20 10:34 - 00000948 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core.job
    2015-07-30 09:15 - 2014-08-05 22:46 - 00000000 ____D C:\Program Files (x86)\Steam
    2015-07-30 08:23 - 2014-06-27 16:58 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\XnView
    2015-07-30 08:23 - 2014-03-15 16:25 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\MPC-HC
    2015-07-30 08:23 - 2014-03-15 15:45 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\uTorrent
    2015-07-30 08:20 - 2015-05-20 13:23 - 00000000 ____D C:\Program Files\CCleaner
    2015-07-29 22:51 - 2014-03-23 10:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2015-07-29 21:38 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2015-07-29 19:38 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-07-29 16:40 - 2014-03-14 03:50 - 00000000 ____D C:\Users\Vinícius\AppData\Local\Packages
    2015-07-29 14:49 - 2014-03-15 06:34 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
    2015-07-29 14:49 - 2014-03-15 06:34 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-07-29 14:49 - 2014-03-15 06:33 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
    2015-07-29 14:49 - 2014-03-15 06:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-07-29 14:44 - 2014-12-10 00:10 - 00000000 __SHD C:\Users\Vinícius\AppData\Local\EmieBrowserModeList
    2015-07-29 14:44 - 2014-04-26 15:49 - 00000000 __SHD C:\Users\Vinícius\AppData\Local\EmieUserList
    2015-07-29 14:44 - 2014-04-26 15:49 - 00000000 __SHD C:\Users\Vinícius\AppData\Local\EmieSiteList
    2015-07-27 14:10 - 2015-05-13 09:12 - 00000000 ___RD C:\Users\Vinícius\OneDrive
    2015-07-27 14:10 - 2014-04-02 22:58 - 00003114 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3203197593-2648915773-4125324600-1002
    2015-07-25 12:24 - 2015-04-05 10:29 - 00000000 ___SD C:\WINDOWS\system32\GWX
    2015-07-23 17:12 - 2014-04-17 13:21 - 00000000 ____D C:\Users\Vinícius\AppData\Local\CutePDF Writer
    2015-07-23 01:06 - 2015-05-31 21:58 - 17615408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 12876336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 01101856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 00940104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
    2015-07-23 01:06 - 2014-11-18 22:04 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
    2015-07-23 01:06 - 2014-03-15 06:31 - 03407144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
    2015-07-22 22:31 - 2014-03-15 06:34 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2015-07-21 11:21 - 2014-03-14 03:50 - 00000000 ____D C:\Users\Vinícius\AppData\Local\VirtualStore
    2015-07-20 11:16 - 2014-03-15 06:34 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
    2015-07-20 09:42 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
    2015-07-19 20:23 - 2014-03-15 15:21 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
    2015-07-19 20:23 - 2014-03-15 15:21 - 00000000 ____D C:\ProgramData\Oracle
    2015-07-19 20:22 - 2015-06-01 10:50 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
    2015-07-19 20:22 - 2014-04-01 16:53 - 00000000 ____D C:\Program Files\Java
    2015-07-19 20:22 - 2014-03-15 15:20 - 00000000 ____D C:\Program Files (x86)\Java
    2015-07-18 10:06 - 2014-12-23 17:25 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-07-18 10:06 - 2014-07-11 00:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2015-07-18 10:06 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
    2015-07-18 10:06 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\WinStore
    2015-07-18 10:06 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2015-07-17 21:02 - 2014-03-15 13:20 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
    2015-07-17 21:02 - 2014-03-15 13:20 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-07-17 20:59 - 2015-05-02 17:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-07-16 19:24 - 2015-05-15 09:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-07-16 19:24 - 2014-12-23 21:54 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-07-16 15:33 - 2014-03-15 08:02 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-07-16 15:26 - 2015-04-05 10:29 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
    2015-07-16 14:24 - 2015-02-03 22:09 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA
    2015-07-16 14:24 - 2015-02-03 22:09 - 00003692 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core
    2015-07-16 14:23 - 2014-03-15 15:33 - 00004068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-16 14:23 - 2014-03-15 15:33 - 00003832 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-16 14:18 - 2014-04-12 06:22 - 00003790 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-07-14 17:25 - 2014-10-29 09:35 - 00000000 ____D C:\Users\MSSQLFDLauncher
    2015-07-14 17:23 - 2014-10-29 09:38 - 00000000 ____D C:\Users\MsDtsServer120
    2015-07-14 17:23 - 2014-10-29 09:34 - 00000000 ____D C:\Users\MSSQLSERVER
    2015-07-14 15:41 - 2013-08-22 10:25 - 00000269 _____ C:\WINDOWS\win.ini
    2015-07-14 15:34 - 2014-03-15 12:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server
    2015-07-14 15:34 - 2014-03-15 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
    2015-07-13 18:10 - 2015-03-11 17:51 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-07-13 18:10 - 2015-03-11 17:51 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-07-13 12:45 - 2015-05-02 12:48 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-07-13 12:45 - 2015-05-02 12:47 - 00000000 ____D C:\Users\Todos os Usuários\Skype
    2015-07-13 12:45 - 2015-05-02 12:47 - 00000000 ____D C:\ProgramData\Skype
    2015-07-11 17:48 - 2014-12-09 13:44 - 00450048 ___SH C:\Users\Vinícius\Desktop\Thumbs.db
    2015-07-09 10:12 - 2014-03-31 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-07-03 08:43 - 2014-03-15 08:02 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-07-02 15:51 - 2015-03-23 11:54 - 00002286 ____H C:\Users\Vinícius\Documents\Default.rdp
    2015-07-02 13:31 - 2015-06-02 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astah Professional
    2015-07-02 13:31 - 2014-10-04 20:38 - 00000000 ____D C:\Program Files\astah-professional

    ==================== Files in the root of some directories =======

    2015-05-06 20:51 - 2015-05-06 20:51 - 0000021 _____ () C:\Users\Vinícius\AppData\Roaming\my_intel.sys
    2014-03-14 03:52 - 2015-07-31 09:49 - 0000408 _____ () C:\Users\Vinícius\AppData\Roaming\sp_data.sys
    2014-07-10 17:55 - 2014-07-10 17:55 - 0017167 _____ () C:\Users\Vinícius\AppData\Roaming\unins000.dat
    2014-07-10 17:55 - 2014-07-10 17:55 - 0720082 _____ () C:\Users\Vinícius\AppData\Roaming\unins000.exe
    2015-05-25 10:14 - 2015-05-25 19:40 - 0007662 _____ () C:\Users\Vinícius\AppData\Local\resmon.resmoncfg
    2014-05-24 23:59 - 2014-05-24 23:59 - 0000000 _____ () C:\Users\Vinícius\AppData\Local\{44FE08F3-2592-41A1-91DA-7CC7315C9D59}
    2014-06-11 23:56 - 2014-06-11 23:56 - 0000000 _____ () C:\Users\Vinícius\AppData\Local\{5EA8D961-C6A7-4C78-A9E6-6BA89D1FCC3F}
    2014-05-24 00:01 - 2014-05-24 00:01 - 0000000 _____ () C:\Users\Vinícius\AppData\Local\{ABF82394-A884-4150-A0A8-475F82D21D6A}
    2015-07-30 18:48 - 2015-07-30 18:48 - 0000085 ___SH () C:\ProgramData\.zreglib
    2015-05-22 12:21 - 2015-05-22 12:21 - 0595099 _____ () C:\ProgramData\1432307702.bdinstall.bin
    2015-02-19 08:04 - 2015-02-19 08:04 - 0000057 _____ () C:\ProgramData\Ament.ini
    2012-12-19 12:11 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2012-12-19 12:11 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2012-12-19 12:11 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

    Files to move or delete:
    ====================
    C:\ProgramData\SetStretch.VBS
    C:\Users\Todos os Usuários\SetStretch.VBS


    Some files in TEMP:
    ====================
    C:\Users\Vinícius\AppData\Local\Temp\ReimagePackage.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-07-30 08:39

    ==================== End of log ============================
    checkup.txt

    Results of screen317's Security Check version 1.006
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Bitdefender Antiv¡rus
    Windows Defender
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java 8 Update 51
    Visual Studio Extensions for Windows Library for JavaScript
    Adobe Flash Player 18.0.0.209
    Adobe Reader XI
    Mozilla Firefox (39.0)
    Google Chrome (44.0.2403.125)
    Google Chrome (44.0.2403.89)
    ````````Process Check: objlist.exe by Laurent````````
    Bitdefender Bitdefender 2015 vsserv.exe
    Bitdefender Bitdefender 2015 updatesrv.exe
    Bitdefender Bitdefender 2015 bdagent.exe
    Bitdefender Bitdefender 2015 bdwtxag.exe
    Bitdefender Bitdefender 2015 odscanui.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````


    report.txt:

    <DiagReport>
    <LicensingData>
    <ToolVersion>6.3.9600.16384</ToolVersion>
    <LicensingStatus>SL_LICENSING_STATUS_LICENSED</LicensingStatus>
    <LicensingStatusReason>0x00000000</LicensingStatusReason>
    <LocalGenuineState>SL_GEN_STATE_IS_GENUINE</LocalGenuineState>
    <LocalGenuineResultP>1</LocalGenuineResultP>
    <LastOnlineGenuineResult>0x00000000</LastOnlineGenuineResult>
    <GraceTimeMinutes>0</GraceTimeMinutes>
    <TotalGraceDays>0</TotalGraceDays>
    <ValidityExpiration></ValidityExpiration>
    <ActivePartialProductKey>B949V</ActivePartialProductKey>
    <ActiveProductKeyPid2>00178-10327-47558-AA071</ActiveProductKeyPid2>
    <OSVersion>6.3.9600.2.00010100.0.0.048</OSVersion>
    <ProductName>Windows 8.1 Pro</ProductName>
    <ProcessorArchitecture>x64</ProcessorArchitecture>
    <EditionId>Professional</EditionId>
    <BuildLab>9600.winblue_r9.150322-1500</BuildLab>
    <TimeZone>Hora oficial do Brasil(GMT-03:00)</TimeZone>
    <ActiveSkuId>9e473b6d-b591-4c46-9c44-90a865f22e76</ActiveSkuId>
    <ActiveSkuDescription>Windows(R) Operating System, RETAIL channel</ActiveSkuDescription>
    <ProductUniquenessGroups>55c92734-d682-4d71-983e-d6ec3f16059f</ProductUniquenessGroups>
    <ActiveProductKeyPKeyId>8201c7bd-1a77-abc9-c79a-5917c84b57fd</ActiveProductKeyPKeyId>
    <ActiveProductKeyPidEx>06401-01781-032-747558-00-1046-9600.0000-0732014</ActiveProductKeyPidEx>
    <ActiveProductKeyChannel>Retail</ActiveProductKeyChannel>
    <ActiveVolumeCustomerPid></ActiveVolumeCustomerPid>
    <OfflineInstallationId>224091098582767569622275792688252209734925946913612684562201600</OfflineInstallationId>
    <DomainJoined>false</DomainJoined>
    <ComputerSid>S-1-5-21-3203197593-2648915773-4125324600</ComputerSid>
    <ProductLCID>1046</ProductLCID>
    <UserLCID>1046</UserLCID>
    <SystemLCID>1046</SystemLCID>
    <CodeSigning>SIGNED_INFO_PRS_SIGNED</CodeSigning>
    <ServiceAvailable>true</ServiceAvailable>
    <OemMarkerVersion></OemMarkerVersion>
    <OemId></OemId>
    <OemTableId></OemTableId>
    <Manufacturer>ASUSTeK COMPUTER INC.</Manufacturer>
    <Model>K46CM</Model>
    <InstallDate>20140315080036.000000-180</InstallDate>
    </LicensingData>
    <HealthCheck>
    <Result>PASS</Result>
    <TamperedItems></TamperedItems>
    </HealthCheck>
    <GenuineAuthz>
    <ServerProps>GenuineId=55c92734-d682-4d71-983e-d6ec3f16059f;OemId=A264;OptionalInfoId=pZjZ2ONpTePpyYPjcYRSW91t5ma2ricb2aq7ZllAZ2aO4Uap78bnr7sg6ZcAWLPd;Pid=Qzd4cu5+SR2F+8KA+Dr7uCGFeKItp1Suup6XWiOUi7E=;SkuId=9e473b6d-b591-4c46-9c44-90a865f22e76;TimeStampServer=2014-03-15T17:35:04Z;</ServerProps>
    </GenuineAuthz>
    </DiagReport>


  4. #4
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Thank you.

    1. Do you really need all of these versions of Java? If needed for your work, that's fine. Otherwise, I would remove everything except Java8 Update 51, either x32 or x64. Oracle generally only provides security updates quarterly and those vulnerable versions can be used by malware.

    Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) - keep and remove the rest
    Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
    Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
    Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
    Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)

    2. µTorrent -- P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. With P2P file sharing, what means do you have of identifying or authenticating the source of the download? In addition, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with good files. I strongly advise you to uninstall µTorrent.

    3. Please do the following to run FRST:

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Open Notepad (Start =>All Programs => Accessories => Notepad).
    • Copy/Paste the entire contents of the code box below into Notepad.
    Code:
    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    URLSearchHook: [S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
    S2 jedyhusi; No ImagePath
    S2 riqeneho; No ImagePath
    S2 BDDefense; \??\C:\WINDOWS\system32\drivers\BDDefense.sys [X]
    S2 BDMNetMon; system32\DRIVERS\BDMNetMon.sys [X]
    S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
    S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
    S3 MotDev; \SystemRoot\system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
    S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
    S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]
    2015-07-19 20:22 - 2015-07-19 20:22 - 00000000 _____ C:\WINDOWS\SysWOW64\REN57E8.tmp
    2015-07-30 18:48 - 2015-07-30 18:48 - 0000085 ___SH () C:\ProgramData\.zreglib
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    EmptyTemp:
    end
    • Click Format and ensure Wordwrap is unchecked.
    • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
      • Press the Fix button once and wait.
      • FRST will process fixlist.txt
      • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
      • Please post the log in your next reply.


    4. Please download Adware Cleaner by Xplode. Please save it to your desktop!
    • Close all open programs and internet browsers.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • After the scan has finished, click the Logfile button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  5. #5

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Deleted by me
    Last edited by xistose; 08-03-2015 at 02:07 PM. Reason: I comited a mistake and need to delete the post

  6. #6

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Hi Corrine,

    I really need this versions of Java.

    I did uninstall µTorrent.

    And these are the logs generated after the execution of the procedures recomended by you:

    fixlog.txt

    Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
    Ran by Vinícius (2015-08-03 14:32:47) Run:1
    Running from C:\Users\Vinícius\Downloads
    Loaded Profiles: Vinícius & MSSQLServerOLAPService & ReportServer & MSSQLFDLauncher & MsDtsServer120 & MSSQLSERVER (Available Profiles: Vinícius & SQL Server Distributed Replay Controller & MSSQLServerOLAPService & ReportServer & SQL Server Distributed Replay Client & MSSQLFDLauncher & SQLSERVERAGENT & MsDtsServer120 & MSSQLSERVER)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    URLSearchHook: [S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339] ATTENTION ==> Default URLSearchHook is missing
    URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
    S2 jedyhusi; No ImagePath
    S2 riqeneho; No ImagePath
    S2 BDDefense; \??\C:\WINDOWS\system32\drivers\BDDefense.sys [X]
    S2 BDMNetMon; system32\DRIVERS\BDMNetMon.sys [X]
    S3 BTCFilterService; \SystemRoot\system32\DRIVERS\motfilt.sys [X]
    S3 motccgp; \SystemRoot\System32\drivers\motccgp.sys [X]
    S3 MotDev; \SystemRoot\system32\DRIVERS\motodrv.sys [X]
    S3 motmodem; \SystemRoot\system32\DRIVERS\motmodem.sys [X]
    S3 MotoSwitchService; \SystemRoot\System32\drivers\motswch.sys [X]
    S3 Motousbnet; \SystemRoot\system32\DRIVERS\Motousbnet.sys [X]
    S3 motusbdevice; \SystemRoot\System32\drivers\motusbdevice.sys [X]
    2015-07-19 20:22 - 2015-07-19 20:22 - 00000000 _____ C:\WINDOWS\SysWOW64\REN57E8.tmp
    2015-07-30 18:48 - 2015-07-30 18:48 - 0000085 ___SH () C:\ProgramData\.zreglib
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    EmptyTemp:
    end
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
    HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
    HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
    HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
    HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
    HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
    HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
    C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
    C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
    C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
    "HKLM\SOFTWARE\Policies\Google" => key removed successfully
    Could not restore Default URLSearchHook.
    Could not restore Default URLSearchHook.
    Could not restore Default URLSearchHook.
    Could not restore Default URLSearchHook.
    Could not restore Default URLSearchHook.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
    HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
    HKU\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
    HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    "HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin" => key removed successfully
    jedyhusi => service removed successfully
    riqeneho => service removed successfully
    BDDefense => service removed successfully
    BDMNetMon => service removed successfully
    BTCFilterService => service removed successfully
    motccgp => service removed successfully
    MotDev => service removed successfully
    motmodem => service removed successfully
    MotoSwitchService => service removed successfully
    Motousbnet => service removed successfully
    motusbdevice => service removed successfully
    C:\WINDOWS\SysWOW64\REN57E8.tmp => moved successfully.
    C:\ProgramData\.zreglib => moved successfully.
    "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
    "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully
    EmptyTemp: => 918 MB temporary data Removed.


    The system needed a reboot..

    ==== End of Fixlog 14:35:31 ====
    adwcleaner.txt

    # AdwCleaner v4.208 - Relatório criado 03/08/2015 às 14:48:32
    # Atualizado 09/07/2015 por Xplode
    # Base de dados : 2015-08-01.1 [Servidor]
    # Sistema operacional : Windows 8.1 Pro (x64)
    # Usuário : Vinícius - VINICIUS-ULTRA
    # Executando de : C:\Users\Vinícius\Downloads\adwcleaner_4.208.exe
    # Opção : Verificar

    ***** [ Serviços ] *****


    ***** [ Arquivos / Pastas ] *****

    Arquivo Encontrado : C:\WINDOWS\Reimage.ini

    ***** [ Tarefas agendadas ] *****


    ***** [ Atalhos ] *****


    ***** [ Registro ] *****

    Chave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Chave Encontrado : HKCU\Software\Reimage
    Chave Encontrado : [x64] HKCU\Software\Reimage
    Chave Encontrado : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    Chave Encontrado : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    Chave Encontrado : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Chave Encontrado : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Chave Encontrado : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
    Chave Encontrado : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
    Chave Encontrado : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    Chave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
    Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
    Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Chave Encontrado : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Chave Encontrado : [x64] HKLM\SOFTWARE\Reimage
    Valor Encontrado : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
    Valor Encontrado : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
    Valor Encontrado : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v11.0.9600.17840


    -\\ Mozilla Firefox v39.0 (x86 pt-BR)


    -\\ Google Chrome v44.0.2403.125


    *************************

    AdwCleaner[R0].txt - [2238 bytes] - [03/08/2015 14:48:32]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2297 bytes] ##########

  7. #7
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    I had the feeling you needed the other Java versions. If possible, at least set the security to high in the Java Control Panel. Keep Java disabled until needed. Uncheck the box "Enable Java content in the browser" in the Java Control Panel.



    1. Double-click AdwCleaner.exe to run the tool again.
    • Click the Scan button.
    • AdwCleaner will begin to scan your computer like it did before.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • After the scan has finished,
    • This time click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


    2. Please download Junkware Removal Tool to your desktop.
    • Disable your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    3. Please follow the instructions below to run an on-line scan from ESET.
    • Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
      • Hold down Control and click on this link to open ESET OnlineScan in a new window so you can refer to these instructions.
      • Click the green ESET Online Scanner box.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
        • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
        • Double click on the Eset Smart Installer icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
      • Click Advanced settings and select the following:
        • Scan potentially unwanted applications
        • Scan for potentially unsafe applications
        • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.


    4. How is the computer running now?


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  8. #8

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Hi Corrine,

    I did do these procedures before, except the JRT.

    But my pc still infected look in the logs.
    AdwCleaner[S0].txt:

    # AdwCleaner v4.208 - Relatório criado 03/08/2015 às 16:56:31
    # Atualizado 09/07/2015 por Xplode
    # Base de dados : 2015-08-01.1 [Servidor]
    # Sistema operacional : Windows 8.1 Pro (x64)
    # Usuário : Vinícius - VINICIUS-ULTRA
    # Executando de : C:\Users\Vinícius\Downloads\adwcleaner_4.208.exe
    # Opção : Limpar

    ***** [ Serviços ] *****


    ***** [ Arquivos / Pastas ] *****

    Arquivo Excluído : C:\WINDOWS\Reimage.ini

    ***** [ Tarefas agendadas ] *****


    ***** [ Atalhos ] *****


    ***** [ Registro ] *****

    Chave Apagado : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    Chave Apagado : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
    Chave Apagado : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
    Valor Apagado : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
    Valor Apagado : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
    Valor Apagado : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
    Chave Apagado : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Chave Apagado : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Chave Apagado : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    Chave Apagado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Chave Apagado : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
    Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Chave Apagado : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Chave Apagado : HKCU\Software\Reimage
    Chave Apagado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
    Chave Apagado : [x64] HKLM\SOFTWARE\Reimage

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v11.0.9600.17840


    -\\ Mozilla Firefox v39.0 (x86 pt-BR)


    -\\ Google Chrome v44.0.2403.125


    *************************

    AdwCleaner[R0].txt - [2400 bytes] - [03/08/2015 16:19:48]
    AdwCleaner[R1].txt - [2459 bytes] - [03/08/2015 16:53:18]
    AdwCleaner[S0].txt - [2253 bytes] - [03/08/2015 16:56:31]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2312 bytes] ##########

    JRT.txt:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.5.4 (07.27.2015:1)
    OS: Windows 8.1 Pro x64
    Ran by Vin¡cius on 03/08/2015 at 17:04:30,96
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully deleted: [Service] bdsandbox [Reboot required]



    ~~~ Tasks



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Users\Vin¡cius\AppData\Roaming\my_intel.sys
    Successfully deleted: [File] C:\Users\Vin¡cius\AppData\Roaming\sp_data.sys
    Successfully deleted: [File] C:\ProgramData\1432307702.bdinstall.bin
    Successfully deleted: [File] C:\WINDOWS\SysWOW64\REN2F9F.tmp
    Successfully deleted: [File] C:\WINDOWS\SysWOW64\RENF6DC.tmp



    ~~~ Folders

    Successfully deleted: [Folder] C:\Users\Vin¡cius\Appdata\Local\crashrpt
    Successfully deleted: [Folder] C:\Users\Vin¡cius\Appdata\Local\installer



    ~~~ FireFox

    Emptied folder: C:\Users\Vin¡cius\AppData\Roaming\mozilla\firefox\profiles\92tsjy9t.default-1417133977678\minidumps [1 files]



    ~~~ Chrome


    [C:\Users\Vin¡cius\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Vin¡cius\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\Vin¡cius\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Vin¡cius\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    []





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 03/08/2015 at 17:18:06,49
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ESETScan Report:

    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
    C:\Users\Vinícius\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
    C:\Users\Vinícius\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe a variant of Win32/OpenCandy.C potentially unsafe application
    C:\Users\Vinícius\Downloads\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application

    I have to wait, but I think it is desinfect my machine for now.

  9. #9
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Let's see what a fresh FRST scan shows.
    • Right click to run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • This time it will produce one log in the same directory the tool is run from -- FRST.txt.
    • Please copy/paste that log in your reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  10. #10

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
    Ran by Vinícius (administrator) on VINICIUS-ULTRA (04-08-2015 18:25:49)
    Running from C:\Users\Vinícius\Downloads
    Loaded Profiles: Vinícius & ReportServer (Available Profiles: Vinícius & SQL Server Distributed Replay Controller & ReportServer & SQL Server Distributed Replay Client & MSSQLFDLauncher & SQLSERVERAGENT & MsDtsServer120 & MSSQLSERVER)
    Platform: Windows 8.1 Pro (X64) Language: Português (Brasil)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Microsoft Corporation) C:\Windows\System32\vmms.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
    HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-06] (Bitdefender)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\Run: [Google Update] => C:\Users\Vinícius\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-02-03] (Google Inc.)
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\Run: [Agente da Carteira Bitdefender] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
    AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
    Startup: C:\Users\Vinícius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk [2015-05-21]
    ShortcutTarget: Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    URLSearchHook: [S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Carteira Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-09] (Qualcomm Atheros Commnucations)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: Carteira Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
    BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
    Toolbar: HKLM - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
    Toolbar: HKLM-x32 - Carteira Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
    DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/...?1433444180853
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-04-14] (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
    Tcpip\..\Interfaces\{0D9342D2-2B81-45D6-B6D7-301E403DB6C5}: [DhcpNameServer] 200.222.123.101 200.165.132.154 192.168.0.1
    Tcpip\..\Interfaces\{3A888CAE-C57E-44D3-A67E-A01CE9A7346C}: [DhcpNameServer] 200.222.123.101 200.165.132.154 192.168.0.1
    Tcpip\..\Interfaces\{E1F8E88B-CB69-4DC9-AEF1-BB440694ED10}: [DhcpNameServer] 192.168.25.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Vinícius\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-19] (Citrix Online)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @ibm.cognos.com/InsightProvagentPlugin,version=1 -> C:\Users\Vinícius\AppData\Local\Programs\IBM\Cognos Insight\npinsightpa.dll [2013-07-31] (IBM)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @ibm.cognos.com/PerfmodelerProvagentPlugin,version=1 -> C:\Users\Vinícius\AppData\Roaming\IBM\Cognos Performance Modeler\npperfmodelerpa.dll [2013-07-31] (IBM)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vinícius\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Vinícius\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Vinícius\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3203197593-2648915773-4125324600-1002: gastecnologia.com.br/sf/uni -> C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-12-01] (GAS Tecnologia)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
    FF SearchPlugin: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\searchplugins\flickr.xml [2015-05-13]
    FF SearchPlugin: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\searchplugins\opensubtitles.xml [2015-07-07]
    FF SearchPlugin: C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\searchplugins\secure-torrentz-search.xml [2014-11-27]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2014-08-05]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2014-08-05]
    FF Extension: Tabs Always In Titlebar - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\TabsAlwaysInTitlebar@SoapyBrew.xpi [2014-11-27]
    FF Extension: Thumbnail Zoom Plus - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-11-27]
    FF Extension: Google Translator for Firefox - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\translator@zoli.bod.xpi [2014-11-27]
    FF Extension: Microsoft .NET Framework Assistant - C:\Users\Vinícius\AppData\Roaming\Mozilla\Firefox\Profiles\92tsjy9t.default-1417133977678\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-11-27]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
    FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-05-22]
    FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-05-22]
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
    FF HKU\S-1-5-21-3203197593-2648915773-4125324600-1002\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
    FF Extension: Guardião - Itaú 30 horas - C:\Users\Vinícius\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-12-01]

    Chrome:
    =======
    CHR Profile: C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Cast) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-05-03]
    CHR Extension: (Bitdefender Wallet) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-05-22]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Vinícius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
    CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
    S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations) [File not signed]
    S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
    S4 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-05-12] (Apple Inc.) [File not signed]
    R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-15] (Microsoft Corporation)
    S4 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
    S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
    S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
    S4 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
    S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
    S2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [216768 2015-06-09] (Microsoft Corporation)
    S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation)
    S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [372416 2015-06-09] (Microsoft Corporation)
    S2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS12.MSSQLSERVER\OLAP\bin\msmdsrv.exe [51156160 2015-04-20] (Microsoft Corporation)
    S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
    S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
    S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-28] (Electronic Arts)
    S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
    S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
    R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2467008 2015-04-20] (Microsoft Corporation)
    S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [139968 2014-02-21] (Microsoft Corporation)
    S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [345280 2014-02-21] (Microsoft Corporation)
    S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-09] (Microsoft Corporation)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
    R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
    S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-12] (Bitdefender)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
    S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros) [File not signed]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
    R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4282904 2015-05-12] (Qualcomm Atheros Communications, Inc.)
    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
    R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
    S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
    S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
    R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
    S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
    S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
    S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
    S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
    R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
    R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
    R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
    S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
    R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
    R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
    R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
    R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
    R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68952 2015-05-11] (Microsoft Corporation)
    R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
    S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-03-15] (Microsoft Corporation)
    S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
    R3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-28] (Microsoft Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
    S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-03-15] (Microsoft Corporation)
    S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-03-15] (Microsoft Corporation)
    S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
    R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
    S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)
    R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
    S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-03 17:20 - 2015-08-03 17:20 - 00000000 ____D C:\Program Files (x86)\ESET
    2015-08-03 17:03 - 2015-08-03 17:03 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Vinícius\Downloads\JRT.exe
    2015-08-03 16:19 - 2015-08-03 16:56 - 00000000 ____D C:\AdwCleaner
    2015-08-03 16:18 - 2015-08-03 16:18 - 02248704 _____ C:\Users\Vinícius\Downloads\adwcleaner_4.208.exe
    2015-08-03 16:07 - 2015-08-03 16:47 - 00000000 ___HD C:\$Windows.~BT
    2015-08-03 15:22 - 2015-08-03 15:22 - 00000000 ___HD C:\$Windows.~WS
    2015-08-03 15:21 - 2015-08-03 15:21 - 19648448 _____ (Microsoft Corporation) C:\Users\Vinícius\Downloads\MediaCreationToolx64.exe
    2015-08-03 14:38 - 2015-08-03 16:56 - 00000000 ____D C:\Users\TEMP.NT Service.005
    2015-07-31 10:26 - 2015-07-31 10:26 - 01319424 _____ (niemiro) C:\Users\Vinícius\Downloads\SFCFix.exe
    2015-07-31 10:15 - 2015-07-31 10:16 - 00093723 _____ C:\Users\Vinícius\Downloads\Addition.txt
    2015-07-31 10:12 - 2015-08-04 18:25 - 00026465 _____ C:\Users\Vinícius\Downloads\FRST.txt
    2015-07-31 10:11 - 2015-08-04 18:25 - 00000000 ____D C:\FRST
    2015-07-31 10:11 - 2015-08-03 14:28 - 02169856 _____ (Farbar) C:\Users\Vinícius\Downloads\FRST64.exe
    2015-07-31 10:10 - 2015-07-31 10:11 - 00852684 _____ C:\Users\Vinícius\Downloads\SecurityCheck.exe
    2015-07-30 23:15 - 2015-07-30 23:15 - 00772016 _____ (Reimage®) C:\Users\Vinícius\Downloads\ReimageRepair.exe
    2015-07-30 22:24 - 2015-07-30 22:24 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits
    2015-07-30 22:23 - 2015-07-30 22:23 - 00379392 _____ C:\Users\Vinícius\Downloads\subinacl.msi
    2015-07-30 19:12 - 2015-07-30 19:30 - 00000000 _____ C:\Recovery.txt
    2015-07-30 18:50 - 2015-07-30 18:50 - 00000048 _____ C:\WINDOWS\56B137A44E3CC9FC.log
    2015-07-30 18:48 - 2015-07-30 18:49 - 00000000 ____D C:\Users\Todos os Usuários\Elaborate Bytes
    2015-07-30 18:48 - 2015-07-30 18:49 - 00000000 ____D C:\ProgramData\Elaborate Bytes
    2015-07-30 18:48 - 2015-07-30 18:48 - 05262920 _____ C:\Users\Vinícius\Downloads\SetupCloneDVD2933.exe
    2015-07-30 17:27 - 2015-07-31 10:43 - 00000000 ____D C:\Users\Vinícius\AppData\Local\niemiro
    2015-07-30 16:50 - 2015-07-30 19:40 - 00000000 ____D C:\SFCFix
    2015-07-30 15:47 - 2015-07-31 00:41 - 00000000 ____D C:\WINDOWS\system32\catroot2.old2
    2015-07-30 14:21 - 2015-08-03 14:36 - 00082424 _____ C:\WINDOWS\PFRO.log
    2015-07-30 09:58 - 2015-06-12 14:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-07-30 09:58 - 2015-06-12 13:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2015-07-30 09:57 - 2015-07-14 18:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2015-07-30 09:57 - 2015-07-14 18:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
    2015-07-30 09:57 - 2015-07-14 18:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
    2015-07-30 09:57 - 2015-06-11 17:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2015-07-30 09:57 - 2015-06-11 17:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2015-07-30 09:57 - 2015-06-09 15:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2015-07-30 09:57 - 2015-05-11 21:24 - 01423192 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2015-07-30 09:57 - 2015-05-11 21:24 - 01390936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2015-07-30 09:57 - 2015-05-11 21:24 - 01380184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2015-07-30 09:57 - 2015-05-11 21:24 - 01264472 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2015-07-30 09:57 - 2015-05-11 21:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2015-07-30 09:57 - 2015-05-11 21:24 - 00068952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2015-07-30 09:57 - 2015-05-11 21:24 - 00019800 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
    2015-07-30 09:57 - 2015-04-30 22:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2015-07-30 09:57 - 2015-04-30 22:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2015-07-30 09:57 - 2015-04-30 22:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2015-07-30 09:56 - 2015-06-09 19:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2015-07-30 09:56 - 2015-06-09 19:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2015-07-30 09:56 - 2015-06-09 19:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2015-07-30 09:15 - 2015-07-30 09:15 - 00000000 ____D C:\Users\Vinícius\AppData\Local\CEF
    2015-07-30 08:29 - 2015-08-04 12:29 - 00001356 _____ C:\WINDOWS\setupact.log
    2015-07-30 08:29 - 2015-08-03 16:06 - 00000000 _____ C:\WINDOWS\setuperr.log
    2015-07-30 08:28 - 2015-07-31 00:27 - 00595264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-07-29 21:38 - 2015-07-29 21:38 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
    2015-07-29 21:38 - 2015-07-29 21:38 - 00000000 ____D C:\WINDOWS\system32\NV
    2015-07-29 15:10 - 2015-07-25 10:34 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 42730128 _____ C:\WINDOWS\system32\nvcompiler.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 37748880 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 30487880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 22950544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 16151688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 15892200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 15129192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 14503880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 13268712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 11836680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 11055248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
    2015-07-29 14:45 - 2015-07-23 01:06 - 03008880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 02933576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 02600592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
    2015-07-29 14:45 - 2015-07-23 01:06 - 00031376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
    2015-07-27 14:52 - 2015-07-27 14:52 - 00003518 _____ C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
    2015-07-27 14:52 - 2015-07-27 14:52 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-07-21 09:05 - 2015-07-14 11:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-07-21 09:05 - 2015-07-14 11:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-07-21 09:05 - 2015-07-14 11:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-07-21 09:05 - 2015-07-14 11:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-07-14 15:47 - 2015-05-02 21:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2015-07-14 15:47 - 2015-04-29 20:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
    2015-07-14 15:46 - 2015-06-29 19:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2015-07-14 15:46 - 2015-06-29 12:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2015-07-14 15:46 - 2015-06-29 12:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2015-07-14 15:46 - 2015-06-29 12:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2015-07-14 15:46 - 2015-06-29 12:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-07-14 15:46 - 2015-06-26 20:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2015-07-14 15:46 - 2015-06-26 20:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2015-07-14 15:46 - 2015-05-12 10:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2015-07-14 15:46 - 2015-05-11 13:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
    2015-07-14 15:46 - 2015-05-07 14:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2015-07-14 15:46 - 2015-05-07 14:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2015-07-14 15:46 - 2015-05-07 13:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2015-07-14 15:46 - 2015-05-07 13:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2015-07-14 15:46 - 2015-05-07 12:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
    2015-07-14 15:46 - 2015-05-07 12:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
    2015-07-14 15:46 - 2015-05-03 12:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-14 15:46 - 2015-05-03 12:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2015-07-14 15:46 - 2015-05-03 11:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-14 15:46 - 2015-05-03 11:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2015-07-14 15:46 - 2015-05-03 11:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2015-07-14 15:46 - 2015-05-03 11:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2015-07-14 15:46 - 2015-04-28 10:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
    2015-07-14 15:46 - 2015-04-28 10:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
    2015-07-14 15:46 - 2015-04-24 23:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
    2015-07-14 15:46 - 2015-04-23 12:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2015-07-14 15:46 - 2015-04-23 12:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2015-07-14 15:44 - 2015-07-09 16:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2015-07-14 15:44 - 2015-07-09 15:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
    2015-07-14 15:44 - 2015-07-09 13:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-07-14 15:44 - 2015-07-09 12:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
    2015-07-14 15:44 - 2015-07-09 12:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
    2015-07-14 15:44 - 2015-07-09 12:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
    2015-07-14 15:44 - 2015-07-09 12:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2015-07-14 15:44 - 2015-07-09 12:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2015-07-14 15:44 - 2015-07-09 12:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
    2015-07-14 15:44 - 2015-07-09 12:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
    2015-07-14 15:44 - 2015-07-09 12:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
    2015-07-14 15:44 - 2015-07-09 12:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2015-07-14 15:44 - 2015-07-09 12:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2015-07-14 15:44 - 2015-06-28 02:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2015-07-14 15:44 - 2015-06-28 02:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2015-07-14 15:44 - 2015-06-28 02:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2015-07-14 15:44 - 2015-06-28 02:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2015-07-14 15:44 - 2015-06-27 13:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2015-07-14 15:44 - 2015-06-27 00:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2015-07-14 15:44 - 2015-06-27 00:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2015-07-14 15:44 - 2015-06-27 00:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2015-07-14 15:44 - 2015-06-27 00:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2015-07-14 15:44 - 2015-06-27 00:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2015-07-14 15:44 - 2015-06-26 23:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2015-07-14 15:44 - 2015-06-26 23:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2015-07-14 15:44 - 2015-06-26 23:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2015-07-14 15:44 - 2015-06-26 23:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-07-14 15:44 - 2015-06-26 22:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2015-07-14 15:44 - 2015-06-26 22:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-07-14 15:44 - 2015-06-24 23:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2015-07-14 15:44 - 2015-06-15 19:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    2015-07-14 15:44 - 2015-06-15 19:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2015-07-14 15:44 - 2015-06-15 18:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
    2015-07-14 15:44 - 2015-06-15 18:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2015-07-14 15:44 - 2015-06-15 17:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-07-14 15:44 - 2015-06-15 16:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2015-07-14 15:44 - 2015-05-30 18:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2015-07-14 15:44 - 2015-05-30 16:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-07-14 15:44 - 2015-05-30 16:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2015-07-14 15:44 - 2015-03-08 21:25 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmickvpexchange.dll
    2015-07-14 15:44 - 2015-03-08 21:24 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicguestinterface.dll
    2015-07-14 15:44 - 2015-03-08 21:23 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicshutdown.dll
    2015-07-14 15:44 - 2015-03-08 21:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimesync.dll
    2015-07-14 15:44 - 2015-03-08 21:22 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicheartbeat.dll
    2015-07-14 15:44 - 2015-03-08 21:21 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicvss.dll
    2015-07-14 15:44 - 2015-03-08 21:20 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicrdv.dll
    2015-07-14 15:43 - 2015-07-02 18:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-07-14 15:43 - 2015-07-02 17:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-07-14 15:43 - 2015-07-02 17:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-07-14 15:43 - 2015-07-02 17:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-07-14 15:43 - 2015-07-02 17:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-07-14 15:43 - 2015-07-02 16:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-07-14 15:43 - 2015-07-02 16:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-07-14 15:43 - 2015-07-02 15:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-07-14 15:43 - 2015-07-01 19:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-07-14 15:43 - 2015-07-01 18:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-07-14 15:43 - 2015-03-08 23:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
    2015-07-14 15:42 - 2015-06-16 02:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2015-07-14 15:42 - 2015-06-16 02:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2015-07-14 15:42 - 2015-06-15 19:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-07-14 15:42 - 2015-06-15 19:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2015-07-14 15:42 - 2015-06-15 19:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2015-07-14 15:42 - 2015-06-15 19:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-07-14 15:42 - 2015-06-15 19:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
    2015-07-14 15:42 - 2015-06-15 18:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
    2015-07-14 15:42 - 2015-06-15 18:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2015-07-14 15:42 - 2015-06-15 18:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2015-07-14 15:42 - 2015-06-15 18:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2015-07-14 15:42 - 2015-06-15 18:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2015-07-14 15:42 - 2015-06-15 18:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2015-07-14 15:42 - 2015-06-15 18:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2015-07-14 15:42 - 2015-06-15 18:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2015-07-14 15:42 - 2015-06-15 18:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2015-07-14 15:42 - 2015-06-15 18:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-07-14 15:42 - 2015-06-15 18:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-07-14 15:42 - 2015-06-15 18:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2015-07-14 15:42 - 2015-06-15 18:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
    2015-07-14 15:42 - 2015-06-15 18:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-07-14 15:42 - 2015-06-15 17:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2015-07-14 15:42 - 2015-06-15 17:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
    2015-07-14 15:42 - 2015-06-15 17:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
    2015-07-14 15:42 - 2015-06-15 17:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2015-07-14 15:42 - 2015-06-15 17:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2015-07-14 15:42 - 2015-06-15 17:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2015-07-14 15:42 - 2015-06-15 17:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2015-07-14 15:42 - 2015-06-15 17:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2015-07-14 15:42 - 2015-06-15 17:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2015-07-14 15:42 - 2015-06-15 17:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2015-07-14 15:42 - 2015-06-15 17:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2015-07-14 15:42 - 2015-06-15 17:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2015-07-14 15:42 - 2015-06-15 17:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-07-14 15:42 - 2015-06-15 17:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2015-07-14 15:42 - 2015-06-11 00:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2015-07-14 15:42 - 2015-06-10 13:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2015-07-14 15:42 - 2015-05-07 13:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-04 18:18 - 2014-04-12 06:22 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-08-04 18:06 - 2014-03-15 18:11 - 27590656 _____ C:\WINDOWS\system32\vmguest.iso
    2015-08-04 18:00 - 2015-03-27 14:02 - 00000000 ____D C:\Users\Vinícius\Documents\Arquivos do Outlook
    2015-08-04 18:00 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-08-04 17:46 - 2014-03-15 08:06 - 00000000 ___DO C:\Users\Vinícius\SkyDrive
    2015-08-04 17:33 - 2015-05-03 09:20 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203197593-2648915773-4125324600-1002
    2015-08-04 17:33 - 2014-03-15 15:45 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\uTorrent
    2015-08-04 17:29 - 2015-02-03 22:09 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA.job
    2015-08-04 17:28 - 2014-03-15 15:33 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-08-04 17:27 - 2015-05-20 14:09 - 01147880 _____ C:\WINDOWS\WindowsUpdate.log
    2015-08-04 14:40 - 2014-04-02 22:58 - 00005038 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VINICIUS-ULTRA-Vinícius Vinicius-Ultra
    2015-08-04 14:29 - 2015-02-03 22:09 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core.job
    2015-08-04 14:28 - 2014-03-15 15:33 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-08-04 14:17 - 2014-03-15 13:56 - 00003978 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{684F638A-01A2-41DE-84F0-52307E662A4B}
    2015-08-04 13:39 - 2014-04-20 10:34 - 00000970 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA.job
    2015-08-04 11:38 - 2015-01-19 09:30 - 00012562 _____ C:\WINDOWS\system32\TeamViewer10_Hooks.log
    2015-08-04 11:38 - 2014-03-23 10:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2015-08-04 11:37 - 2015-05-26 17:43 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
    2015-08-04 10:39 - 2014-04-20 10:34 - 00000948 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core.job
    2015-08-04 09:59 - 2013-11-14 04:29 - 02372490 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-08-04 09:59 - 2013-11-14 04:13 - 00989242 _____ C:\WINDOWS\system32\prfh0416.dat
    2015-08-04 09:59 - 2013-11-14 04:13 - 00253936 _____ C:\WINDOWS\system32\prfc0416.dat
    2015-08-03 16:59 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-08-03 16:50 - 2014-12-09 13:44 - 00459264 ___SH C:\Users\Vinícius\Desktop\Thumbs.db
    2015-08-03 16:47 - 2014-03-14 19:24 - 00001908 _____ C:\WINDOWS\diagwrn.xml
    2015-08-03 16:47 - 2014-03-14 19:24 - 00001908 _____ C:\WINDOWS\diagerr.xml
    2015-08-03 16:07 - 2014-03-14 19:16 - 00000000 ___DC C:\WINDOWS\Panther
    2015-08-03 14:41 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2015-08-03 14:33 - 2013-08-22 12:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2015-08-03 14:33 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2015-08-03 13:22 - 2014-03-15 16:25 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\MPC-HC
    2015-08-03 12:47 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-07-31 21:04 - 2015-06-11 09:30 - 00000000 ____D C:\Users\Vinícius\Desktop\MRV - DP
    2015-07-31 11:52 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-07-31 10:49 - 2014-03-27 14:10 - 00811520 ___SH C:\Users\Vinícius\Downloads\Thumbs.db
    2015-07-31 00:00 - 2014-03-14 19:24 - 00000000 ____D C:\Users\Vinícius
    2015-07-30 22:46 - 2014-03-23 10:52 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\TeamViewer
    2015-07-30 18:48 - 2015-05-01 18:07 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
    2015-07-30 13:40 - 2014-07-09 11:38 - 00000000 ____D C:\Temp
    2015-07-30 13:37 - 2015-05-02 12:48 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\Skype
    2015-07-30 09:15 - 2014-08-05 22:46 - 00000000 ____D C:\Program Files (x86)\Steam
    2015-07-30 08:23 - 2014-06-27 16:58 - 00000000 ____D C:\Users\Vinícius\AppData\Roaming\XnView
    2015-07-30 08:20 - 2015-05-20 13:23 - 00000000 ____D C:\Program Files\CCleaner
    2015-07-29 16:40 - 2014-03-14 03:50 - 00000000 ____D C:\Users\Vinícius\AppData\Local\Packages
    2015-07-29 14:49 - 2014-03-15 06:34 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
    2015-07-29 14:49 - 2014-03-15 06:34 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-07-29 14:49 - 2014-03-15 06:33 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
    2015-07-29 14:49 - 2014-03-15 06:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2015-07-29 14:44 - 2014-12-10 00:10 - 00000000 __SHD C:\Users\Vinícius\AppData\Local\EmieBrowserModeList
    2015-07-29 14:44 - 2014-04-26 15:49 - 00000000 __SHD C:\Users\Vinícius\AppData\Local\EmieUserList
    2015-07-29 14:44 - 2014-04-26 15:49 - 00000000 __SHD C:\Users\Vinícius\AppData\Local\EmieSiteList
    2015-07-27 14:10 - 2015-05-13 09:12 - 00000000 ___RD C:\Users\Vinícius\OneDrive
    2015-07-27 14:10 - 2014-04-02 22:58 - 00003114 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3203197593-2648915773-4125324600-1002
    2015-07-25 12:24 - 2015-04-05 10:29 - 00000000 ___SD C:\WINDOWS\system32\GWX
    2015-07-23 17:12 - 2014-04-17 13:21 - 00000000 ____D C:\Users\Vinícius\AppData\Local\CutePDF Writer
    2015-07-23 01:06 - 2015-05-31 21:58 - 17615408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 12876336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 01101856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 00940104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
    2015-07-23 01:06 - 2015-01-07 19:50 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
    2015-07-23 01:06 - 2014-11-18 22:04 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
    2015-07-23 01:06 - 2014-03-15 06:31 - 03407144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
    2015-07-22 22:31 - 2014-03-15 06:34 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2015-07-22 22:31 - 2014-03-15 06:34 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2015-07-21 11:21 - 2014-03-14 03:50 - 00000000 ____D C:\Users\Vinícius\AppData\Local\VirtualStore
    2015-07-20 11:16 - 2014-03-15 06:34 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
    2015-07-20 09:42 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
    2015-07-19 20:23 - 2014-03-15 15:21 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
    2015-07-19 20:23 - 2014-03-15 15:21 - 00000000 ____D C:\ProgramData\Oracle
    2015-07-19 20:22 - 2015-06-01 10:50 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
    2015-07-19 20:22 - 2014-04-01 16:53 - 00000000 ____D C:\Program Files\Java
    2015-07-19 20:22 - 2014-03-15 15:20 - 00000000 ____D C:\Program Files (x86)\Java
    2015-07-18 10:06 - 2014-12-23 17:25 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-07-18 10:06 - 2014-07-11 00:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2015-07-18 10:06 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
    2015-07-18 10:06 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\WinStore
    2015-07-18 10:06 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2015-07-17 21:02 - 2014-03-15 13:20 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
    2015-07-17 21:02 - 2014-03-15 13:20 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-07-17 20:59 - 2015-05-02 17:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-07-16 19:24 - 2015-05-15 09:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-07-16 19:24 - 2014-12-23 21:54 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2015-07-16 15:33 - 2014-03-15 08:02 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-07-16 15:26 - 2015-04-05 10:29 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
    2015-07-16 14:24 - 2015-02-03 22:09 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002UA
    2015-07-16 14:24 - 2015-02-03 22:09 - 00003692 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3203197593-2648915773-4125324600-1002Core
    2015-07-16 14:23 - 2014-03-15 15:33 - 00004068 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-16 14:23 - 2014-03-15 15:33 - 00003832 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-16 14:18 - 2014-04-12 06:22 - 00003790 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-07-14 17:25 - 2014-10-29 09:35 - 00000000 ____D C:\Users\MSSQLFDLauncher
    2015-07-14 17:23 - 2014-10-29 09:38 - 00000000 ____D C:\Users\MsDtsServer120
    2015-07-14 17:23 - 2014-10-29 09:34 - 00000000 ____D C:\Users\MSSQLSERVER
    2015-07-14 15:41 - 2013-08-22 10:25 - 00000269 _____ C:\WINDOWS\win.ini
    2015-07-14 15:34 - 2014-03-15 12:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server
    2015-07-14 15:34 - 2014-03-15 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
    2015-07-13 18:10 - 2015-03-11 17:51 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-07-13 18:10 - 2015-03-11 17:51 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-07-13 12:45 - 2015-05-02 12:48 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-07-13 12:45 - 2015-05-02 12:47 - 00000000 ____D C:\Users\Todos os Usuários\Skype
    2015-07-13 12:45 - 2015-05-02 12:47 - 00000000 ____D C:\ProgramData\Skype
    2015-07-09 10:12 - 2015-07-03 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-07-09 10:12 - 2014-03-31 15:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

    ==================== Files in the root of some directories =======

    2014-07-10 17:55 - 2014-07-10 17:55 - 0017167 _____ () C:\Users\Vinícius\AppData\Roaming\unins000.dat
    2014-07-10 17:55 - 2014-07-10 17:55 - 0720082 _____ () C:\Users\Vinícius\AppData\Roaming\unins000.exe
    2015-05-25 10:14 - 2015-05-25 19:40 - 0007662 _____ () C:\Users\Vinícius\AppData\Local\resmon.resmoncfg
    2014-05-24 23:59 - 2014-05-24 23:59 - 0000000 _____ () C:\Users\Vinícius\AppData\Local\{44FE08F3-2592-41A1-91DA-7CC7315C9D59}
    2014-06-11 23:56 - 2014-06-11 23:56 - 0000000 _____ () C:\Users\Vinícius\AppData\Local\{5EA8D961-C6A7-4C78-A9E6-6BA89D1FCC3F}
    2014-05-24 00:01 - 2014-05-24 00:01 - 0000000 _____ () C:\Users\Vinícius\AppData\Local\{ABF82394-A884-4150-A0A8-475F82D21D6A}
    2015-02-19 08:04 - 2015-02-19 08:04 - 0000057 _____ () C:\ProgramData\Ament.ini
    2012-12-19 12:11 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2012-12-19 12:11 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2012-12-19 12:11 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

    Files to move or delete:
    ====================
    C:\ProgramData\SetStretch.VBS
    C:\Users\Todos os Usuários\SetStretch.VBS


    Some files in TEMP:
    ====================
    C:\Users\Vinícius\AppData\Local\Temp\Quarantine.exe
    C:\Users\Vinícius\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-07-30 08:39

    ==================== End of log ============================

  11. #11
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Just a bit more and then I think we can finish off. Let me know how your computer is after this, please.

    Please do the following to run FRST:

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Open Notepad (Start =>All Programs => Accessories => Notepad).
    • Copy/Paste the entire contents of the code box below into Notepad.
    Code:
    start
    CreateRestorePoint:
    CloseProcesses:
    2012-12-19 12:11 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2012-12-19 12:11 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2012-12-19 12:11 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
    C:\Users\Todos os Usuários\SetStretch.VBS
    URLSearchHook: [S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051] ATTENTION ==> Default URLSearchHook is missing
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    EmptyTemp:
    end
    • Click Format and ensure Wordwrap is unchecked.
    • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
      • Press the Fix button once and wait.
      • FRST will process fixlist.txt
      • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
      • Please post the log in your next reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  12. #12

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Read More:

  13. #13
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Perfect!

    If your computer is back to normal, please do the following. If not, please let me know.

    Please download Delfix from here.

    Ensure the following boxes are checked:
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Click Run

    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  14. #14

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Done.

    # DelFix v1.010 - Relatório criado 05/08/2015 às 17:46:31
    # Atualizado 26/04/2015 por Xplode
    # Usuário : Vinícius - VINICIUS-ULTRA
    # Sistema Operacional : Windows 8.1 Pro (64 bits)

    ~ Removendo ferramentas de desinfecção ...

    Removido : C:\FRST
    Removido : C:\AdwCleaner
    Removido : C:\RegBackup
    Removido : C:\Users\Vinícius\Downloads\Addition.txt
    Removido : C:\Users\Vinícius\Downloads\adwcleaner_4.208.exe
    Removido : C:\Users\Vinícius\Downloads\Fixlog.txt
    Removido : C:\Users\Vinícius\Downloads\FRST.txt
    Removido : C:\Users\Vinícius\Downloads\FRST64.exe
    Removido : C:\Users\Vinícius\Downloads\JRT.exe
    Removido : C:\Users\Vinícius\Downloads\SecurityCheck.exe
    Removido : HKLM\SOFTWARE\AdwCleaner
    Removido : HKLM\SOFTWARE\TrendMicro\Hijackthis

    ~ Criando backup do registro ... OK

    ~ Limpando pontos da restauração do sistema ...

    Removido : RP #186 [Installed Windows Resource Kit Tools - SubInAcl.exe | 07/31/2015 01:23:27]
    Removido : RP #188 [Restore Point Created by FRST | 08/03/2015 17:32:49]
    Removido : RP #189 [JRT Pre-Junkware Removal | 08/04/2015 21:02:51]
    Removido : RP #191 [Restore Point Created by FRST | 08/05/2015 14:53:24]
    Removido : RP #192 [Microsoft SQL Server 2014 Management Objects removidos(as) | 08/05/2015 15:38:42]
    Removido : RP #193 [Removed Microsoft SQL Server 2014 Setup (English) | 08/05/2015 17:37:59]

    Novo ponto de restauração criado !

    ########## - EOF - ##########

  15. #15
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Nice -- all the tools and logs cleaned up and a fresh restore point created. I know you need the multiple versions of Java but please be careful. As documented in Why are Java’s Vulnerabilities One of the Biggest Security Holes on Your Computer? - Heimdal Security Blog:

    As Java vulnerabilities piled up, Oracle released a Critical Patch Update Advisory this July, containing no less than 193 new security fixes! And there was the April 2015 Critical Patch Advisory (98 security fixes) and the January 2015 Patch Advisory before that (169 security fixes).


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  16. #16

    Join Date
    Jul 2015
    Location
    Brasil
    Posts
    25

    Re: My PC was infected by malwares and after many attempts I think it still infected

    Thank you Corrine for the help.

    I'll read these articles and try to be carefull about my Java versions.

    I appreciate your concern.

  17. #17
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,714

    Re: My PC was infected by malwares and after many attempts I think it still infected

    You are most welcome!


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Similar Threads

  1. Believed to have been infected with a virus....
    By Jack.Kirkby in forum Security Arena
    Replies: 11
    Last Post: 06-07-2013, 01:37 PM
  2. Infected with Zero Access Trojan
    By truth in forum Security Arena
    Replies: 23
    Last Post: 02-06-2013, 06:37 PM
  3. Can a router be infected with malware?
    By JMH in forum News You Can Use
    Replies: 0
    Last Post: 12-25-2012, 09:04 PM
  4. When Your PC is Likely Infected
    By JMH in forum Security News
    Replies: 0
    Last Post: 08-31-2012, 04:41 AM
  5. [SOLVED] Infected with Sirefef :(
    By niemiro in forum Security Arena
    Replies: 13
    Last Post: 08-16-2012, 04:51 AM

Log in

Log in