cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por Leonardo (administrador) em LEON (18-03-2016 13:56:21)
Executando a partir de C:\Users\Leonardo\Downloads
Perfis Carregados: Leonardo (Perfis Disponíveis: Leonardo)
Platform: Windows 8.1 Enterprise (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files\Everything\Everything.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Razer, Inc.) C:\Users\Leonardo\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Everything\Everything.exe
() C:\Program Files\Everything\Everything.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\System32\msconfig.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-02] (Raptr, Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe [1599808 2015-08-14] (Razer Inc)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [gmsd_br_021010270] => [X]
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [Spotify Web Helper] => C:\Users\Leonardo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-11] (Spotify Ltd)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3732752 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast\WTFast.exe [5255256 2015-09-14] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [Spotify] => C:\Users\Leonardo\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-11] (Spotify Ltd)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Leonardo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [GoogleChromeAutoLaunch_B6F50E9DA5CED83CE4DFC0FF770C1013] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-07] (Google Inc.)
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe /DEFAULT
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [Pritc] => C:\Users\Leonardo\AppData\Local\Temp\is-22BM7.tmp\print.exe [2955264 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] ()
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\Run: [GoogleChromeAutoLaunch_CBCAC0364BF5942AB767FF290D156B1B] => "C:\Users\Leonardo\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-191031838-553965634-2920950218-1001\...\MountPoints2: {fb4696e5-0acd-11e5-8259-1078d24b731b} - "H:\SETUP.EXE"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
GroupPolicyScripts: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2015-04-08] (Initex)
Winsock: Catalog9-x64 01 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex)
Winsock: Catalog9-x64 02 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex)
Winsock: Catalog9-x64 03 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex)
Winsock: Catalog9-x64 04 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex)
Winsock: Catalog9-x64 15 C:\Windows\system32\WTFastDrv.dll [79464 2015-04-08] (Initex)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{E471BD20-8D74-42D4-B46C-87DB3837E98F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-191031838-553965634-2920950218-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_nwmeddnld_16_11¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyC0DyEyDyC0B0B0CtC0FtN0D0Tzu0StCyDtAzztN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyB0FyBtCzy0F0AtGtC0D0A0DtG0AtB0C0BtGyBtB0F0FtGtDzy0FtBtB0B0Bzz0B0F0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztByD0CyCyD0FyCtG0ByC0A0BtGyEyEtA0BtGzz0BtCyEtGyE0DyEyD0CyEtA0C0C0A0DyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1177699849%26a%3Djmb_nwmeddnld_16_11%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
SearchScopes: HKU\S-1-5-21-191031838-553965634-2920950218-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=itm&hsimp=yhs-001&type=jmb_nwmeddnld_16_11¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyC0DyEyDyC0B0B0CtC0FtN0D0Tzu0StCyDtAzztN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyB0FyBtCzy0F0AtGtC0D0A0DtG0AtB0C0BtGyBtB0F0FtGtDzy0FtBtB0B0Bzz0B0F0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztByD0CyCyD0FyCtG0ByC0A0BtGyEyEtA0BtGzz0BtCyEtGyE0DyEyD0CyEtA0C0C0A0DyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1177699849%26a%3Djmb_nwmeddnld_16_11%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-191031838-553965634-2920950218-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=itm&hsimp=yhs-001&type=jmb_nwmeddnld_16_11¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyC0DyEyDyC0B0B0CtC0FtN0D0Tzu0StCyDtAzztN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyB0FyBtCzy0F0AtGtC0D0A0DtG0AtB0C0BtGyBtB0F0FtGtDzy0FtBtB0B0Bzz0B0F0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztByD0CyCyD0FyCtG0ByC0A0BtGyEyEtA0BtGzz0BtCyEtGyE0DyEyD0CyEtA0C0C0A0DyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1177699849%26a%3Djmb_nwmeddnld_16_11%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise&p={searchTerms}
SearchScopes: HKU\S-1-5-21-191031838-553965634-2920950218-1001 -> {18E76396-43FE-4230-9E81-9BD708614CB5} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-191031838-553965634-2920950218-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EBCF8882-4080-4D61-99B5-A7BAFF517E00}&mid=304a3dd90e5a47cda1d1c13194af9ae8-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-09-09 14:53:43&v=4.2.1.951&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Nenhum Arquivo
BHO: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-13] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF SelectedSearchEngine: Search Provided by Yahoo
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_nwmeddnld_16_11¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyC0DyEyDyC0B0B0CtC0FtN0D0Tzu0StCyDtAzztN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCyB0FyBtCzy0F0AtGtC0D0A0DtG0AtB0C0BtGyBtB0F0FtGtDzy0FtBtB0B0Bzz0B0F0CtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztByD0CyCyD0FyCtG0ByC0A0BtGyEyEtA0BtGzz0BtCyEtGyE0DyEyD0CyEtA0C0C0A0DyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D1177699849%26a%3Djmb_nwmeddnld_16_11%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BEnterprise
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-191031838-553965634-2920950218-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leonardo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\ifnaj6iw.default\searchplugins\Search Provided by Yahoo.xml [2016-03-18]
FF SearchPlugin: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\ifnaj6iw.default\searchplugins\yahoo-ysp.xml [2016-01-19]
FF SearchPlugin: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-03-17]
FF SearchPlugin: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Search Provided by Yahoo.xml [2016-03-18]
FF SearchPlugin: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\yahoo-ysp.xml [2016-01-19]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-12-16]
FF Extension: GsearchFinder - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-14]
FF Extension: New Tab by Yahoo - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-23] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => não encontrado (a)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-29]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-11]
CHR Extension: (Google Docs) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-29]
CHR Extension: (Google Drive) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Steam inventory helper) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2016-03-16]
CHR Extension: (Google Search) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Planilhas do Google) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-29]
CHR Extension: (AdBlock) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-17]
CHR Extension: (Google Play Music) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-12-18]
CHR Extension: (Yulia Brodskaya) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2015-04-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Click&Clean App) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-03-07]
CHR Extension: (Gmail) - C:\Users\Leonardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-29]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKU\S-1-5-21-191031838-553965634-2920950218-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] ()
S2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [774144 2016-03-17] () [Arquivo não assinado]
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-25] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-25] (Dropbox, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-26] (Disc Soft Ltd)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] () [Arquivo não assinado]
S2 gerocyni; C:\Program Files (x86)\03000200-1458263168-0500-0006-000700080009\jnsaE9AE.tmp [302080 2016-03-17] () [Arquivo não assinado]
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1592888 2016-03-15] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Arquivo não assinado]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-12-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-12-05] ()
S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [Arquivo não assinado]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [306736 2016-03-15] ()
S2 wucotusy; C:\Program Files (x86)\03000200-1458263168-0500-0006-000700080009\hnso64.tmp [416256 2016-03-17] () [Arquivo não assinado]
S2 xefyrycuzbt; C:\Program Files (x86)\03000200-1458263168-0500-0006-000700080009\knsgD19C.tmpfs [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-21] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-21] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-21] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-06-04] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-17] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S2 VBoxAswDrv; não ImagePath
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-18 13:56 - 2016-03-18 13:56 - 00028068 _____ C:\Users\Leonardo\Downloads\FRST.txt
2016-03-18 13:56 - 2016-03-18 13:56 - 00000000 ____D C:\FRST
2016-03-18 13:55 - 2016-03-18 13:55 - 02374144 _____ (Farbar) C:\Users\Leonardo\Downloads\FRST64.exe
2016-03-18 13:19 - 2016-03-18 13:19 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-03-18 13:18 - 2016-03-18 13:29 - 00000000 ____D C:\Users\Leonardo\AppData\Local\Gameo
2016-03-18 13:18 - 2016-03-18 13:19 - 00000000 ___HD C:\Users\Leonardo\AppData\Roaming\GoldenGate
2016-03-18 13:18 - 2016-03-18 13:18 - 00002688 _____ C:\Windows\System32\Tasks\UpdateTask
2016-03-18 13:18 - 2016-03-18 13:18 - 00000354 _____ C:\Windows\Tasks\UpdateTask.job
2016-03-18 13:18 - 2016-03-18 13:18 - 00000176 _____ C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2016-03-18 13:17 - 2016-03-18 13:18 - 00002493 _____ C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-03-18 13:17 - 2016-03-18 13:18 - 00000000 ____D C:\Users\Leonardo\AppData\Local\{08CB3E97-2C63-522F-41FB-77C765938B5F}
2016-03-18 00:27 - 2016-03-18 00:27 - 00001680 _____ C:\Users\Leonardo\Desktop\Photoshop - Atalho.lnk
2016-03-18 00:03 - 2016-03-18 00:03 - 00002617 _____ C:\Users\Leonardo\Desktop\TWD 5 TEMP.lnk
2016-03-18 00:02 - 2016-03-18 00:02 - 00000456 _____ C:\Users\Leonardo\Desktop\Meu computador.lnk
2016-03-17 23:05 - 2016-03-18 13:53 - 00000000 ____D C:\Users\Leonardo\.rainlendar2
2016-03-17 23:05 - 2016-03-17 23:05 - 00001949 _____ C:\Users\Public\Desktop\Rainlendar2.lnk
2016-03-17 23:05 - 2016-03-17 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2016-03-17 23:05 - 2016-03-17 23:05 - 00000000 ____D C:\Program Files (x86)\Rainlendar2
2016-03-17 22:56 - 2016-03-17 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-17 22:56 - 2016-03-17 22:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-03-17 22:56 - 2016-03-17 22:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-03-17 22:55 - 2016-03-17 22:55 - 00000000 ____D C:\Windows\PCHEALTH
2016-03-17 22:54 - 2016-03-17 22:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-17 22:54 - 2016-03-17 22:54 - 00000000 __RHD C:\MSOCache
2016-03-17 22:54 - 2016-03-17 22:54 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-17 22:54 - 2016-03-17 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-03-17 22:21 - 2016-03-17 22:21 - 00848437 _____ C:\Users\Leonardo\AppData\Roaming\Toplight.bin
2016-03-17 22:21 - 2016-03-17 22:21 - 00126464 _____ C:\Users\Leonardo\AppData\Roaming\lobby.dat
2016-03-17 22:21 - 2016-03-17 22:21 - 00072707 _____ C:\Users\Leonardo\AppData\Roaming\Ranplus.tst
2016-03-17 22:21 - 2016-03-17 22:21 - 00054272 _____ C:\Users\Leonardo\AppData\Roaming\ApplicationHosting.dat
2016-03-17 22:21 - 2016-03-17 22:21 - 00023046 _____ C:\Windows\System32\Tasks\{0E780A47-0F08-7D0B-0C11-057D0B08110A}
2016-03-17 22:21 - 2016-03-17 22:21 - 00002880 _____ C:\Users\Leonardo\AppData\Roaming\md.xml
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\Users\Todos os Usuários\fc20a959-7691-0
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\Users\Todos os Usuários\fc20a959-7203-1
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\Users\Todos os Usuários\CloudPrinter
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\ProgramData\fc20a959-7691-0
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\ProgramData\fc20a959-7203-1
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-03-17 22:21 - 2016-03-17 22:21 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker
2016-03-17 22:21 - 2016-03-17 22:18 - 00774144 _____ C:\Users\Leonardo\AppData\Roaming\SpanLight.exe
2016-03-17 22:21 - 2016-03-17 22:18 - 00774144 _____ C:\Users\Leonardo\AppData\Roaming\Ranplus.exe
2016-03-17 22:20 - 2016-03-17 22:21 - 00016992 _____ C:\Users\Leonardo\AppData\Roaming\InstallationConfiguration.xml
2016-03-17 22:20 - 2016-03-17 22:20 - 00127488 _____ C:\Users\Leonardo\AppData\Roaming\Installer.dat
2016-03-17 22:20 - 2016-03-17 22:20 - 00000000 ____D C:\Users\Leonardo\AppData\Local\Geckofx
2016-03-17 22:09 - 2016-03-18 00:11 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Enigma Software Group
2016-03-17 22:09 - 2016-03-17 22:09 - 00000000 _____ C:\autoexec.bat
2016-03-17 22:08 - 2016-03-17 22:08 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-17 22:07 - 2016-03-17 22:07 - 00000000 ____D C:\Users\Leonardo\AppData\Local\03000200-1458252450-0500-0006-000700080009
2016-03-17 22:06 - 2016-03-17 22:06 - 00000000 ____D C:\Program Files (x86)\03000200-1458263168-0500-0006-000700080009
2016-03-17 22:06 - 2016-03-17 22:05 - 00000967 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-03-17 22:03 - 2016-03-17 22:57 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-17 22:03 - 2016-03-17 22:03 - 00000000 ____D C:\Users\Leonardo\AppData\Local\Microsoft Help
2016-03-17 22:02 - 2016-03-17 22:02 - 00002912 _____ C:\Windows\System32\Tasks\osTip
2016-03-17 22:01 - 2016-03-17 22:17 - 00000000 ____D C:\Users\Leonardo\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-17 22:01 - 2016-03-17 22:17 - 00000000 ____D C:\Program Files\5a09fbdb3b092a6115fe725684983de4
2016-03-17 22:01 - 2016-03-17 22:16 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-03-17 22:01 - 2016-03-17 22:01 - 02832134 _____ C:\Windows\chromebrowser.exe
2016-03-17 22:01 - 2016-03-17 22:01 - 00015070 _____ C:\Windows\System32\Tasks\WinTaske
2016-03-17 22:01 - 2016-03-17 22:01 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-17 22:01 - 2016-03-17 22:01 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-03-17 22:01 - 2016-03-17 22:01 - 00000000 ____D C:\Program Files (x86)\Winsere
2016-03-17 22:00 - 2016-03-17 22:00 - 00000000 ____D C:\Windows\LastGood
2016-03-17 22:00 - 2016-03-17 22:00 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-03-17 22:00 - 2016-03-17 22:00 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-03-17 20:12 - 2016-03-18 00:45 - 00000000 ___RD C:\Users\Leonardo\Desktop\TRABALHOS
2016-03-17 20:04 - 2016-03-17 20:04 - 00006532 _____ C:\Users\Leonardo\Desktop\trabalhoport_.zip
2016-03-16 14:37 - 2016-03-16 15:05 - 585453971 ____R C:\Users\Leonardo\Downloads\[AVeRAnTeD]MOHAA.Full-RiP.7z
2016-03-14 15:57 - 2016-03-14 16:20 - 00000000 ____D C:\Users\Leonardo\Downloads\The Walking Dead 5ª Temporada Completa Dual Áudio - The Pirate Filmes
2016-03-14 15:41 - 2016-03-14 15:41 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\ots
2016-03-12 11:43 - 2016-03-08 04:00 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-12 11:43 - 2016-03-08 04:00 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-09 12:51 - 2016-01-06 15:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 12:51 - 2015-12-30 18:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 12:50 - 2016-02-20 12:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 12:50 - 2016-02-20 12:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 12:50 - 2016-02-20 12:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 12:50 - 2016-02-20 12:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 12:50 - 2016-02-20 12:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 12:50 - 2016-02-20 12:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 12:50 - 2016-02-08 18:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 12:50 - 2016-02-08 17:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 12:50 - 2016-02-08 17:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 12:50 - 2016-02-08 17:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 12:50 - 2016-02-08 17:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 12:50 - 2016-02-08 17:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 12:50 - 2016-02-08 17:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 12:50 - 2016-02-08 17:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 12:50 - 2016-02-08 17:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 12:50 - 2016-02-08 17:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 12:50 - 2016-02-08 17:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 12:50 - 2016-02-08 17:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 12:50 - 2016-02-08 16:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 12:50 - 2016-02-08 16:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 12:50 - 2016-02-08 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 12:50 - 2016-02-08 15:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 12:50 - 2016-02-08 15:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 12:50 - 2016-02-08 15:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 12:50 - 2016-02-08 15:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 12:50 - 2016-02-08 15:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 12:50 - 2016-02-08 14:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 12:50 - 2016-02-08 14:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 12:50 - 2016-02-08 14:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 12:50 - 2016-02-08 14:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 12:50 - 2016-02-08 14:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 12:50 - 2016-02-08 14:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 12:50 - 2016-02-08 14:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 12:50 - 2016-02-08 14:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 12:50 - 2016-02-08 14:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 12:50 - 2016-02-08 13:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 12:50 - 2016-02-05 16:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 12:50 - 2016-02-05 11:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 12:50 - 2016-01-24 15:19 - 00419160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 12:50 - 2016-01-24 15:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 12:50 - 2016-01-24 15:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 12:50 - 2016-01-24 08:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 12:50 - 2016-01-24 08:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 12:50 - 2016-01-08 22:38 - 00091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 12:49 - 2016-02-12 16:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 12:49 - 2016-02-12 12:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 12:49 - 2016-02-12 11:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 12:49 - 2016-02-12 11:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 12:49 - 2016-02-12 11:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 12:49 - 2016-02-12 11:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 12:49 - 2016-02-12 11:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 12:49 - 2016-02-12 11:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 12:49 - 2016-02-12 11:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 12:49 - 2016-02-12 11:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 12:49 - 2016-02-12 11:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 12:49 - 2016-02-12 11:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 12:49 - 2016-02-11 11:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 12:49 - 2016-02-11 11:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 12:49 - 2016-02-11 11:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 12:49 - 2016-02-11 11:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 12:49 - 2016-02-06 15:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 12:49 - 2016-02-06 13:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 12:49 - 2016-02-06 13:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 12:49 - 2016-02-05 16:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 12:49 - 2016-02-05 16:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 12:49 - 2016-02-05 12:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 12:49 - 2016-02-05 12:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 12:49 - 2016-02-05 11:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 12:49 - 2016-02-05 11:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 12:49 - 2016-02-05 11:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 12:49 - 2016-02-04 15:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 12:49 - 2016-02-04 15:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 12:49 - 2016-02-04 15:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 12:49 - 2016-02-04 14:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 12:49 - 2016-02-04 14:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 12:49 - 2016-02-04 14:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 12:49 - 2016-02-04 14:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 12:49 - 2016-02-03 17:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 12:49 - 2016-02-03 17:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 12:49 - 2016-02-03 12:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 12:49 - 2016-02-03 12:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 12:49 - 2016-02-03 12:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 12:49 - 2016-01-31 16:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 12:49 - 2016-01-31 15:08 - 00111104 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2016-03-09 12:49 - 2016-01-15 13:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 12:49 - 2016-01-10 13:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 12:49 - 2016-01-10 13:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 12:49 - 2016-01-08 22:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 12:49 - 2016-01-08 22:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 12:49 - 2016-01-06 20:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 12:49 - 2016-01-06 20:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 12:49 - 2016-01-06 13:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 12:49 - 2016-01-05 12:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 12:49 - 2015-12-30 17:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 12:49 - 2015-12-20 11:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 12:49 - 2015-12-20 11:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 12:49 - 2015-12-20 11:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 12:49 - 2015-11-19 11:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 12:49 - 2015-11-19 11:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 12:48 - 2016-01-15 13:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 12:46 - 2016-03-09 12:46 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 12:46 - 2016-03-09 12:46 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 12:46 - 2016-03-09 12:46 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 23:39 - 2016-03-08 23:39 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-04 13:33 - 2016-03-04 13:34 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\steam.transformice.com
2016-03-04 13:33 - 2016-03-04 13:33 - 00000222 _____ C:\Users\Leonardo\Desktop\Transformice.url
2016-02-29 15:18 - 2016-02-29 15:18 - 00000000 ____D C:\AeriaGames
2016-02-23 19:34 - 2016-02-23 19:34 - 00000222 _____ C:\Users\Leonardo\Desktop\Trove.url
2016-02-22 18:17 - 2016-02-22 18:17 - 00000222 _____ C:\Users\Leonardo\Desktop\Unturned.url
2016-02-22 16:50 - 2016-02-22 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-18 13:25 - 2016-02-18 13:25 - 00000222 _____ C:\Users\Leonardo\Desktop\H1Z1 King of the Kill.url
2016-02-13 17:22 - 2016-02-23 20:36 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Trove
2016-02-13 16:15 - 2016-02-13 16:14 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-11 21:30 - 2016-02-11 21:30 - 00003222 _____ C:\Windows\System32\Tasks\{D4D5D6D8-AB6A-47BC-BF65-A8E236DC6A52}
2016-02-09 23:36 - 2016-03-11 14:36 - 11035328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-09 19:07 - 2016-01-10 16:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 19:07 - 2016-01-10 15:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 19:07 - 2016-01-10 15:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 19:07 - 2016-01-10 15:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 19:07 - 2016-01-10 14:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-09 19:07 - 2016-01-10 14:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-09 19:07 - 2016-01-10 14:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 19:07 - 2016-01-10 14:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 19:07 - 2016-01-10 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-09 19:07 - 2016-01-10 14:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 19:07 - 2016-01-10 14:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 19:07 - 2016-01-10 14:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-09 19:07 - 2016-01-10 13:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 19:07 - 2016-01-10 13:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-02-09 19:07 - 2016-01-10 13:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-09 19:07 - 2016-01-10 13:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-09 19:07 - 2016-01-10 13:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-09 19:06 - 2016-01-22 05:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 19:06 - 2016-01-22 04:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 19:06 - 2016-01-22 02:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-09 19:06 - 2016-01-22 02:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-09 19:06 - 2016-01-22 02:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 19:06 - 2016-01-22 01:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-09 19:06 - 2016-01-19 16:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 19:06 - 2016-01-19 16:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-09 19:06 - 2016-01-19 16:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-09 19:06 - 2016-01-19 16:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 19:06 - 2016-01-19 16:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 19:06 - 2016-01-19 15:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-09 19:06 - 2016-01-19 15:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 19:06 - 2016-01-19 15:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-09 19:06 - 2016-01-19 15:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-09 19:06 - 2016-01-19 14:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 19:06 - 2016-01-19 13:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-09 19:06 - 2016-01-06 15:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 19:06 - 2015-12-28 18:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-09 19:06 - 2015-12-28 17:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-09 19:04 - 2016-02-09 19:04 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-09 19:04 - 2016-02-09 19:04 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 19:04 - 2015-12-17 15:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 19:04 - 2015-12-17 13:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-08 14:28 - 2016-02-08 14:28 - 00000000 ____D C:\Windows\pss
2016-02-07 16:50 - 2016-02-07 16:50 - 00000000 ____D C:\Crash
2016-02-03 16:36 - 2016-02-03 16:36 - 00000000 ____D C:\Users\Leonardo\Documents\Criterion Games
2016-02-02 21:30 - 2016-02-02 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5
2016-02-02 21:30 - 2016-02-02 21:30 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2016-02-02 21:29 - 2016-02-02 21:29 - 10842040 _____ (Cheat Engine ) C:\Users\Leonardo\Downloads\CheatEngine65.exe
2016-02-02 19:18 - 2016-03-18 13:23 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-02 19:18 - 2016-03-18 13:14 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-02 16:54 - 2016-02-02 16:54 - 00001227 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2016-02-02 16:54 - 2016-02-02 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2016-02-02 16:54 - 2016-02-02 16:54 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2016-02-01 17:37 - 2016-02-18 14:04 - 00000000 ____D C:\Users\Leonardo\Documents\American Truck Simulator
2016-02-01 17:36 - 2016-02-01 17:36 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\American Truck Simulator.lnk
2016-02-01 17:34 - 2016-02-01 17:36 - 00000000 ____D C:\Program Files (x86)\American Truck Simulator
2016-01-30 20:15 - 2016-01-30 20:15 - 00000000 ____D C:\Users\Leonardo\Documents\PCSX2
2016-01-22 19:46 - 2016-01-22 19:46 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-01-22 19:46 - 2016-01-22 19:46 - 00000973 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-01-19 16:01 - 2016-01-19 16:01 - 00000000 ____D C:\Users\Leonardo\AppData\Local\YSearchUtil
2016-01-18 21:59 - 2016-01-18 21:59 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-01-18 21:59 - 2016-01-18 21:59 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-18 17:02 - 2016-02-01 15:07 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\.minecraft
2016-01-18 17:02 - 2016-01-18 17:02 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\java
2016-01-18 16:58 - 2016-02-13 16:15 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-01-18 16:58 - 2016-02-13 16:15 - 00000000 ____D C:\Users\Leonardo\.oracle_jre_usage
2016-01-18 16:58 - 2016-02-13 16:15 - 00000000 ____D C:\ProgramData\Oracle
2016-01-18 16:58 - 2016-02-13 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-18 16:58 - 2016-02-13 16:15 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-18 16:58 - 2016-01-18 16:58 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Sun
2016-01-18 16:58 - 2016-01-18 16:58 - 00000000 ____D C:\Users\Leonardo\AppData\LocalLow\Sun
2016-01-18 16:54 - 2016-01-18 16:54 - 00000000 ____D C:\Users\Leonardo\AppData\LocalLow\Oracle
2016-01-18 16:51 - 2016-01-18 16:52 - 00675988 _____ C:\Users\Leonardo\Desktop\Minecraft.exe
2016-01-17 16:55 - 2016-01-17 16:55 - 00000000 ____D C:\Users\Leonardo\AppData\LocalLow\Steel Crate Games
2016-01-15 01:47 - 2016-01-15 01:53 - 00001021 _____ C:\Users\Leonardo\Desktop\ANIMES.txt
2016-01-13 15:30 - 2016-01-13 15:30 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 15:20 - 2015-12-05 02:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 01798480 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-12 15:20 - 2015-12-05 02:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-12 15:20 - 2015-12-05 02:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-12 15:20 - 2015-12-03 15:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-12 15:20 - 2015-12-03 15:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-12 15:20 - 2015-12-03 15:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-12 15:20 - 2015-12-03 15:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 15:20 - 2015-12-03 15:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-12 15:20 - 2015-12-03 14:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-12 15:20 - 2015-12-03 14:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-12 15:20 - 2015-12-03 14:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 15:20 - 2015-12-03 14:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-12 15:20 - 2015-12-03 14:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-12 15:20 - 2015-12-03 14:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-12 15:20 - 2015-12-03 14:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-12 15:20 - 2015-12-03 14:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-12 15:20 - 2015-12-03 13:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 15:20 - 2015-12-03 13:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-12 15:20 - 2015-12-02 12:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-12 15:20 - 2015-12-02 12:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-12 15:19 - 2015-12-07 07:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-12 15:19 - 2015-12-04 12:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-12 15:19 - 2015-12-03 16:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-12 15:19 - 2015-12-03 16:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-12 15:19 - 2015-12-03 16:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-12 15:19 - 2015-12-03 15:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-12 15:19 - 2015-12-03 15:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-12 15:19 - 2015-12-03 15:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-12 15:19 - 2015-12-03 14:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-12 15:19 - 2015-12-03 14:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-12 15:19 - 2015-12-03 14:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-12 15:19 - 2015-12-03 13:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-12 15:19 - 2015-11-17 18:07 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-12 15:18 - 2015-12-08 16:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-12 15:18 - 2015-12-08 16:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-11 23:39 - 2016-03-15 17:34 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-11 23:39 - 2016-01-11 23:39 - 00000222 _____ C:\Users\Leonardo\Desktop\EasyAntiCheat eSports.url
2016-01-10 00:17 - 2016-01-10 00:17 - 00000000 ____D C:\Users\Leonardo\AppData\LocalLow\Lazy Bear Games
2016-01-09 22:46 - 2015-12-14 19:24 - 00130880 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-01-09 22:46 - 2015-09-22 17:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-01-09 12:10 - 2016-01-09 12:11 - 00000000 ____D C:\Users\Leonardo\Desktop\IGG-PunchClubDeluxeEdition
2016-01-07 16:40 - 2015-02-04 17:56 - 00000000 ____D C:\Users\Leonardo\Desktop\Dying Light+30Tr-LNG_v1.3.0
2016-01-07 14:36 - 2016-01-07 14:36 - 00000000 ____D C:\Users\Leonardo\Documents\DyingLight
2016-01-04 18:27 - 2016-01-04 18:30 - 00000000 ____D C:\Users\Leonardo\Desktop\Tardsplaya
2016-01-04 17:10 - 2016-01-04 17:10 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-01-04 17:10 - 2016-01-04 17:10 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2016-01-04 17:10 - 2016-01-04 17:10 - 00000000 ____D C:\Program Files\KMSpico
2016-01-04 17:10 - 2014-03-03 04:58 - 02921448 _____ ( ) C:\Users\Leonardo\Desktop\KMSpico_setup.exe
2016-01-03 02:25 - 2016-01-03 02:25 - 00000070 _____ C:\Users\Leonardo\Desktop\ROCKET LEAGUE ERRO.txt
2016-01-02 00:45 - 2016-01-02 00:45 - 04117346 _____ C:\Users\Leonardo\Downloads\motioninjoy-0-7-1001-en-win.zip
2016-01-02 00:45 - 2016-01-02 00:45 - 00000941 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2016-01-02 00:45 - 2016-01-02 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2016-01-02 00:45 - 2016-01-02 00:45 - 00000000 ____D C:\Program Files\MotioninJoy
2016-01-02 00:45 - 2012-05-12 11:31 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys
2016-01-02 00:45 - 2011-12-07 18:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-01-02 00:45 - 2011-12-07 18:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll
2016-01-02 00:45 - 2011-12-07 18:42 - 00074960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xusb21.sys
2016-01-02 00:42 - 2016-01-02 00:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-02 00:42 - 2016-01-02 00:42 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-01-02 00:35 - 2016-01-21 20:10 - 00000000 ____D C:\Users\Leonardo\Desktop\JOGOS
2016-01-02 00:35 - 2016-01-02 00:38 - 00000000 ____D C:\Users\Leonardo\Desktop\IMAGENS
2016-01-02 00:32 - 2016-01-02 00:32 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\MotioninJoy
2016-01-01 21:18 - 2016-01-01 21:18 - 00000222 _____ C:\Users\Leonardo\Desktop\Rocket League.url
2015-12-26 01:38 - 2015-12-26 01:38 - 01238949 _____ C:\Users\Leonardo\Downloads\freedom-v1-0-8a.apk
2015-12-21 04:55 - 2015-12-21 04:55 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
2015-12-19 01:31 - 2016-03-18 13:36 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-19 01:31 - 2016-03-11 14:36 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-18 13:53 - 2015-06-06 17:30 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Everything
2016-03-18 13:52 - 2015-05-07 21:12 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\TS3Client
2016-03-18 13:49 - 2015-04-29 17:00 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\uTorrent
2016-03-18 13:48 - 2015-06-25 23:37 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-18 13:28 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-18 13:24 - 2015-04-29 16:43 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-191031838-553965634-2920950218-1001
2016-03-18 13:19 - 2015-04-29 16:46 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DBEAA912-2070-40E5-BAAE-9C58481F994D}
2016-03-18 13:17 - 2015-04-29 16:45 - 00000000 __RDO C:\Users\Leonardo\OneDrive
2016-03-18 13:14 - 2015-06-25 23:37 - 00001030 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-18 13:14 - 2015-04-29 17:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-18 00:27 - 2015-06-25 23:41 - 00000000 ___RD C:\Users\Leonardo\Dropbox
2016-03-17 23:05 - 2015-04-29 16:35 - 00000000 ____D C:\Users\Leonardo
2016-03-17 22:56 - 2015-05-25 22:37 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-17 22:56 - 2014-03-18 07:03 - 00000000 ____D C:\Windows\ShellNew
2016-03-17 22:55 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-17 22:54 - 2013-08-22 10:25 - 00000167 _____ C:\Windows\win.ini
2016-03-17 22:38 - 2015-05-11 17:58 - 00000404 _____ C:\Windows\Tasks\update-sys.job
2016-03-17 22:27 - 2014-03-18 07:32 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-17 22:27 - 2014-03-18 06:45 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2016-03-17 22:27 - 2014-03-18 06:45 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2016-03-17 22:27 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-03-17 22:16 - 2015-07-21 21:54 - 00001891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-17 22:16 - 2015-07-21 21:54 - 00001879 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-17 22:16 - 2015-04-29 16:51 - 00002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-17 22:16 - 2015-04-29 16:51 - 00002076 _____ C:\Users\Public\Desktop\Internet Explorer.lnk
2016-03-17 21:08 - 2015-05-11 17:58 - 00000404 _____ C:\Windows\Tasks\update-S-1-5-21-191031838-553965634-2920950218-1001.job
2016-03-17 16:03 - 2015-05-24 15:50 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\vlc
2016-03-15 13:35 - 2015-06-04 00:39 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-03-15 13:35 - 2015-06-04 00:39 - 00000000 ____D C:\ProgramData\ProductData
2016-03-14 18:08 - 2015-06-25 23:36 - 00000000 ____D C:\Users\Leonardo\AppData\Local\Dropbox
2016-03-14 15:56 - 2015-06-13 13:31 - 02094080 _____ (BitTorrent Inc.) C:\Users\Leonardo\Desktop\uTorrent.exe
2016-03-13 18:58 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-12 11:43 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-12 00:29 - 2015-04-29 20:53 - 00000000 ____D C:\Users\Leonardo\AppData\Local\Spotify
2016-03-12 00:27 - 2015-04-29 20:41 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Spotify
2016-03-10 15:56 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-03-10 12:39 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-10 12:39 - 2013-08-22 11:44 - 00355216 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 22:39 - 2015-05-25 00:01 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 14:19 - 2015-05-24 22:24 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 14:17 - 2015-05-24 22:24 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-25 23:33 - 2015-04-29 18:32 - 00000000 ____D C:\Users\Leonardo\AppData\Roaming\Skype
2016-02-22 16:50 - 2015-06-25 23:36 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-18 22:25 - 2015-12-10 18:42 - 00000054 _____ C:\Users\Leonardo\Documents\CTAO2.txt
2016-02-17 14:03 - 2015-04-29 17:26 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-02-17 14:03 - 2015-04-29 17:26 - 00000000 ____D C:\ProgramData\Package Cache

==================== Arquivos na raiz de alguns diretórios =======

2016-03-17 22:21 - 2016-03-17 22:21 - 0054272 _____ () C:\Users\Leonardo\AppData\Roaming\ApplicationHosting.dat
2016-03-17 22:20 - 2016-03-17 22:21 - 0016992 _____ () C:\Users\Leonardo\AppData\Roaming\InstallationConfiguration.xml
2016-03-17 22:20 - 2016-03-17 22:20 - 0127488 _____ () C:\Users\Leonardo\AppData\Roaming\Installer.dat
2016-03-17 22:21 - 2016-03-17 22:21 - 0126464 _____ () C:\Users\Leonardo\AppData\Roaming\lobby.dat
2016-03-17 22:21 - 2016-03-17 22:21 - 0002880 _____ () C:\Users\Leonardo\AppData\Roaming\md.xml
2015-10-16 22:11 - 2015-10-16 22:11 - 0000132 _____ () C:\Users\Leonardo\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2016-03-17 22:21 - 2016-03-17 22:18 - 0774144 _____ () C:\Users\Leonardo\AppData\Roaming\Ranplus.exe
2016-03-17 22:21 - 2016-03-17 22:21 - 0072707 _____ () C:\Users\Leonardo\AppData\Roaming\Ranplus.tst
2016-03-17 22:21 - 2016-03-17 22:18 - 0774144 _____ () C:\Users\Leonardo\AppData\Roaming\SpanLight.exe
2016-03-17 22:21 - 2016-03-17 22:21 - 0848437 _____ () C:\Users\Leonardo\AppData\Roaming\Toplight.bin
2015-07-25 13:32 - 2015-07-25 13:32 - 0000000 ___SH () C:\Users\Leonardo\AppData\Local\LumaEmu
2015-05-11 17:58 - 2015-05-11 17:58 - 0000003 _____ () C:\Users\Leonardo\AppData\Local\updater.log
2015-05-11 17:58 - 2015-10-01 21:41 - 0000424 _____ () C:\Users\Leonardo\AppData\Local\UserProducts.xml
2015-04-29 17:32 - 2015-04-29 17:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Arquivos para serem movidos ou deletados:
====================
C:\Users\Leonardo\AppData\Local\Temp\is-22BM7.tmp\print.exe


Alguns arquivos em TEMP:
====================
C:\Users\Leonardo\AppData\Local\Temp\0KrakenDevProps.dll
C:\Users\Leonardo\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Leonardo\AppData\Local\Temp\avg-97966e26-8b21-4062-9b2c-373fcc685155.exe
C:\Users\Leonardo\AppData\Local\Temp\Bass.dll
C:\Users\Leonardo\AppData\Local\Temp\Bass.Net.dll
C:\Users\Leonardo\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Leonardo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpia5dll.dll
C:\Users\Leonardo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjrm0uz.dll
C:\Users\Leonardo\AppData\Local\Temp\dxdiag.exe
C:\Users\Leonardo\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Leonardo\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Leonardo\AppData\Local\Temp\MediaPlayer__3137_il379812.exe
C:\Users\Leonardo\AppData\Local\Temp\mesox.exe
C:\Users\Leonardo\AppData\Local\Temp\msconfig.exe
C:\Users\Leonardo\AppData\Local\Temp\ose00000.exe
C:\Users\Leonardo\AppData\Local\Temp\ose00001.exe
C:\Users\Leonardo\AppData\Local\Temp\raptrpatch.exe
C:\Users\Leonardo\AppData\Local\Temp\raptr_stub.exe
C:\Users\Leonardo\AppData\Local\Temp\set.exe
C:\Users\Leonardo\AppData\Local\Temp\setup.tmp.exe
C:\Users\Leonardo\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Leonardo\AppData\Local\Temp\tmp6D3C.exe
C:\Users\Leonardo\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Leonardo\AppData\Local\Temp\utils.dll
C:\Users\Leonardo\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-03-07 15:59

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité