FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Utilizador (administrator) on HP (11-01-2017 21:44:21)
Running from C:\Users\Utilizador\Downloads
Loaded Profiles: Utilizador (Available Profiles: Utilizador & anton_000)
Platform: Windows 8.1 (X64) Language: Portuguese (Portugal)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\Everything\Everything.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Everything\Everything.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\asulaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\DiskTrace.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2016-07-21] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161240 2016-05-21] (IvoSoft)
HKLM\...\Run: [gplyra] => C:\Users\Utilizador\AppData\Roaming\gplyra\gplyra.exe
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-07] (AVAST Software)
HKU\S-1-5-21-3552909271-904078643-69874527-1001\...\Run: [svchost0] => "C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe"\UUC0789.exe
HKU\S-1-5-21-3552909271-904078643-69874527-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3552909271-904078643-69874527-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
ShellExecuteHooks: - {25FDC694-CCFD-11E6-8F28-64006A5CFC23} - C:\Users\Utilizador\AppData\Roaming\Buhuch\Pktkerresy.dll No File [ ]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Utilizador\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Utilizador\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Utilizador\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-07] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Utilizador\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Utilizador\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Utilizador\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8DF2F0F0-46DD-4992-A326-328835331F89}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3552909271-904078643-69874527-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://
www.msn.com/pt-pt/?ocid=iehp
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-01-07] (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-05-21] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-07] (AVAST Software)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-05-21] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\Utilizador\AppData\Roaming\Mozilla\Firefox\Profiles\vqy9z2kc.default-1484164021501
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Extension: Adblock Plus - C:\Users\Utilizador\AppData\Roaming\Mozilla\Firefox\Profiles\vqy9z2kc.default-1484164021501\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-01-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-07]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-07] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Ltd)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2016-07-21] (Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-05] (Hi-Rez Studios) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-17] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359856 2015-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [295128 2016-07-21] (Realtek Semiconductor)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 mweshield; "C:\Program Files\My Web Shield\mweshield.exe" [X]
S2 mweshieldup; "C:\Program Files\My Web Shield\mweshieldup.exe" [X]
S2 Voduphtharck; C:\Program Files (x86)\Citocultbukopy\anorikSystem.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-07] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-07] (AVAST Software)
R3 bcbtums; C:\Windows\system32\DRIVERS\bcbtums.sys [186152 2016-09-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7552760 2015-08-15] (Broadcom Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2016-07-21] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2016-07-21] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2016-07-21] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
S3 iscFlash; C:\Windows\TEMP\7zS826D.tmp\iscflashx64.sys [67784 2015-08-12] (Insyde Software)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 mwescontroller; C:\Windows\system32\drivers\mwescontroller.sys [57680 2016-08-31] ()
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R1 ucdrv; C:\Windows\System32\drivers:ucdrv-x64.sys [0 ] (UC Web Inc.) <==== ATTENTION (zero byte File/Folder)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-11 21:44 - 2017-01-11 21:45 - 00014982 _____ C:\Users\Utilizador\Downloads\FRST.txt
2017-01-11 21:44 - 2017-01-11 21:44 - 00000000 ____D C:\FRST
2017-01-11 21:39 - 2017-01-11 21:39 - 02193920 _____ (Farbar) C:\Users\Utilizador\Downloads\FRST64.exe
2017-01-11 18:45 - 2017-01-11 18:45 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-11 18:45 - 2017-01-11 18:45 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-11 18:45 - 2017-01-11 18:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-11 18:35 - 2017-01-11 18:35 - 00001182 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.6.lnk
2017-01-11 18:35 - 2017-01-11 18:35 - 00000000 ____D C:\Users\Utilizador\AppData\Local\Intel
2017-01-11 18:35 - 2017-01-11 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-01-11 18:35 - 2017-01-11 18:35 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2017-01-11 18:34 - 2017-01-11 18:34 - 09927544 _____ (Intel) C:\Users\Utilizador\Downloads\Intel Driver Update Utility Installer.exe
2017-01-11 18:34 - 2017-01-11 18:34 - 00003210 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2017-01-11 18:34 - 2017-01-11 18:34 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2017-01-11 18:34 - 2017-01-11 18:34 - 00000000 ____D C:\ProgramData\Intel
2017-01-11 18:34 - 2017-01-11 18:34 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-01-11 18:34 - 2016-10-18 17:14 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2017-01-11 18:32 - 2017-01-11 18:32 - 00000000 ____D C:\Users\Utilizador\AppData\Local\AMD
2017-01-11 18:25 - 2017-01-11 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-01-11 18:24 - 2017-01-11 18:24 - 00003160 _____ C:\Windows\System32\Tasks\StartCN
2017-01-11 18:24 - 2017-01-11 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-01-11 18:23 - 2017-01-11 18:23 - 00000000 ____D C:\Program Files (x86)\AMD
2017-01-11 18:21 - 2017-01-11 18:21 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-11 18:21 - 2016-09-09 17:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-11 18:21 - 2016-09-09 17:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2017-01-11 18:21 - 2016-09-09 17:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-11 18:21 - 2016-09-09 17:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-11 18:15 - 2017-01-11 18:17 - 00000000 ____D C:\AMD
2017-01-11 18:12 - 2017-01-11 18:13 - 56506240 _____ (AMD Inc.) C:\Users\Utilizador\Downloads\radeon-crimson-relive-16.12.2-minimalsetup-170106_web.exe
2017-01-11 17:47 - 2017-01-11 18:31 - 00000000 ____D C:\Program Files\k1asep9x
2017-01-10 19:42 - 2017-01-11 21:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-08 14:33 - 2017-01-08 14:33 - 00001720 _____ C:\Users\Utilizador\Desktop\League of Legends.lnk
2017-01-07 16:52 - 2017-01-08 20:32 - 00003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1483811508
2017-01-07 16:51 - 2017-01-08 20:32 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-07 16:51 - 2017-01-07 16:51 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-07 16:51 - 2017-01-07 16:51 - 00001059 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-01-07 13:01 - 2017-01-07 13:01 - 00000000 ____D C:\Users\Utilizador\AppData\LocalLow\uTorrent
2017-01-07 12:17 - 2017-01-07 12:17 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-07 12:17 - 2017-01-07 12:17 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\AVAST Software
2017-01-07 12:17 - 2017-01-07 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-01-07 12:16 - 2017-01-07 12:16 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-07 12:16 - 2017-01-07 12:16 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-07 12:16 - 2017-01-07 12:16 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-07 12:16 - 2017-01-07 12:16 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-07 12:16 - 2017-01-07 12:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-07 12:16 - 2017-01-07 12:16 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-07 12:15 - 2017-01-07 16:51 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-07 12:14 - 2017-01-07 16:51 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-07 12:14 - 2017-01-07 12:14 - 06334848 _____ (AVAST Software) C:\Users\Utilizador\Downloads\avast_free_antivirus_setup_online.exe
2017-01-07 12:02 - 2017-01-11 18:26 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Everything
2017-01-07 12:02 - 2017-01-07 12:02 - 01014086 _____ () C:\Users\Utilizador\Downloads\Everything-1.3.4.686.x64.Multilingual-Setup.exe
2017-01-07 12:02 - 2017-01-07 12:02 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-01-07 12:02 - 2017-01-07 12:02 - 00000000 ____D C:\Program Files\Everything
2017-01-07 11:25 - 2017-01-07 11:28 - 00001552 _____ C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2017-01-07 11:25 - 2017-01-07 11:28 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2017-01-07 11:23 - 2017-01-07 11:30 - 00000000 ____D C:\Users\Utilizador\AppData\Local\app
2017-01-07 11:23 - 2017-01-07 11:23 - 00006088 _____ C:\Windows\System32\Tasks\Wgecultprahersh Schedule
2017-01-07 11:23 - 2017-01-07 11:23 - 00004438 _____ C:\Windows\System32\Tasks\SecureUpdater
2017-01-07 11:23 - 2017-01-07 11:23 - 00003432 _____ C:\Windows\System32\Tasks\UCBrowserUpdater
2017-01-07 11:23 - 2017-01-07 11:23 - 00002574 _____ C:\Windows\System32\Tasks\UCBrowserUpdaterCore
2017-01-07 11:23 - 2017-01-07 11:23 - 00000000 ____D C:\Users\Utilizador\AppData\Local\UCBrowser
2017-01-07 11:22 - 2017-01-11 17:45 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Buhuch
2017-01-07 11:22 - 2017-01-07 11:22 - 00000000 ____D C:\Program Files (x86)\Wowertherterhery System
2017-01-07 11:22 - 2016-08-31 16:00 - 00057680 _____ C:\Windows\system32\Drivers\mwescontroller.sys
2017-01-07 11:21 - 2017-01-07 11:21 - 00594944 _____ (The OpenSSL Project,
http://www.openssl.org/) C:\Users\Utilizador\Downloads\libeay32.dll
2017-01-07 11:21 - 2017-01-07 11:21 - 00152576 _____ (The OpenSSL Project,
http://www.openssl.org/) C:\Users\Utilizador\Downloads\ssleay32.dll
2017-01-07 11:21 - 2017-01-07 11:21 - 00000000 ____D C:\Users\Utilizador\AppData\Local\Dbemno
2017-01-07 11:21 - 2017-01-07 11:21 - 00000000 ____D C:\Users\Utilizador\AppData\Local\Clitphthilepy
2017-01-07 11:21 - 2017-01-07 11:21 - 00000000 _____ C:\TOSTACK
2017-01-05 20:20 - 2017-01-05 20:20 - 00033572 _____ C:\Users\Utilizador\Downloads\pirates.of.the.caribbean.tales.of.the.code.wedlocked.(2011).per.1cd.(6826513).zip
2017-01-05 20:19 - 2017-01-05 20:19 - 00004680 _____ C:\Users\Utilizador\Downloads\pirates.of.the.caribbean.tales.of.the.code.wedlocked.(2011).fin.1cd.(5458817).zip
2017-01-05 20:10 - 2017-01-05 21:04 - 343355651 _____ C:\Users\Utilizador\Downloads\Pirates.of.the.Caribbean.Tales.of.the.Code.Wedlocked.720.BDRip.x264-DJF.mkv
2017-01-04 18:53 - 2017-01-04 18:53 - 00000000 _____ C:\Users\Utilizador\Desktop\1.30.00.txt
2016-12-29 20:46 - 2017-01-08 21:38 - 00000000 ____D C:\Users\Utilizador\Downloads\PopcornTime
2016-12-29 20:46 - 2016-12-29 20:46 - 00001205 _____ C:\Users\Public\Desktop\Popcorn Time.lnk
2016-12-29 20:46 - 2016-12-29 20:46 - 00000000 ____D C:\Users\Utilizador\AppData\Local\PopcornTime
2016-12-29 20:46 - 2016-12-29 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2016-12-29 20:45 - 2016-12-29 20:46 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2016-12-29 20:42 - 2016-12-29 20:44 - 56002117 _____ (Popcorn Time ) C:\Users\Utilizador\Downloads\PopcornTime-latest.exe
2016-12-17 11:12 - 2016-12-17 11:16 - 00000000 ____D C:\Users\Utilizador\Desktop\Call of Duty World at War
2016-12-14 15:47 - 2016-12-01 13:13 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-14 15:47 - 2016-12-01 13:13 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-14 15:47 - 2016-12-01 13:11 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-14 15:47 - 2016-12-01 13:11 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-14 15:47 - 2016-10-20 12:14 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-14 15:47 - 2016-10-20 12:10 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-14 15:15 - 2016-11-19 20:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 15:15 - 2016-11-19 20:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 15:15 - 2016-11-19 18:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 15:15 - 2016-11-19 17:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 15:15 - 2016-11-19 16:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 15:15 - 2016-11-19 16:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 15:15 - 2016-11-16 20:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 15:15 - 2016-11-12 20:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-14 15:15 - 2016-11-12 18:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-14 15:15 - 2016-11-12 18:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 15:15 - 2016-11-12 18:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 15:15 - 2016-11-12 18:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 15:15 - 2016-11-12 17:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 15:15 - 2016-11-12 17:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 15:15 - 2016-11-12 17:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-14 15:15 - 2016-11-12 17:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 15:15 - 2016-11-12 17:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 15:15 - 2016-11-12 17:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 15:15 - 2016-11-12 16:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-14 15:15 - 2016-11-12 16:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 15:15 - 2016-11-12 16:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 15:15 - 2016-11-12 16:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 15:15 - 2016-11-12 16:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 15:15 - 2016-11-12 16:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 15:15 - 2016-11-12 16:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 15:15 - 2016-11-12 16:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 15:15 - 2016-11-12 16:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 15:15 - 2016-11-12 16:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 15:15 - 2016-11-12 16:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 15:15 - 2016-11-11 01:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 15:15 - 2016-11-09 16:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 15:15 - 2016-11-05 19:46 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-12-14 15:15 - 2016-11-05 17:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 15:15 - 2016-11-05 16:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 15:15 - 2016-11-05 16:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 15:15 - 2016-11-05 14:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 15:15 - 2016-11-05 14:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 15:15 - 2016-10-28 01:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 15:15 - 2016-10-27 13:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 15:15 - 2016-10-12 20:49 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-12-14 15:15 - 2016-10-12 20:11 - 00922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-12-14 15:15 - 2016-10-11 15:45 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-12-14 15:15 - 2016-10-10 22:31 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-12-14 15:15 - 2016-10-10 17:18 - 00069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 15:15 - 2016-10-10 17:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2016-12-14 15:15 - 2016-10-09 13:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-12-14 15:15 - 2016-10-09 13:08 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-12-14 15:15 - 2016-10-09 13:08 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-12-14 15:15 - 2016-10-08 21:24 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-12-14 15:15 - 2016-10-08 20:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-12-14 15:15 - 2016-10-08 20:10 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-12-14 15:15 - 2016-10-05 13:01 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-12-14 15:15 - 2016-10-05 13:00 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-12-14 15:15 - 2016-10-05 13:00 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-12-14 15:15 - 2016-10-05 12:52 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 15:15 - 2016-10-05 12:52 - 00513456 _____ C:\Windows\system32\locale.nls
2016-12-14 15:15 - 2016-10-05 03:15 - 01969944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 15:15 - 2016-10-05 03:15 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 15:15 - 2016-10-05 03:15 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 15:15 - 2016-10-05 03:15 - 00245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 15:15 - 2016-09-27 19:16 - 00445873 _____ C:\Windows\system32\ApnDatabase.xml
2016-12-14 15:15 - 2016-09-20 21:30 - 02462040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-12 21:13 - 2016-07-21 12:29 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FBBADE27-6363-4E7C-B4D7-DC9419B71518}
2017-01-11 21:43 - 2016-07-31 19:33 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Skype
2017-01-11 21:33 - 2016-07-23 10:16 - 00000000 ____D C:\Users\Utilizador\AppData\Local\ClassicShell
2017-01-11 21:32 - 2016-07-21 09:30 - 01392800 _____ C:\Windows\WindowsUpdate.log
2017-01-11 21:23 - 2016-11-20 11:56 - 00000000 ____D C:\Users\Utilizador\AppData\LocalLow\Mozilla
2017-01-11 21:02 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\sru
2017-01-11 18:49 - 2016-07-21 10:37 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3552909271-904078643-69874527-1001
2017-01-11 18:45 - 2016-11-29 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-11 18:37 - 2016-07-21 09:35 - 01816356 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-11 18:37 - 2013-08-22 22:52 - 00790192 _____ C:\Windows\system32\prfh0816.dat
2017-01-11 18:37 - 2013-08-22 22:52 - 00164248 _____ C:\Windows\system32\prfc0816.dat
2017-01-11 18:34 - 2016-07-21 15:09 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-11 18:34 - 2016-07-21 10:55 - 00000000 ____D C:\Program Files\Intel
2017-01-11 18:31 - 2016-12-04 11:59 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-01-11 18:31 - 2016-08-26 12:52 - 00000000 ____D C:\Users\Utilizador\AppData\Local\LogMeIn Hamachi
2017-01-11 18:31 - 2016-07-21 10:56 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-11 18:30 - 2013-08-22 13:46 - 00024998 _____ C:\Windows\setupact.log
2017-01-11 18:30 - 2013-08-22 13:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-11 18:25 - 2016-07-21 10:40 - 00000000 ____D C:\Program Files\AMD
2017-01-11 17:53 - 2013-08-22 12:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-11 17:45 - 2016-07-21 09:26 - 00114830 _____ C:\Windows\PFRO.log
2017-01-11 16:54 - 2016-08-24 22:32 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 16:54 - 2016-08-24 22:32 - 00000000 ____D C:\Users\Utilizador\AppData\Local\Adobe
2017-01-11 16:54 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 16:54 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-08 11:41 - 2016-07-22 08:55 - 00003182 _____ C:\Windows\System32\Tasks\HPCeeScheduleForUtilizador
2017-01-08 11:41 - 2016-07-22 08:55 - 00000358 _____ C:\Windows\Tasks\HPCeeScheduleForUtilizador.job
2017-01-08 00:26 - 2016-08-30 16:30 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\uTorrent
2017-01-07 11:30 - 2016-11-19 18:01 - 00001054 _____ C:\Users\anton_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-07 11:30 - 2016-07-21 09:31 - 00001054 _____ C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-01-06 20:27 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\AppReadiness
2016-12-31 21:32 - 2016-08-01 16:57 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-31 01:33 - 2016-07-21 09:31 - 00000000 ____D C:\Users\Utilizador
2016-12-30 12:42 - 2016-10-31 22:31 - 00000066 _____ C:\Users\Utilizador\Desktop\Password TP-Link_B554BE.txt
2016-12-28 23:03 - 2016-08-09 11:04 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Audacity
2016-12-27 14:44 - 2016-08-01 17:07 - 00000000 ____D C:\Users\Utilizador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-20 00:03 - 2016-07-31 19:33 - 00000000 ____D C:\ProgramData\Skype
2016-12-20 00:02 - 2016-07-31 19:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-17 11:36 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\rescache
2016-12-16 16:34 - 2013-08-22 14:20 - 00000000 ____D C:\Windows\CbsTemp
2016-12-15 15:51 - 2016-08-18 16:29 - 00000000 ____D C:\Users\Utilizador\AppData\Local\MEGAsync
2016-12-15 13:35 - 2013-08-22 13:44 - 00346720 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 21:49 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\oobe
2016-12-14 15:51 - 2016-07-21 11:21 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 15:49 - 2016-07-21 11:21 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 15:02 - 2016-08-01 17:01 - 00000000 ____D C:\Users\Utilizador\AppData\Local\Steam
2016-12-13 22:17 - 2016-09-14 14:59 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-12-13 22:17 - 2016-09-14 14:59 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
==================== Files in the root of some directories =======
2017-01-07 11:21 - 2017-01-07 11:21 - 0023622 _____ () C:\Users\Utilizador\AppData\Roaming\aliexpress.ico
2017-01-07 11:21 - 2017-01-07 11:21 - 0099678 _____ () C:\Users\Utilizador\AppData\Roaming\booking.ico
Some files in TEMP:
====================
C:\Users\Utilizador\AppData\Local\Temp\6477.tmp.exe
C:\Users\Utilizador\AppData\Local\Temp\Browser_V6.0.1121.13_r_4728_(Build1612191708).exe
C:\Users\Utilizador\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Utilizador\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Utilizador\AppData\Local\Temp\Hola-Setup-x64-1.18.524.exe
C:\Users\Utilizador\AppData\Local\Temp\jpathwatch-nativelib-v-0-94-jpathwatch-native.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-10 23:21
==================== End of FRST.txt ============================