Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:24-02-2016 Executado por Gerson-PC (administrador) em GERSON-PC (25-02-2016 23:42:40) Executando a partir de C:\Users\Gerson-PC\Desktop Perfis Carregados: Gerson-PC (Perfis Disponíveis: Gerson-PC) Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Edge) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe (© 2015 Microsoft Corporation) C:\Users\Gerson-PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\ProgramData\WindowsMsg\osmsg.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46051.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-09-03] (Realtek Semiconductor) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2015-11-02] (Pixart Imaging Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.) HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [BingSvc] => C:\Users\Gerson-PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-25] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd) HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-09] () HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\RunOnce: [Uninstall C:\Users\Gerson-PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerson-PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 5520 series (Rede).lnk [2016-01-09] ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 5520 series (Rede).lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\..\Interfaces\{e1dae992-a85d-459a-afe0-ae112f3ce8c7}: [DhcpNameServer] 187.64.0.34 187.64.0.122 187.64.0.112 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro HKU\S-1-5-21-3545598357-960246443-762122577-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {3B1D0648-C37B-4C4A-A925-EF6057C2A452} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Gerson-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4ad9r6iz.default FF SearchEngineOrder.3: Bing FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] () FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3545598357-960246443-762122577-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gerson-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF SearchPlugin: C:\Users\Gerson-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4ad9r6iz.default\searchplugins\bing-.xml [2016-01-21] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms} CHR DefaultSearchKeyword: Default -> yahoo CHR Profile: C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Yahoo!) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijepgjdjkdbopbnaopmlmobimmhjklhd [2016-02-25] CHR Extension: (Skype) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-25] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-24] CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit) S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems) R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-24] (REALiX(tm)) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-25] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek ) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-11-23] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2015-11-02] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-02-05] (Wellbia.com Co., Ltd.) S3 xspirit; C:\WINDOWS\xspirit.sys [19176 2016-02-05] () ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-02-25 23:42 - 2016-02-25 23:43 - 00023546 _____ C:\Users\Gerson-PC\Desktop\FRST.txt 2016-02-25 23:41 - 2016-02-25 23:42 - 00000000 ____D C:\FRST 2016-02-25 23:41 - 2016-02-25 23:40 - 02371072 _____ (Farbar) C:\Users\Gerson-PC\Desktop\FRST64.exe 2016-02-25 23:40 - 2016-02-25 23:40 - 02371072 _____ (Farbar) C:\Users\Gerson-PC\Downloads\FRST64.exe 2016-02-25 23:40 - 2016-02-25 23:40 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-25 23:40 - 2016-02-25 23:40 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-25 23:38 - 2016-02-25 23:38 - 00987728 _____ (Google Inc.) C:\Users\Gerson-PC\Downloads\ChromeSetup (3).exe 2016-02-25 16:43 - 2016-02-25 16:43 - 00000000 ____D C:\Users\Gerson-PC\.android 2016-02-25 16:33 - 2016-02-25 16:33 - 00987728 _____ (Google Inc.) C:\Users\Gerson-PC\Downloads\ChromeSetup (2).exe 2016-02-25 16:24 - 2016-02-25 16:24 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (11).exe 2016-02-25 16:21 - 2016-02-25 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC 2016-02-25 16:11 - 2016-02-25 16:24 - 00000000 ____D C:\AdwCleaner 2016-02-25 16:09 - 2016-02-25 16:11 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (3).exe 2016-02-25 16:09 - 2016-02-25 16:10 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (9).exe 2016-02-25 16:09 - 2016-02-25 16:10 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (10).exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\adwcleaner_5.036.exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (8).exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (7).exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (6).exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (5).exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (4).exe 2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (2).exe 2016-02-25 16:08 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (1).exe 2016-02-25 16:08 - 2016-02-25 16:08 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner.exe 2016-02-25 15:25 - 2016-02-25 15:25 - 01309184 _____ C:\Users\Gerson-PC\Desktop\zoek.exe 2016-02-25 15:25 - 2016-02-25 15:25 - 00000000 ____D C:\zoek_backup 2016-02-25 15:24 - 2016-02-25 15:25 - 01309184 _____ C:\Users\Gerson-PC\Downloads\zoek.exe 2016-02-25 15:23 - 2016-02-25 23:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-25 15:23 - 2016-02-25 15:23 - 22908888 _____ (Malwarebytes ) C:\Users\Gerson-PC\Desktop\mbam-setup-org-2.2.0.1024.exe 2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-02-25 15:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-02-25 15:23 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-02-25 15:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-02-25 15:22 - 2016-02-25 15:23 - 22908888 _____ (Malwarebytes ) C:\Users\Gerson-PC\Downloads\mbam-setup-org-2.2.0.1024.exe 2016-02-24 23:31 - 2016-02-25 23:37 - 00000000 ____D C:\Users\Todos os Usuários\ProductData 2016-02-24 23:31 - 2016-02-25 23:37 - 00000000 ____D C:\ProgramData\ProductData 2016-02-24 23:31 - 2016-02-25 11:36 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\ProductData 2016-02-24 23:26 - 2016-02-24 23:26 - 01609216 _____ (Malwarebytes) C:\Users\Gerson-PC\Desktop\JRT.exe 2016-02-24 23:25 - 2016-02-24 23:26 - 01609216 _____ (Malwarebytes) C:\Users\Gerson-PC\Downloads\JRT.exe 2016-02-24 20:57 - 2016-02-24 20:57 - 00001263 _____ C:\Users\Gerson-PC\Desktop\Continue Last version Installation.lnk 2016-02-24 20:27 - 2016-02-24 20:28 - 00002225 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk 2016-02-24 20:27 - 2016-02-24 20:27 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS 2016-02-24 20:27 - 2016-02-24 20:27 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled 2016-02-24 20:27 - 2016-02-24 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 2016-02-24 20:26 - 2016-02-24 20:26 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2016-02-24 20:26 - 2016-02-24 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Users\Todos os Usuários\IObit 2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\IObit 2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\ProgramData\IObit 2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Program Files (x86)\IObit 2016-02-24 20:25 - 2016-02-24 20:55 - 00002236 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk 2016-02-24 20:25 - 2016-02-24 20:27 - 00003314 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor 2016-02-24 20:25 - 2016-02-24 20:27 - 00000000 ____D C:\Users\Gerson-PC\AppData\LocalLow\IObit 2016-02-24 20:25 - 2016-02-24 20:25 - 00003438 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Gerson-PC 2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\Users\Todos os Usuários\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} 2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} 2016-02-24 20:12 - 2016-02-24 20:25 - 41171496 _____ (IObit ) C:\Users\Gerson-PC\Downloads\advanced-systemcare-setup.exe 2016-02-24 19:49 - 2016-02-24 19:49 - 00003318 _____ C:\WINDOWS\System32\Tasks\{D6269E3F-6D7C-4FD1-9E93-CEFF13D1C593} 2016-02-24 18:52 - 2016-02-24 18:52 - 00000045 _____ C:\Users\Gerson-PC\AppData\Roaming\WB.CFG 2016-02-24 18:20 - 2016-02-24 18:20 - 00000374 _____ C:\WINDOWS\SysWOW64\data.bin 2016-02-24 18:08 - 2016-02-24 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer 2016-02-24 18:06 - 2016-02-24 18:06 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Setup Wizard 2016-02-24 18:05 - 2016-02-24 18:05 - 00003652 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2016-02-24 18:05 - 2016-02-24 18:05 - 00003118 _____ C:\WINDOWS\System32\Tasks\ttwifi 2016-02-24 18:05 - 2016-02-24 18:05 - 00003012 _____ C:\WINDOWS\System32\Tasks\osTip 2016-02-24 18:05 - 2016-02-24 18:05 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg 2016-02-24 18:05 - 2016-02-24 18:05 - 00000000 ____D C:\ProgramData\WindowsMsg 2016-02-24 17:59 - 2016-02-25 17:18 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner 2016-02-24 17:59 - 2016-02-24 17:59 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\gplyra 2016-02-24 17:54 - 2016-02-24 17:54 - 00000000 ____D C:\Users\Gerson-PC\Desktop\2016-08 2016-02-24 17:52 - 2016-02-24 17:52 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-02-24 17:52 - 2016-02-24 17:52 - 00000372 __RSH C:\ProgramData\ntuser.pol 2016-02-24 17:51 - 2016-02-24 17:51 - 00001136 _____ C:\Users\Gerson-PC\Desktop\Format Factory.lnk 2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 ____D C:\Program Files (x86)\FormatFactory 2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 _____ C:\WINDOWS\SysWOW64\track 2016-02-24 17:50 - 2016-02-25 17:16 - 00000000 ____D C:\Users\Todos os Usuários\umBMnf 2016-02-24 17:50 - 2016-02-25 17:16 - 00000000 ____D C:\ProgramData\umBMnf 2016-02-24 17:49 - 2016-02-24 17:48 - 00000997 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak 2016-02-24 17:41 - 2016-02-24 17:41 - 00003436 _____ C:\WINDOWS\System32\Tasks\Format Factory 2016-02-24 17:40 - 2016-02-24 17:41 - 04508993 _____ (FF, Inc ) C:\Users\Gerson-PC\Downloads\fast-video-converter-3.8.0.4.exe 2016-02-24 14:05 - 2016-02-24 14:05 - 00626622 _____ C:\Users\Gerson-PC\Downloads\Tundra by Vilonium.zip 2016-02-23 00:24 - 2016-02-23 00:24 - 00656680 _____ C:\Users\Gerson-PC\Downloads\CP Member Maker V5.exe 2016-02-23 00:24 - 2010-08-30 15:27 - 00000000 ____D C:\Users\Gerson-PC\Downloads\CP Member Maker V5 2016-02-22 12:42 - 2016-02-22 12:42 - 00177149 _____ C:\Users\Gerson-PC\Downloads\Smaragd Mod.zip 2016-02-22 12:39 - 2016-02-22 12:39 - 00001434 _____ C:\Users\Gerson-PC\Downloads\Better Gold v18.zip 2016-02-22 12:26 - 2016-02-22 12:26 - 00095905 _____ C:\Users\Gerson-PC\Downloads\LotsOfSteves0.6.jar.zip 2016-02-22 12:19 - 2016-02-22 12:19 - 00565061 _____ C:\Users\Gerson-PC\Downloads\unzip-me_mod_jar_file_inside9886349.zip 2016-02-21 17:09 - 2016-02-21 17:09 - 00000000 ____D C:\Users\Gerson-PC\AppData\LocalLow\uTorrent 2016-02-21 14:25 - 2016-02-21 14:25 - 00499943 _____ C:\Users\Gerson-PC\Downloads\SHARPNESS V [32x] For MC 1.7 +.zip 2016-02-21 14:11 - 2016-02-21 14:13 - 34864620 _____ C:\Users\Gerson-PC\Downloads\Brobi V2 Pack.zip 2016-02-21 13:31 - 2016-02-21 13:31 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft (2).exe 2016-02-18 23:46 - 2016-02-18 23:46 - 11531758 _____ C:\Users\Gerson-PC\Downloads\Edit.BOLADA.zip 2016-02-18 22:06 - 2016-02-18 22:06 - 04734664 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (4).exe 2016-02-17 22:36 - 2016-02-17 22:37 - 34469764 _____ C:\Users\Gerson-PC\Downloads\Mythruna-20120627-Windows.zip 2016-02-17 22:16 - 2016-02-17 22:16 - 00013627 _____ C:\Users\Gerson-PC\Downloads\Hurt World.torrent 2016-02-17 22:08 - 2016-02-17 22:08 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG (2).torrent 2016-02-17 22:07 - 2016-02-17 22:07 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG (1).torrent 2016-02-17 22:05 - 2016-02-17 22:05 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG.torrent 2016-02-17 21:42 - 2016-02-23 00:24 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Nova pasta (2) 2016-02-17 20:45 - 2016-02-24 12:01 - 00000000 ____D C:\Program Files (x86)\Minecraft 2016-02-17 20:45 - 2016-02-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2016-02-17 20:43 - 2016-02-17 20:43 - 02314240 _____ C:\Users\Gerson-PC\Downloads\MinecraftInstaller (1).msi 2016-02-17 20:43 - 2016-02-17 20:43 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft (1).exe 2016-02-17 13:43 - 2016-02-17 13:44 - 01016759 _____ C:\Users\Gerson-PC\Desktop\Minecraft(1).exe 2016-02-16 20:42 - 2016-02-16 20:42 - 00049522 _____ C:\Users\Gerson-PC\Downloads\Klient_Dayz_SA_v_0_58_128566_v3_0_torrent.torrent 2016-02-16 17:54 - 2016-02-16 17:54 - 00513214 _____ C:\Users\Gerson-PC\Downloads\TENTANDO UM MAPA _3.zip 2016-02-15 16:43 - 2016-02-15 16:43 - 02845707 _____ C:\Users\Gerson-PC\Downloads\CDA Mod 1.1.5 (1).zip 2016-02-15 05:07 - 2016-02-15 05:07 - 00097905 _____ C:\Users\Gerson-PC\Downloads\Saving.Private.Ryan.1998.1080p.BrRip.x264.YIFY_PtB.srt 2016-02-15 05:07 - 2016-02-15 05:07 - 00011596 _____ C:\Users\Gerson-PC\Downloads\Saving Private Ryan (1998) [1080p].torrent 2016-02-15 03:23 - 2016-02-15 03:23 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Macromedia 2016-02-15 03:22 - 2016-02-25 17:27 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-15 03:22 - 2016-02-15 03:22 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-02-15 03:22 - 2016-02-15 03:22 - 00000000 ____D C:\Users\Todos os Usuários\McAfee 2016-02-15 03:22 - 2016-02-15 03:22 - 00000000 ____D C:\ProgramData\McAfee 2016-02-15 03:06 - 2016-02-15 03:06 - 00016133 _____ C:\Users\Gerson-PC\Downloads\A617A4156A79D9F0594828294B88EA71BFDE6C70.torrent 2016-02-14 21:55 - 2016-02-14 21:56 - 00000014 _____ C:\Users\Gerson-PC\Desktop\zcxfa.txt 2016-02-14 20:43 - 2016-02-14 20:43 - 00002866 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-02-14 20:43 - 2016-02-14 20:43 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-02-14 20:43 - 2016-02-14 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-02-14 20:43 - 2016-02-14 20:43 - 00000000 ____D C:\Program Files\CCleaner 2016-02-14 20:42 - 2016-02-14 20:43 - 06828320 _____ (Piriform Ltd) C:\Users\Gerson-PC\Downloads\ccsetup514.exe 2016-02-14 16:29 - 2016-02-14 16:29 - 04734664 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (3).exe 2016-02-14 16:24 - 2016-02-14 16:26 - 84021068 _____ C:\Users\Gerson-PC\Downloads\sanflores v1.1 (1).rar 2016-02-14 16:17 - 2016-02-14 16:19 - 84021068 _____ C:\Users\Gerson-PC\Downloads\sanflores v1.1.rar 2016-02-14 14:42 - 2016-02-14 14:42 - 02845707 _____ C:\Users\Gerson-PC\Downloads\CDA Mod 1.1.5.zip 2016-02-14 14:11 - 2016-02-14 14:11 - 00711998 _____ C:\Users\Gerson-PC\Downloads\The Walking Dead Mod v2.7 for MC 1.7.10.zip 2016-02-14 13:40 - 2016-02-14 13:40 - 00022599 _____ C:\Users\Gerson-PC\Downloads\zonbie.zip 2016-02-14 12:33 - 2016-02-14 12:33 - 37121699 _____ C:\Users\Gerson-PC\Downloads\MineLoL [64x64] Realistic Texture Pack (V.1.8+).zip 2016-02-13 20:48 - 2016-02-23 00:04 - 00000246 _____ C:\Users\Gerson-PC\Desktop\minha conta.txt 2016-02-13 19:50 - 2016-02-13 19:50 - 00664446 _____ C:\Users\Gerson-PC\Downloads\modpack..zip 2016-02-13 19:49 - 2016-02-13 19:49 - 00453341 _____ C:\Users\Gerson-PC\Downloads\Dragon Mount 1.7.10 por Xbolado Games.jar.zip 2016-02-12 20:49 - 2016-02-12 20:49 - 00539146 _____ C:\Users\Gerson-PC\Downloads\ShapeShifterZ81.zip 2016-02-12 20:06 - 2016-02-12 20:06 - 02786954 _____ C:\Users\Gerson-PC\Downloads\forge-1.7.2-10.12.2.1121-installer.jar.zip 2016-02-12 19:26 - 2016-02-12 19:26 - 00338500 _____ C:\Users\Gerson-PC\Downloads\zamfor188840324.zip 2016-02-11 20:22 - 2016-02-12 10:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-11 01:12 - 2016-02-16 23:48 - 00000244 _____ C:\Users\Gerson-PC\Desktop\contas.txt 2016-02-10 23:13 - 2016-02-10 23:17 - 132231089 _____ C:\Users\Gerson-PC\Downloads\minecraft.1.7.10+The-Sims-Craft-AuthenticGames.rar 2016-02-10 21:35 - 2016-02-10 21:35 - 03749528 _____ C:\Users\Gerson-PC\Downloads\#CDG - Imgur.zip 2016-02-10 12:31 - 2016-02-10 12:32 - 00000028 _____ C:\Users\Gerson-PC\Desktop\codigos do minecreft.txt 2016-02-10 12:12 - 2016-02-10 12:16 - 22127965 _____ C:\Users\Gerson-PC\Downloads\JurassiCraft 2.0.0 Pre-release 5.jar.zip 2016-02-09 22:47 - 2016-02-09 22:47 - 00016024 _____ C:\Users\Gerson-PC\Downloads\B0bGary_s_Stone_Armour_1.6.4_v1.1.0.zip 2016-02-09 22:26 - 2016-02-09 22:31 - 198931077 _____ C:\Users\Gerson-PC\Downloads\Modpack 1.8 ConexaoPlayer.rar 2016-02-09 22:13 - 2016-02-09 22:13 - 00110268 _____ C:\Users\Gerson-PC\Downloads\TooManyItems2014_07_05_1.7.10.zip 2016-02-09 21:44 - 2016-02-09 21:44 - 00587156 _____ C:\Users\Gerson-PC\Downloads\MC Heli Mod Installer 1.7.2.zip 2016-02-09 20:47 - 2016-01-29 03:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-09 20:47 - 2016-01-29 03:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-09 20:47 - 2016-01-27 03:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-09 20:47 - 2016-01-27 03:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-09 20:47 - 2016-01-27 03:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-09 20:47 - 2016-01-27 03:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-09 20:47 - 2016-01-27 03:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-09 20:47 - 2016-01-27 02:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-09 20:47 - 2016-01-27 02:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-09 20:47 - 2016-01-27 02:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-09 20:47 - 2016-01-27 02:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-09 20:47 - 2016-01-27 02:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-09 20:47 - 2016-01-27 02:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-09 20:47 - 2016-01-27 02:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-09 20:47 - 2016-01-27 02:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-09 20:47 - 2016-01-27 02:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-09 20:47 - 2016-01-27 02:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-09 20:47 - 2016-01-27 02:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-09 20:47 - 2016-01-27 02:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-09 20:47 - 2016-01-27 02:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-09 20:47 - 2016-01-27 02:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-09 20:47 - 2016-01-27 02:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-09 20:47 - 2016-01-27 02:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-09 20:47 - 2016-01-27 02:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-09 20:47 - 2016-01-27 02:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-09 20:47 - 2016-01-27 02:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-09 20:47 - 2016-01-27 02:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-09 20:47 - 2016-01-27 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-09 20:47 - 2016-01-27 02:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-09 20:47 - 2016-01-27 02:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-09 20:47 - 2016-01-27 02:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-09 20:47 - 2016-01-27 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-09 20:47 - 2016-01-27 02:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-09 20:47 - 2016-01-27 02:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-09 20:47 - 2016-01-27 02:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-09 20:47 - 2016-01-27 02:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-09 20:47 - 2016-01-27 02:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-09 20:47 - 2016-01-27 02:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-09 20:47 - 2016-01-27 02:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-09 20:47 - 2016-01-27 02:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-09 20:47 - 2016-01-27 02:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-09 20:47 - 2016-01-27 02:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-09 20:47 - 2016-01-27 02:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-09 20:47 - 2016-01-27 01:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-09 20:47 - 2016-01-27 01:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-09 20:47 - 2016-01-27 01:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-09 20:47 - 2016-01-27 01:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-09 20:47 - 2016-01-27 01:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-09 20:47 - 2016-01-27 01:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-09 20:47 - 2016-01-27 01:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-09 20:47 - 2016-01-27 01:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-09 20:47 - 2016-01-27 01:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-09 20:47 - 2016-01-27 01:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-09 20:47 - 2016-01-27 01:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-09 20:47 - 2016-01-27 01:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-09 20:47 - 2016-01-27 01:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-09 20:47 - 2016-01-27 01:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-09 20:47 - 2016-01-27 01:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-09 20:47 - 2016-01-27 01:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-09 20:47 - 2016-01-27 01:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-09 20:47 - 2016-01-27 01:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-09 20:47 - 2016-01-27 01:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-09 20:47 - 2016-01-27 01:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-09 20:47 - 2016-01-27 01:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-09 20:47 - 2016-01-27 01:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-07 05:45 - 2016-02-07 05:45 - 00047312 _____ C:\Users\Gerson-PC\Downloads\scarface.(1983).pob.1cd.(3471095).zip 2016-02-07 05:41 - 2016-02-07 05:41 - 00047370 _____ C:\Users\Gerson-PC\Downloads\scarface.(1983).pob.1cd.(5120192)(1).zip 2016-02-05 22:50 - 2016-02-05 22:55 - 00000000 ____D C:\Users\Gerson-PC\Desktop\WTF 2016-02-05 22:50 - 2016-02-05 22:55 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Data 2016-02-05 22:35 - 2016-02-05 22:35 - 00002149 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Hurtworld (2).lnk 2016-02-05 22:05 - 2016-02-05 22:08 - 10335064 _____ (MEGA Limited) C:\Users\Gerson-PC\Downloads\MEGAsyncSetup(1).exe 2016-02-05 21:45 - 2016-02-05 21:45 - 00000000 ____D C:\Program Files (x86)\Bankroll Studios 2016-02-05 21:44 - 2016-02-05 21:44 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Downloaded Installations 2016-02-04 19:02 - 2016-02-04 19:03 - 65857390 _____ C:\Users\Gerson-PC\Downloads\minecraft(1).rar 2016-02-03 22:48 - 2016-02-15 03:22 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Adobe 2016-02-03 22:48 - 2016-02-04 13:20 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Adobe 2016-02-03 22:48 - 2016-02-03 22:48 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-02-03 22:48 - 2016-02-03 22:48 - 00000000 ____D C:\ProgramData\Adobe 2016-02-03 22:30 - 2016-02-03 22:30 - 00030998 _____ C:\Users\Gerson-PC\Downloads\curriculum-vitae (1).pdf 2016-02-03 22:27 - 2016-02-03 22:28 - 00030998 _____ C:\Users\Gerson-PC\Downloads\curriculum-vitae.pdf 2016-02-03 20:14 - 2016-02-03 20:14 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft.exe 2016-02-02 11:34 - 2016-02-16 16:15 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGerson-PC.job 2016-01-31 20:07 - 2016-01-31 20:07 - 01474094 _____ (suprx) C:\Users\Gerson-PC\Downloads\suprx2.exe 2016-01-31 00:00 - 2016-01-31 00:00 - 05157504 _____ C:\Users\Gerson-PC\Downloads\Guia de receitas anarquistas completo port MA.rar 2016-01-30 17:27 - 2016-01-30 17:28 - 58543367 _____ C:\Users\Gerson-PC\Downloads\metallurgy2 1.4.6 ReiRex.rar 2016-01-30 16:39 - 2016-01-30 16:41 - 53506172 _____ C:\Users\Gerson-PC\Downloads\ShapeShifter.rar 2016-01-30 16:26 - 2016-01-30 16:32 - 252185216 _____ C:\Users\Gerson-PC\Downloads\pixelmon-do-Tio-Golden.zip 2016-01-28 21:32 - 2016-01-28 21:32 - 00003629 _____ C:\Users\Gerson-PC\Downloads\ACWarn-Plugin-In-Here.zip 2016-01-28 20:09 - 2016-01-28 20:09 - 00056319 _____ C:\Users\Gerson-PC\Downloads\LootMod 0.1 for MC 1.2.5.zip 2016-01-28 19:21 - 2016-01-28 19:31 - 435503655 _____ C:\Users\Gerson-PC\Downloads\Rezende Avetureiro - Modpack.rar 2016-01-28 19:14 - 2016-01-28 19:14 - 00007637 _____ C:\Users\Gerson-PC\Downloads\vanilla.recipes 2016-01-28 19:11 - 2016-01-28 19:11 - 00027394 _____ C:\Users\Gerson-PC\Downloads\Emerald-and-Obsidian-Tools.zip 2016-01-28 18:42 - 2016-01-28 18:42 - 00583488 _____ C:\Users\Gerson-PC\Downloads\CustomMobSpawner 3.0.0.zip 2016-01-28 18:19 - 2016-01-28 18:19 - 00622570 _____ C:\Users\Gerson-PC\Downloads\Guardsmod v1.3 (1).zip 2016-01-28 18:17 - 2016-01-28 18:18 - 02312461 _____ C:\Users\Gerson-PC\Downloads\forge-1.6.4-9.11.1.1345-installer.jar 2016-01-28 01:28 - 2016-01-16 03:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 01:28 - 2016-01-16 03:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 01:28 - 2016-01-16 03:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 01:28 - 2016-01-16 03:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 01:28 - 2016-01-16 03:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 01:28 - 2016-01-16 03:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 01:28 - 2016-01-16 03:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 01:28 - 2016-01-16 03:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 01:28 - 2016-01-16 03:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 01:28 - 2016-01-16 03:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 01:28 - 2016-01-16 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 01:28 - 2016-01-16 03:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 01:28 - 2016-01-16 03:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 01:28 - 2016-01-16 03:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 01:28 - 2016-01-16 03:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 01:28 - 2016-01-16 02:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 01:28 - 2016-01-16 02:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 01:28 - 2016-01-16 02:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 01:28 - 2016-01-16 02:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 01:28 - 2016-01-16 02:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 01:28 - 2016-01-16 02:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 01:28 - 2016-01-16 02:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 01:28 - 2016-01-16 02:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 01:28 - 2016-01-16 02:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 01:28 - 2016-01-16 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 01:28 - 2016-01-16 02:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 01:28 - 2016-01-16 02:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 01:28 - 2016-01-16 02:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 01:28 - 2016-01-16 02:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 01:28 - 2016-01-16 02:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 01:28 - 2016-01-16 02:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 01:28 - 2016-01-16 02:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 01:28 - 2016-01-16 02:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 01:28 - 2016-01-16 02:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 01:28 - 2016-01-16 02:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 01:28 - 2016-01-16 02:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 01:28 - 2016-01-16 02:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 01:28 - 2016-01-16 02:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 01:28 - 2016-01-16 02:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 01:28 - 2016-01-16 02:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 01:28 - 2016-01-16 02:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 01:28 - 2016-01-16 02:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 01:28 - 2016-01-16 02:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 01:28 - 2016-01-16 02:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 01:28 - 2016-01-16 02:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 01:28 - 2016-01-16 02:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 01:28 - 2016-01-16 02:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 01:28 - 2016-01-16 02:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 01:28 - 2016-01-16 02:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 01:28 - 2016-01-16 02:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 01:28 - 2016-01-16 02:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 01:28 - 2016-01-16 02:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 01:27 - 2016-01-16 03:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 01:27 - 2016-01-16 03:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 01:27 - 2016-01-16 03:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 01:27 - 2016-01-16 03:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 01:27 - 2016-01-16 03:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 01:27 - 2016-01-16 03:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 01:27 - 2016-01-16 03:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 01:27 - 2016-01-16 02:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 01:27 - 2016-01-16 02:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 01:27 - 2016-01-16 02:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 01:27 - 2016-01-16 02:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 01:27 - 2016-01-16 02:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 01:27 - 2016-01-16 02:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 01:27 - 2016-01-16 02:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 01:27 - 2016-01-16 02:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 01:27 - 2016-01-16 02:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 01:27 - 2016-01-16 02:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 01:27 - 2016-01-16 02:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 01:27 - 2016-01-16 02:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 01:27 - 2016-01-16 02:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 01:27 - 2016-01-16 02:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 01:27 - 2016-01-16 02:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 01:27 - 2016-01-16 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 01:27 - 2016-01-16 02:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 01:27 - 2016-01-16 02:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 01:27 - 2016-01-16 02:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 01:27 - 2016-01-16 02:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 01:27 - 2016-01-16 02:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 01:27 - 2016-01-16 02:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 01:27 - 2016-01-16 02:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 01:27 - 2016-01-16 02:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 01:27 - 2016-01-16 02:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 01:27 - 2016-01-16 02:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 01:27 - 2016-01-16 02:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 01:27 - 2016-01-16 02:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 01:27 - 2016-01-16 02:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 01:27 - 2016-01-16 02:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 01:27 - 2016-01-16 02:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 01:27 - 2016-01-16 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 01:27 - 2016-01-16 02:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 01:27 - 2016-01-16 02:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 01:27 - 2016-01-16 02:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 01:27 - 2016-01-16 02:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 01:27 - 2016-01-16 02:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 01:27 - 2016-01-16 02:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 01:27 - 2016-01-16 02:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 01:27 - 2016-01-16 02:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 01:27 - 2016-01-16 02:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 01:27 - 2016-01-16 02:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 01:27 - 2016-01-16 02:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 01:27 - 2016-01-16 02:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 01:27 - 2016-01-16 02:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 01:27 - 2016-01-16 02:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 01:27 - 2016-01-16 02:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 01:27 - 2016-01-16 02:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 01:27 - 2016-01-16 02:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-27 20:38 - 2016-01-27 20:47 - 412679786 _____ C:\Users\Gerson-PC\Downloads\minecraft.rar 2016-01-27 00:42 - 2016-02-03 21:55 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\PointBlank 2016-01-27 00:38 - 2016-02-05 20:09 - 00036904 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys 2016-01-27 00:38 - 2016-02-05 20:09 - 00019176 _____ C:\WINDOWS\xspirit.sys 2016-01-27 00:10 - 2016-01-27 00:10 - 00000786 _____ C:\Users\Gerson-PC\Desktop\PointBlank.lnk 2016-01-27 00:10 - 2016-01-27 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank 2016-01-27 00:04 - 2016-01-27 00:04 - 00000000 ____D C:\ongame 2016-01-26 23:30 - 2016-01-26 23:30 - 00011576 _____ C:\Users\Gerson-PC\Downloads\PointBlankSetup_20150813.torrent 2016-01-26 20:03 - 2016-01-26 20:04 - 04734232 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (2).exe 2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Google 2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2016-01-26 03:10 - 2016-01-26 03:10 - 00054706 _____ C:\Users\Gerson-PC\Downloads\scarface-528-poster (1) 2016-01-26 03:10 - 2016-01-26 03:10 - 00054706 _____ C:\Users\Gerson-PC\Downloads\scarface-528-poster ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-02-25 23:38 - 2015-11-19 22:02 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-25 23:38 - 2015-10-30 16:11 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat 2016-02-25 23:38 - 2015-10-30 16:11 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat 2016-02-25 23:38 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-25 23:36 - 2016-01-15 11:03 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup 2016-02-25 23:36 - 2016-01-15 11:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-02-25 23:35 - 2015-11-25 13:48 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\LogMeIn Hamachi 2016-02-25 23:33 - 2015-11-25 21:45 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Skype 2016-02-25 23:32 - 2016-01-10 02:56 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-02-25 23:32 - 2015-12-16 18:04 - 00000334 _____ C:\WINDOWS\Tasks\{8EF42242-F6C9-48C9-8BCF-195C9A16E87D}.job 2016-02-25 23:32 - 2015-11-19 22:12 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-25 23:32 - 2015-11-19 22:12 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-25 23:32 - 2015-11-02 15:25 - 00000000 __SHD C:\Users\Gerson-PC\IntelGraphicsProfiles 2016-02-25 23:31 - 2016-01-10 03:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-25 23:20 - 2015-11-20 21:07 - 00001140 _____ C:\Users\Gerson-PC\Desktop\nativelog.txt 2016-02-25 17:55 - 2015-11-20 11:55 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{180EAB1A-FCBF-461A-B8C1-830DA6428D6C} 2016-02-25 16:43 - 2016-01-10 02:59 - 00000000 ____D C:\Users\Gerson-PC 2016-02-25 16:20 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-25 15:46 - 2015-11-21 00:32 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\MPC-HC 2016-02-25 15:18 - 2015-12-16 18:04 - 00002119 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk 2016-02-25 15:18 - 2015-11-19 22:35 - 00000269 _____ C:\WINDOWS\win.ini 2016-02-24 22:00 - 2015-09-10 02:48 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-24 20:54 - 2016-01-10 03:50 - 00000000 ___DC C:\WINDOWS\Panther 2016-02-24 20:53 - 2015-11-21 00:27 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Media Player Classic 2016-02-24 17:53 - 2015-12-16 18:06 - 00001490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-02-24 17:52 - 2015-11-19 22:35 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-02-24 17:52 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-02-24 17:11 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-24 15:38 - 2015-11-20 11:50 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\.minecraft 2016-02-24 14:06 - 2016-01-24 17:03 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\.technic 2016-02-23 20:14 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-23 16:41 - 2015-11-20 23:20 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\uTorrent 2016-02-21 16:24 - 2015-11-26 09:04 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\PhotoScape 2016-02-21 13:31 - 2015-11-18 14:03 - 00001242 _____ C:\Users\Gerson-PC\Downloads\nativelog.txt 2016-02-21 13:31 - 2015-11-18 14:03 - 00000000 ____D C:\Users\Gerson-PC\Downloads\game 2016-02-15 05:57 - 2016-01-23 18:00 - 00000000 ____D C:\Users\Gerson-PC\Desktop\WhatsApp 2016-02-15 05:13 - 2016-01-23 16:47 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Aqui 2016-02-15 05:13 - 2015-11-22 17:37 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\ElevatedDiagnostics 2016-02-12 22:50 - 2015-11-22 18:38 - 00000843 _____ C:\Users\Gerson-PC\Desktop\LASZ.txt 2016-02-12 19:08 - 2015-11-25 21:44 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2016-02-12 19:08 - 2015-11-25 21:44 - 00000000 ____D C:\ProgramData\Skype 2016-02-12 12:21 - 2016-01-10 03:48 - 00000000 ____D C:\Windows.old 2016-02-12 10:21 - 2016-01-07 22:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-11 20:16 - 2015-11-19 22:04 - 00002381 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-11 20:16 - 2015-11-02 14:42 - 00000000 ___RD C:\Users\Gerson-PC\OneDrive 2016-02-11 07:01 - 2015-11-19 21:59 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Packages 2016-02-11 06:24 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-10 22:16 - 2016-01-11 11:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-02-10 22:16 - 2016-01-11 11:12 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-02-10 11:59 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 01:45 - 2015-11-20 22:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-10 01:45 - 2015-11-20 22:11 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 01:44 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-08 13:28 - 2016-01-15 11:04 - 00001742 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk 2016-02-08 13:28 - 2016-01-15 11:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksGameManager 2016-02-08 13:28 - 2016-01-15 11:04 - 00000000 ____D C:\ProgramData\BlueStacksGameManager 2016-02-08 13:28 - 2015-10-30 04:24 - 00000000 __RHD C:\Users\Public\Libraries 2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks 2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\ProgramData\BlueStacks 2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2016-02-05 22:09 - 2015-12-16 21:53 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\MEGAsync 2016-02-03 16:01 - 2015-10-30 04:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 16:01 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-01 13:49 - 2015-12-17 22:11 - 00000026 _____ C:\Users\Gerson-PC\Desktop\Novo Documento de Texto.txt 2016-02-01 13:37 - 2015-12-24 17:53 - 00000183 _____ C:\Users\Gerson-PC\Desktop\gzx.txt 2016-02-01 13:30 - 2015-12-17 00:47 - 00001029 _____ C:\Users\Gerson-PC\Desktop\la vem.txt 2016-02-01 03:27 - 2015-11-19 22:12 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-01 03:27 - 2015-11-19 22:12 - 00003922 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-30 14:52 - 2016-01-10 02:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-01-30 14:52 - 2015-11-26 06:53 - 00000000 ____D C:\Program Files (x86)\Intel 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-28 03:39 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-26 19:27 - 2015-11-26 09:05 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-01-26 19:27 - 2015-11-26 09:05 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-01-26 19:27 - 2015-11-26 09:05 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-01-26 19:27 - 2015-11-26 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive ==================== Arquivos na raiz de alguns diretórios ======= 2016-02-25 11:45 - 2016-02-25 11:45 - 0032038 _____ () C:\Users\Gerson-PC\AppData\Roaming\Edge.ico 2016-02-24 18:52 - 2016-02-24 18:52 - 0000045 _____ () C:\Users\Gerson-PC\AppData\Roaming\WB.CFG 2015-11-23 17:58 - 2015-11-23 17:58 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-01-10 02:56 - 2016-01-10 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Arquivos para serem movidos ou deletados: ==================== C:\Windows\Tasks\{8EF42242-F6C9-48C9-8BCF-195C9A16E87D}.job Alguns arquivos em TEMP: ==================== C:\Users\Gerson-PC\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-02-18 16:14 ==================== Fim de FRST.txt ============================