Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01 Executado por Messias (administrador) em MESSIAS-PC (09-04-2016 17:22:34) Executando a partir de C:\Users\Messias\Downloads Perfis Carregados: Messias (Perfis Disponíveis: Messias) Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files\BitTorrent\BitTorrent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\ProgramData\CloudPrinter\CloudPrinter.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe () C:\Windows\fjp.exe () C:\Users\Messias\AppData\Roaming\Yfeqj\Yfeqj.exe () C:\Users\Messias\AppData\Roaming\Yfeqj\Yhuzuwumri.exe (Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe () C:\Users\Messias\AppData\Roaming\Yfeqj\Mapuyg.exe (VLOME) C:\Users\Messias\AppData\Local\Temp\is-2V1Q0.tmp\print.exe () C:\Users\Messias\AppData\Roaming\CuiiAxek\Gorjev.exe () C:\Users\Messias\AppData\Roaming\SeejBudseje\Semud.exe () C:\Windows\mfjp.exe () C:\Users\Messias\AppData\Roaming\Oluungorri\Oluungorri.exe () C:\Users\Messias\AppData\Roaming\Oluungorri\Wueushas.exe () C:\Users\Messias\AppData\Roaming\Oluungorri\Gydrozsakx.exe () C:\Users\Messias\AppData\Roaming\Iaguwletfu\Iaguwletfu.exe () C:\Users\Messias\AppData\Roaming\Iaguwletfu\Hiudfojp.exe () C:\Users\Messias\AppData\Roaming\Iaguwletfu\Bhqaubuj.exe () C:\Users\Messias\AppData\Local\Doublebase.exe () C:\Users\Messias\AppData\Local\Apps\2.0\abril.exe () C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\hnsa892E.tmp (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\jnsf63D1.tmp (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe () C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\knsl3F5B.tmpfs () C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe () C:\Users\Messias\AppData\Local\Anottrans.exe (ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.0.11150\weather.exe (Microsoft Corporation) C:\Users\Messias\AppData\Roaming\XBox\XBLive.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe () C:\Users\Messias\AppData\Local\SunnyDay21\usun.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (© 2015 Microsoft Corporation) C:\Users\Messias\AppData\Local\Microsoft\BingSvc\BingSvc.exe () C:\Users\Messias\AppData\Local\Temp\06860\Setup.exe () C:\Users\Messias\AppData\Roaming\msiql.exe (MediaDownloader ) C:\Users\Messias\Downloads\MediaDownloader.exe () C:\Users\Messias\AppData\Local\Temp\is-RF1TA.tmp\MediaDownloader.tmp () C:\Users\Messias\AppData\Local\Setup Wizard\08fa6e8b-3ad3-4c7f-a17d-0902f05ff403\vlc-media-player.exe (Skype Technologies S.A.) C:\Users\Messias\AppData\Local\Setup Wizard\212a2109-b485-44a1-a843-056b4b2c1898\skypesetupfull.exe () C:\Users\Messias\AppData\Local\Temp\08960\Setup.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe () C:\Program Files (x86)\JFileManager\WebBrowser.exe () C:\Program Files (x86)\JFileManager\JFileManager.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Messias\Downloads\FRST64 (1).exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-11-15] (Realtek Semiconductor) HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe [487514 2016-04-09] ( ) HKLM-x32\...\Run: [sun21] => [X] HKLM-x32\...\Run: [rec_en_247] => [X] HKLM-x32\...\Run: [mbot_en_037050292] => [X] HKLM\...\RunOnce: [WINDOWS_SCREEN_MANAGER_UPDATER_1] => C:\Program Files\Windows Screen Manager\Windows screen manage updater.exe [16896 2016-04-09] (Wizzservices) HKLM-x32\...\RunOnce: [usun.exe] => C:\Users\Messias\AppData\Local\SunnyDay21\usun.exe [3322544 2016-04-09] () HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [Pritc] => C:\Users\Messias\AppData\Local\Temp\is-2V1Q0.tmp\print.exe [2960896 2016-03-03] (VLOME) <===== ATENÇÃO HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [msiql] => c:\users\messias\appdata\roaming\msiql.exe [1917952 2016-04-01] () HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [YeaInstaller] => C:\Users\Messias\AppData\Local\Temp\R7BEVR99F\R7BEVR99F.exe [1968128 2016-04-09] (TZ) <===== ATENÇÃO HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [Chromium] => "c:\users\messias\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31090272 2015-01-23] (Skype Technologies S.A.) HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [BingSvc] => C:\Users\Messias\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-04-09] (© 2015 Microsoft Corporation) HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\RunOnce: [PriceFountain] => [X] HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\RunOnce: [UpdateTask] => [X] HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\MountPoints2: {80d97073-d824-11e5-9a41-001fc632711c} - E:\LG_PC_Programs.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-17] (Microsoft Corporation) AppInit_DLLs: C:\ProgramData\Airtostrong\Bio-Tom.dll => C:\ProgramData\Airtostrong\Bio-Tom.dll [363520 2016-04-09] () AppInit_DLLs-x32: C:\ProgramData\Airtostrong\Rank-Tip.dll => C:\ProgramData\Airtostrong\Rank-Tip.dll [257536 2016-04-09] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserJFile.lnk [2016-04-09] ShortcutTarget: WebBrowserJFile.lnk -> C:\Program Files (x86)\JFileManager\WebBrowser.exe () ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.16.1 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{A4F449F0-032E-421C-B09E-95F7B048B23E}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{A4F449F0-032E-421C-B09E-95F7B048B23E}: [DhcpNameServer] 192.168.16.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms} HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms} HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms} HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp00HlRLCyS-ZEu96gK0oFQFgovMNImdrnic3-CtTmSrY59aFrWOc3E9E-Q_RMF-BPHEs68j66XYDjI-ktBkDMpE_JwtoGHQ, SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms} SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms} SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms} SearchScopes: HKLM-x32 -> {ielnksrch} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms} SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms} SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms} SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms} BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\Messias\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-06-18] () Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 FF NewTab: about:newtab FF DefaultSearchEngine: Search Provided by Yahoo FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=yessearches FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Search Provided by Yahoo FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium FF Keyword.URL: hxxp://www.yessearches.com/chrome.php?uid=D6C353D4986C88AB7C2BEFCFD28DEB5F&ptid=sqr1&ts=AHEqA38oAHQoBk..&v=20160409&mode=ffexttoolbar&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] () FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF user.js: detected! => C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\user.js [2016-04-09] FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\.xml [2016-04-09] FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\DD1B66D4.xml [2016-04-09] FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\navegaki.xml [2016-04-09] FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\Search Provided by Yahoo.xml [2016-04-09] FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-04-09] FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Search Provided by Yahoo.xml [2016-04-09] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2016-04-09] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystarttb.xml [2016-04-09] FF Extension: leethax.net extension - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\leethax@leethax.net.xpi [2016-04-05] FF Extension: FlashGot - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-04-08] FF Extension: leethax.net extension - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\Extensions\leethax@leethax.net.xpi [2016-04-05] FF Extension: FlashGot - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-04-08] FF Extension: Steel Cut 1.0.1 - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\Extensions\{86802a16-8572-49cb-a26a-69ecc1c09906}.xpi [2016-04-09] [não assinado] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [não assinado] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [não assinado] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR HomePage: Profile 3 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br CHR StartupUrls: Profile 3 -> "hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=GOOGLE" CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Default CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Docs) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27] CHR Extension: (Stylish) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-12-28] CHR Extension: (AdBlock) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-28] CHR Extension: (Winter Chills) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kjciefciokhnhkflkjnkcooigcbpgdhe [2015-12-28] CHR Extension: (The Avengers For New Tab) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnfkoamkfecfgpmjanjebmemnnnbcdnj [2015-12-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-27] CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Stylish) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-01-04] CHR Extension: (AdBlock) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-21] CHR Extension: (Winter Chills) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kjciefciokhnhkflkjnkcooigcbpgdhe [2016-01-16] CHR Extension: (The Avengers For New Tab) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lnfkoamkfecfgpmjanjebmemnnnbcdnj [2016-01-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03] CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 3 CHR Extension: (Skype) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-09] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09] CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4125528095-360351865-885866514-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4125528095-360351865-885866514-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 Airtostrong; C:\ProgramData\\Airtostrong\\Airtostrong.exe [528896 2016-03-29] () [Arquivo não assinado] R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-04-09] () [Arquivo não assinado] S2 BugreportW; C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe [1623128 2016-04-09] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [1202688 2016-04-09] () [Arquivo não assinado] R2 fjp; c:\windows\fjp.exe [417792 2016-04-09] () [Arquivo não assinado] S2 GoogleChromeUpService; C:\ProgramData\service.exe [1747456 2016-03-31] () [Arquivo não assinado] S2 GoogleChromeUpSvc; C:\Users\Messias\AppData\Roaming\svrupg.exe [2767872 2016-04-09] (TODO: ) [Arquivo não assinado] R2 Hylbuejab; C:\Users\Messias\AppData\Roaming\Yfeqj\Yfeqj.exe [174440 2016-04-09] () R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel(R) Corporation) R2 Jhnuc; C:\Users\Messias\AppData\Roaming\CuiiAxek\Gorjev.exe [125776 2016-04-09] () R2 Kabqa; C:\Users\Messias\AppData\Roaming\SeejBudseje\Semud.exe [125800 2016-04-09] () S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.) R2 mfjp; c:\windows\mfjp.exe [408576 2016-04-09] () [Arquivo não assinado] R2 Mievkaojys; C:\Users\Messias\AppData\Roaming\Oluungorri\Oluungorri.exe [174440 2016-04-09] () R2 Paowlauhpu; C:\Users\Messias\AppData\Roaming\Iaguwletfu\Iaguwletfu.exe [174416 2016-04-09] () R2 prhduct; C:\Users\Messias\AppData\Local\Doublebase.exe [28160 2016-04-09] () [Arquivo não assinado] R2 ProntSpooler; C:\Users\Messias\AppData\Local\Apps\2.0\abril.exe [111616 2016-03-21] () [Arquivo não assinado] R2 rijufoze; C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\hnsa892E.tmp [138240 2016-04-09] () [Arquivo não assinado] R2 rocufyky; C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\jnsf63D1.tmp [389632 2016-04-09] () [Arquivo não assinado] S4 Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe [1202688 2016-04-09] () [Arquivo não assinado] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) S4 sulpnar; C:\ProgramData\\sulpnar\\sulpnar.exe [692736 2016-04-09] () [Arquivo não assinado] R2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [153552 2015-12-09] () R2 upaate; C:\Users\Messias\AppData\Local\Anottrans.exe [28160 2016-04-09] () [Arquivo não assinado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 WinSvces; C:\Program Files (x86)\WinSvces\WinSvces\WinSvces.exe [314384 2016-04-09] () R2 XBox; C:\Users\Messias\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation) R2 suhequmizbt; C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\knsl3F5B.tmpfs [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [82752 2016-04-09] (Cherimoya Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-15] (REALiX(tm)) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2015-11-15] () R1 {86802a16-8572-49cb-a26a-69ecc1c09906}Gw64; C:\Windows\System32\drivers\{86802a16-8572-49cb-a26a-69ecc1c09906}Gw64.sys [48464 2016-04-09] (StdLib) S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-09 19:51 - 2016-04-09 19:51 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-04-09 19:51 - 2016-04-09 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-04-09 19:50 - 2016-04-09 19:50 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk 2016-04-09 19:50 - 2016-04-09 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-09 19:49 - 2016-04-09 19:50 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2016-04-09 19:49 - 2016-04-09 19:50 - 00000000 ____D C:\ProgramData\Skype 2016-04-09 19:49 - 2016-04-09 19:50 - 00000000 ____D C:\Program Files (x86)\Skype 2016-04-09 19:49 - 2016-04-09 19:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2016-04-09 19:48 - 2016-04-09 19:48 - 00000000 ____D C:\Users\Messias\AppData\Local\7D8928E0-1460231327-11D5-A80C-001FC632711C 2016-04-09 19:42 - 2016-04-09 11:01 - 00000000 ____D C:\Program Files (x86)\SpeedSearchesbnd 2016-04-09 17:56 - 2016-04-09 17:56 - 00000000 ____D C:\Users\Todos os Usuários\Airtostrongs 2016-04-09 17:56 - 2016-04-09 17:56 - 00000000 ____D C:\ProgramData\Airtostrongs 2016-04-09 17:55 - 2016-04-09 17:55 - 02777282 _____ () C:\Program Files\Common Files\tyoxt21d.exe 2016-04-09 17:55 - 2002-01-01 00:03 - 00000000 ____D C:\Users\Todos os Usuários\Airtostrong 2016-04-09 17:55 - 2002-01-01 00:03 - 00000000 ____D C:\ProgramData\Airtostrong 2016-04-09 17:53 - 2016-04-09 17:53 - 00003396 _____ C:\Windows\System32\Tasks\u1tthsbx 2016-04-09 17:53 - 2016-04-09 17:53 - 00000000 ____D C:\Program Files\Common Files\a3aiocvn 2016-04-09 17:22 - 2016-04-09 17:23 - 00030422 _____ C:\Users\Messias\Downloads\FRST.txt 2016-04-09 17:20 - 2016-04-09 17:22 - 00000000 ____D C:\FRST 2016-04-09 17:20 - 2016-04-09 17:20 - 02374144 _____ (Farbar) C:\Users\Messias\Downloads\FRST64.exe 2016-04-09 17:20 - 2016-04-09 17:20 - 02374144 _____ (Farbar) C:\Users\Messias\Downloads\FRST64 (1).exe 2016-04-09 17:17 - 2016-04-09 17:17 - 00001161 _____ C:\Users\Public\Desktop\JFileManager.lnk 2016-04-09 17:17 - 2016-04-09 17:17 - 00000000 ____D C:\Users\Messias\AppData\Local\JFileManager 2016-04-09 17:17 - 2016-04-09 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager 2016-04-09 17:17 - 2016-04-09 17:17 - 00000000 ____D C:\Program Files (x86)\JFileManager 2016-04-09 17:03 - 2016-04-09 17:03 - 00000000 ____D C:\Windows\system32\pou 2016-04-09 17:03 - 2016-04-09 17:03 - 00000000 ____D C:\Windows\system32\mab 2016-04-09 16:57 - 2016-04-09 16:57 - 00064846 _____ C:\Users\Messias\Downloads\cc_20160409_165727.reg 2016-04-09 15:35 - 2016-04-09 15:35 - 00000000 ____D C:\Windows\system32\oagy 2016-04-09 15:35 - 2016-04-09 15:35 - 00000000 ____D C:\Windows\system32\nuev 2016-04-09 15:27 - 2016-04-09 17:18 - 00000000 ____D C:\Program Files (x86)\SunnyDayApps 2016-04-09 14:46 - 2016-04-09 17:05 - 00000524 _____ C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job 2016-04-09 14:46 - 2016-04-09 14:46 - 00003626 _____ C:\Windows\System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} 2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\Users\Todos os Usuários\baidu 2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Baidu 2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\ProgramData\baidu 2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\Program Files (x86)\Baidu 2016-04-09 14:11 - 2016-04-09 14:11 - 00000000 ____D C:\Windows\system32\jeg 2016-04-09 14:11 - 2016-04-09 14:11 - 00000000 ____D C:\Windows\system32\fyr 2016-04-09 13:55 - 2016-04-09 01:10 - 00000000 ____D C:\Program Files\BitTorrent 2016-04-09 13:54 - 2016-04-09 13:54 - 00041472 _____ C:\Users\Messias\AppData\Local\Doublebase.dat 2016-04-09 13:54 - 2016-04-09 13:54 - 00028160 _____ C:\Users\Messias\AppData\Local\Doublebase.exe 2016-04-09 13:54 - 2016-04-09 13:54 - 00000187 _____ C:\Users\Messias\AppData\Local\Doublebase.exe.config 2016-04-09 13:53 - 2016-04-09 13:53 - 01626416 _____ C:\Users\Messias\AppData\Roaming\HomeNix.tst 2016-04-09 13:53 - 2016-04-09 13:53 - 00189654 _____ () C:\Users\Messias\AppData\Roaming\VilaOveron.bin 2016-04-09 13:53 - 2016-04-09 13:53 - 00072699 _____ C:\Users\Messias\AppData\Roaming\Trust-Trax.tst 2016-04-09 13:53 - 2016-04-09 13:53 - 00003182 _____ C:\Windows\System32\Tasks\{1AF509E0-2AAE-4BCB-BE93-77B0CBBC8057} 2016-04-09 13:53 - 2016-04-09 13:52 - 01134592 _____ C:\Users\Messias\AppData\Roaming\HomeNix.exe 2016-04-09 13:52 - 2016-04-09 13:52 - 01134592 _____ C:\Users\Messias\AppData\Roaming\Trust-Trax.exe 2016-04-09 13:52 - 2016-04-09 13:52 - 00848437 _____ C:\Users\Messias\AppData\Roaming\Treetough.bin 2016-04-09 13:48 - 2016-04-09 13:48 - 00003338 _____ C:\Windows\System32\Tasks\Dyjtiu 2016-04-09 13:48 - 2016-04-09 13:48 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Yfeqj 2016-04-09 13:48 - 2016-04-09 13:48 - 00000000 ____D C:\Users\Messias\AppData\Roaming\SeejBudseje 2016-04-09 13:37 - 2016-04-09 13:37 - 00000000 ____D C:\Users\Todos os Usuários\77e4e1f1-61a5-1 2016-04-09 13:37 - 2016-04-09 13:37 - 00000000 ____D C:\ProgramData\77e4e1f1-61a5-1 2016-04-09 13:20 - 2016-04-09 13:11 - 00028160 _____ C:\Users\Messias\AppData\Local\Anottrans.exe 2016-04-09 13:20 - 2016-04-09 13:11 - 00000187 _____ C:\Users\Messias\AppData\Local\Anottrans.exe.config 2016-04-09 13:20 - 2016-04-09 13:10 - 00041472 _____ C:\Users\Messias\AppData\Local\Anottrans.dat 2016-04-09 13:09 - 2016-04-09 16:53 - 00000000 ____D C:\Users\Todos os Usuários\Ronzap 2016-04-09 13:09 - 2016-04-09 16:53 - 00000000 ____D C:\ProgramData\Ronzap 2016-04-09 13:09 - 2016-04-09 13:53 - 06504960 _____ C:\Users\Messias\AppData\Roaming\agent.dat 2016-04-09 13:09 - 2016-04-09 13:53 - 00126464 _____ C:\Users\Messias\AppData\Roaming\noah.dat 2016-04-09 13:09 - 2016-04-09 13:53 - 00065424 _____ C:\Users\Messias\AppData\Roaming\Config.xml 2016-04-09 13:09 - 2016-04-09 13:53 - 00018432 _____ C:\Users\Messias\AppData\Roaming\Main.dat 2016-04-09 13:09 - 2016-04-09 13:09 - 01626416 _____ C:\Users\Messias\AppData\Roaming\TrioHold.tst 2016-04-09 13:09 - 2016-04-09 13:09 - 00189654 _____ () C:\Users\Messias\AppData\Roaming\K-Remfix.bin 2016-04-09 13:09 - 2016-04-09 13:09 - 00002397 _____ C:\Windows\SysWOW64\findit.xml 2016-04-09 13:09 - 2016-04-09 13:09 - 00000000 ____D C:\Users\Todos os Usuários\Ronzaps 2016-04-09 13:09 - 2016-04-09 13:09 - 00000000 ____D C:\ProgramData\Ronzaps 2016-04-09 13:08 - 2016-04-09 13:53 - 00126464 _____ C:\Users\Messias\AppData\Roaming\lobby.dat 2016-04-09 13:08 - 2016-04-09 13:53 - 00054272 _____ C:\Users\Messias\AppData\Roaming\ApplicationHosting.dat 2016-04-09 13:08 - 2016-04-09 13:53 - 00005568 _____ C:\Users\Messias\AppData\Roaming\md.xml 2016-04-09 13:08 - 2016-04-09 13:08 - 00072699 _____ C:\Users\Messias\AppData\Roaming\Statjoytex.tst 2016-04-09 13:08 - 2016-04-09 13:08 - 00003342 _____ C:\Windows\System32\Tasks\Eoanajr 2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\Users\Todos os Usuários\CloudPrinter 2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Iaguwletfu 2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\Users\Messias\AppData\Roaming\CuiiAxek 2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\ProgramData\CloudPrinter 2016-04-09 13:08 - 2016-04-09 13:06 - 01202688 _____ C:\Users\Messias\AppData\Roaming\TrioHold.exe 2016-04-09 13:08 - 2016-04-09 13:06 - 01202688 _____ C:\Users\Messias\AppData\Roaming\Statjoytex.exe 2016-04-09 13:07 - 2016-04-09 13:07 - 00848437 _____ C:\Users\Messias\AppData\Roaming\Blackdox.bin 2016-04-09 13:06 - 2016-04-09 13:52 - 00200994 _____ C:\Users\Messias\AppData\Roaming\inst.lat 2016-04-09 13:06 - 2016-04-09 13:52 - 00127488 _____ C:\Users\Messias\AppData\Roaming\Installer.dat 2016-04-09 13:06 - 2016-04-09 13:52 - 00016992 _____ C:\Users\Messias\AppData\Roaming\InstallationConfiguration.xml 2016-04-09 12:49 - 2016-04-09 13:48 - 00082752 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys 2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\Users\Todos os Usuários\ec752064-4221-0 2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\Users\Todos os Usuários\ec752064-2875-1 2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\ProgramData\ec752064-4221-0 2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\ProgramData\ec752064-2875-1 2016-04-09 12:46 - 2016-04-09 12:46 - 00000000 ____D C:\Users\Messias\Mozilla 2016-04-09 12:45 - 2016-04-09 12:45 - 00000042 _____ C:\Users\Messias\AppData\Roaming\WB.CFG 2016-04-09 12:40 - 2016-04-09 13:49 - 00000000 ____D C:\Users\Messias\AppData\Local\PriceFountain 2016-04-09 12:40 - 2016-04-09 12:40 - 00003616 _____ C:\Windows\System32\Tasks\PFExe 2016-04-09 12:40 - 2016-04-09 12:40 - 00000000 ____D C:\Users\Messias\AppData\Roaming\PriceFountain 2016-04-09 12:39 - 2016-04-09 13:41 - 00000000 ____D C:\Program Files (x86)\CleanBrowser 2016-04-09 12:39 - 2016-04-09 12:39 - 00000000 ____D C:\Users\Messias\AppData\Roaming\MCorp 2016-04-09 12:36 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue 2016-04-09 12:36 - 2016-04-09 12:37 - 00000000 ____D C:\ProgramData\Uniblue 2016-04-09 12:06 - 2016-04-09 12:06 - 00016815 _____ C:\Users\Todos os Usuários\webad.xml 2016-04-09 12:06 - 2016-04-09 12:06 - 00016815 _____ C:\ProgramData\webad.xml 2016-04-09 12:05 - 2016-04-09 12:05 - 00000000 ____D C:\Windows\system32\teg 2016-04-09 12:04 - 2016-04-09 12:04 - 02777282 _____ () C:\Program Files\Common Files\zhre3jfr.exe 2016-04-09 12:02 - 2016-04-09 12:02 - 00003396 _____ C:\Windows\System32\Tasks\cgo1xy4j 2016-04-09 12:02 - 2016-04-09 12:02 - 00000000 ____D C:\Program Files\Common Files\azsmrte3 2016-04-09 11:59 - 2016-04-09 11:59 - 00000000 ____D C:\Program Files (x86)\UCBrowser 2016-04-09 11:59 - 2016-04-09 11:54 - 00002752 _____ C:\Windows\system32\Drivers\etc\hp.bak 2016-04-09 11:58 - 2016-04-09 17:02 - 00000000 ____D C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C 2016-04-09 11:58 - 2016-04-09 13:50 - 00000000 ____D C:\Users\Messias\AppData\Local\Opera Software 2016-04-09 11:57 - 2016-04-09 13:50 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Opera Software 2016-04-09 11:55 - 2016-04-09 13:57 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence 2016-04-09 11:51 - 2016-04-09 13:55 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner 2016-04-09 11:51 - 2016-04-09 11:51 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-04-09 11:50 - 2016-04-09 11:50 - 00003082 _____ C:\Windows\System32\Tasks\CheckMeUp Update 2016-04-09 11:49 - 2016-04-09 11:49 - 00002487 _____ C:\Windows\patsearch.bin 2016-04-09 11:49 - 2016-04-09 11:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf 2016-04-09 11:48 - 2016-04-09 11:48 - 00000000 ____D C:\Program Files (x86)\osTip 2016-04-09 11:48 - 2016-04-09 11:32 - 00073452 _____ C:\Users\Todos os Usuários\YSIns.exe 2016-04-09 11:48 - 2016-04-09 11:32 - 00073452 _____ C:\ProgramData\YSIns.exe 2016-04-09 11:48 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Messias\AppData\Roaming\delCalendarReg.exe 2016-04-09 11:48 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe 2016-04-09 11:48 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe 2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update 2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\Users\Messias\AppData\Roaming\XBox 2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\Users\Messias\AppData\Roaming\LightGate 2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\ProgramData\Windows Update 2016-04-09 11:47 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe 2016-04-09 11:47 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe 2016-04-09 11:47 - 2015-12-10 15:43 - 00600312 _____ C:\Users\Messias\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe 2016-04-09 11:47 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe 2016-04-09 11:47 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe 2016-04-09 11:46 - 2016-04-09 17:17 - 00000000 ____D C:\Users\Messias\AppData\Local\Setup Wizard 2016-04-09 11:46 - 2016-04-09 11:46 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} 2016-04-09 11:46 - 2016-04-09 11:46 - 00000000 ____D C:\Users\Messias\AppData\Local\csdi_monetize_220160408 2016-04-09 11:46 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Messias\AppData\Roaming\HomePage.exe 2016-04-09 11:45 - 2016-04-09 17:09 - 02767872 _____ (TODO: ) C:\Users\Messias\AppData\Roaming\svrupg.exe 2016-04-09 11:45 - 2016-04-09 17:08 - 00016815 _____ C:\Users\Messias\AppData\Roaming\webad.xml 2016-04-09 11:45 - 2016-04-09 12:48 - 00003728 _____ C:\Windows\System32\Tasks\DNS Monitoring 2016-04-09 11:45 - 2016-04-01 14:51 - 01917952 _____ C:\Users\Todos os Usuários\msiql.exe 2016-04-09 11:45 - 2016-04-01 14:51 - 01917952 _____ C:\Users\Messias\AppData\Roaming\msiql.exe 2016-04-09 11:45 - 2016-04-01 14:51 - 01917952 _____ C:\ProgramData\msiql.exe 2016-04-09 11:44 - 2016-04-09 17:05 - 00003092 _____ C:\Windows\System32\Tasks\osTip 2016-04-09 11:44 - 2016-04-09 13:48 - 00000000 ____D C:\Users\Messias\AppData\Local\Tempfolder 2016-04-09 11:44 - 2016-04-09 11:56 - 00000000 ____D C:\Program Files\Fefvopsi 2016-04-09 11:44 - 2016-04-09 11:49 - 00002968 _____ C:\Windows\System32\Tasks\Pritc 2016-04-09 11:44 - 2016-04-09 11:48 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg 2016-04-09 11:44 - 2016-04-09 11:48 - 00000000 ____D C:\ProgramData\WindowsMsg 2016-04-09 11:44 - 2016-04-09 11:44 - 00022176 _____ C:\Windows\System32\Tasks\DNSWILLISTON 2016-04-09 11:44 - 2016-04-09 11:44 - 00003342 _____ C:\Windows\System32\Tasks\Nilumuqn 2016-04-09 11:44 - 2016-04-09 11:44 - 00003026 _____ C:\Windows\System32\Tasks\ttwifi 2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Oluungorri 2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\LocalLow\Company 2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} 2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\Local\csdi_monetize_120160408 2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\uninst 2016-04-09 11:44 - 2016-03-31 11:32 - 01747456 _____ C:\Users\Todos os Usuários\service.exe 2016-04-09 11:44 - 2016-03-31 11:32 - 01747456 _____ C:\Users\Messias\AppData\Roaming\service.exe 2016-04-09 11:44 - 2016-03-31 11:32 - 01747456 _____ C:\ProgramData\service.exe 2016-04-09 11:43 - 2016-04-09 17:10 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-04-09 11:43 - 2016-04-09 17:10 - 00000286 __RSH C:\ProgramData\ntuser.pol 2016-04-09 11:43 - 2016-04-09 13:51 - 00000000 ____D C:\Program Files (x86)\Opera 2016-04-09 11:43 - 2016-04-09 11:43 - 00003448 _____ C:\Windows\System32\Tasks\MessiasIncitingRachetsV2 2016-04-09 11:43 - 2016-04-09 11:43 - 00002970 _____ C:\Windows\System32\Tasks\svchost 2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 ____D C:\Users\Messias\AppData\Roaming\PriceFountainUpdateVer 2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 ____D C:\Users\Messias\AppData\Local\Setup807008 2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 ____D C:\Users\Messias\AppData\Local\IncitingRachets 2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 _____ C:\Windows\SysWOW64\track 2016-04-09 11:42 - 2016-04-09 19:42 - 00000000 ____D C:\Program Files (x86)\badu 2016-04-09 11:42 - 2016-04-09 11:48 - 00000000 ____D C:\FFOutput 2016-04-09 11:42 - 2016-04-09 11:42 - 00023092 _____ C:\Windows\System32\Tasks\{050A0847-0A7F-7D79-0C11-7908790E110C} 2016-04-09 11:42 - 2016-04-09 11:42 - 00001067 _____ C:\Users\Messias\Desktop\Format Factory.lnk 2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Users\Todos os Usuários\77e4e1f1-1ac7-1 2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Users\Todos os Usuários\77e4e1f1-10c7-0 2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\ProgramData\77e4e1f1-1ac7-1 2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\ProgramData\77e4e1f1-10c7-0 2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Program Files\Windows Screen Manager 2016-04-09 11:42 - 2016-04-09 01:32 - 00000000 ____D C:\Program Files\NewExt 2016-04-09 11:42 - 2016-04-09 01:13 - 00000000 ____D C:\Program Files (x86)\Hostify 2016-04-09 11:41 - 2016-04-09 11:42 - 00000000 ____D C:\Program Files (x86)\FormatFactory 2016-04-09 11:41 - 2016-04-09 03:55 - 00048464 _____ (StdLib) C:\Windows\system32\Drivers\{86802a16-8572-49cb-a26a-69ecc1c09906}Gw64.sys 2016-04-09 11:39 - 2016-04-09 13:41 - 00000000 ____D C:\Program Files (x86)\Steel Cut 2016-04-09 11:37 - 2016-04-09 19:42 - 00015148 _____ C:\Windows\System32\Tasks\WinTsks 2016-04-09 11:37 - 2016-04-09 13:37 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support 2016-04-09 11:37 - 2016-04-09 11:38 - 00000000 ____D C:\Program Files (x86)\DailyPCClean 2016-04-09 11:37 - 2016-04-09 11:37 - 00000000 ____D C:\Users\Messias\Documents\DailyPCClean 2016-04-09 11:37 - 2016-04-09 01:09 - 00000000 ____D C:\Users\Messias\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-04-09 11:36 - 2016-04-09 11:51 - 48396699 _____ (Free Time) C:\Users\Messias\Downloads\formatfactory-3-6-0-0-multi-win.exe.part 2016-04-09 11:36 - 2016-04-09 11:36 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-04-09 11:36 - 2016-04-09 11:36 - 00000000 ____D C:\Program Files (x86)\WinTsks 2016-04-09 11:36 - 2016-04-09 11:36 - 00000000 ____D C:\Program Files (x86)\WinSvces 2016-04-09 11:33 - 2016-04-09 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-04-09 11:31 - 2016-04-09 11:31 - 00000000 ____D C:\Program Files (x86)\MSECache 2016-04-09 11:18 - 2016-04-09 11:18 - 00003344 _____ C:\Windows\System32\Tasks\Format Factory 2016-04-09 11:17 - 2016-04-09 11:18 - 04508993 _____ (FF, Inc ) C:\Users\Messias\Downloads\fast-video-converter-3.8.0.4(1).exe 2016-04-09 11:17 - 2016-04-09 11:17 - 04508993 _____ (FF, Inc ) C:\Users\Messias\Downloads\fast-video-converter-3.8.0.4.exe 2016-04-09 11:08 - 2016-04-09 11:08 - 00000000 ___HD C:\Users\Messias\AppData\Roaming\GoldenGate 2016-04-09 11:08 - 2016-04-09 11:08 - 00000000 ___HD C:\Users\Messias\AppData\Roaming\Booking_helper 2016-04-09 11:07 - 2016-04-09 14:22 - 00000000 ____D C:\Users\Messias\AppData\Roaming\WarThunder 2016-04-09 11:07 - 2016-04-09 11:07 - 05892175 _____ (MediaDownloader ) C:\Users\Messias\Downloads\MediaDownloader.exe 2016-04-09 11:07 - 2016-04-09 11:07 - 00003992 _____ C:\Windows\System32\Tasks\LaunchPreSignup 2016-04-09 11:01 - 2016-04-09 11:01 - 00262144 ____N C:\Windows\Minidump\040916-18049-01.dmp 2016-04-09 02:03 - 2016-04-09 02:03 - 00003242 _____ C:\Windows\System32\Tasks\uydate 2016-04-09 01:39 - 2016-04-09 01:39 - 31523896 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 24207296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 23000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 17559240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 15302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 12911160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-04-09 01:39 - 2016-04-09 01:39 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 04252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 03996216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 02825016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 01908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434195.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 01557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434195.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 00952256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 00915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 00911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-04-09 01:39 - 2016-04-09 01:39 - 00878648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-04-09 01:16 - 2016-04-09 19:39 - 00000000 ____D C:\Program Files (x86)\SunnyDay21 2016-04-09 01:16 - 2016-04-09 17:08 - 00000000 ____D C:\Users\Messias\AppData\Local\SunnyDay21 2016-04-09 01:13 - 2016-04-09 01:13 - 00631808 _____ C:\Windows\fjp.dat 2016-04-09 01:13 - 2016-04-09 01:13 - 00417792 _____ C:\Windows\fjp.exe 2016-04-09 01:13 - 2016-04-09 01:13 - 00408576 _____ C:\Windows\mfjp.exe 2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\Users\Todos os Usuários\sulpnars 2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RinoReader 2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\ProgramData\sulpnars 2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\Program Files (x86)\RinoReader 2016-04-09 01:12 - 2016-04-09 16:53 - 00000000 ____D C:\Users\Todos os Usuários\sulpnar 2016-04-09 01:12 - 2016-04-09 16:53 - 00000000 ____D C:\ProgramData\sulpnar 2016-04-09 01:11 - 2016-04-09 17:07 - 00001223 _____ C:\Users\Usuário Padrão\Desktop\Get Random Viral.lnk 2016-04-09 01:11 - 2016-04-09 17:07 - 00001223 _____ C:\Users\Default\Desktop\Get Random Viral.lnk 2016-04-09 01:11 - 2016-04-09 17:07 - 00001223 _____ C:\Users\Default User\Desktop\Get Random Viral.lnk 2016-04-09 01:11 - 2016-04-09 17:07 - 00001175 _____ C:\Users\Usuário Padrão\Desktop\Google Search.lnk 2016-04-09 01:11 - 2016-04-09 17:07 - 00001175 _____ C:\Users\Default\Desktop\Google Search.lnk 2016-04-09 01:11 - 2016-04-09 17:07 - 00001175 _____ C:\Users\Default User\Desktop\Google Search.lnk 2016-04-09 01:08 - 2016-04-09 01:08 - 00242240 _____ C:\Users\Messias\Downloads\Firefox Setup Stub 45.0.1 (1).exe 2016-04-09 01:08 - 2016-04-09 01:08 - 00013862 _____ C:\Users\Messias\Desktop\firefox - Atalho.lnk 2016-04-09 01:08 - 2016-04-09 01:08 - 00000000 ____D C:\Windows\pss 2016-04-09 01:05 - 2016-04-09 01:05 - 00000000 ____D C:\Users\Todos os Usuários\ec752064-23c3-1 2016-04-09 01:05 - 2016-04-09 01:05 - 00000000 ____D C:\ProgramData\ec752064-23c3-1 2016-04-09 01:04 - 2016-04-09 19:22 - 00000000 ____D C:\Program Files\CCleaner 2016-04-09 01:04 - 2016-04-09 01:04 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-09 01:04 - 2016-04-09 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-09 01:02 - 2016-04-09 01:03 - 06868672 _____ (Piriform Ltd) C:\Users\Messias\Downloads\ccsetup516.exe 2016-04-08 21:59 - 2016-04-08 21:59 - 00445861 _____ C:\Users\Messias\Desktop\♫_Best_of_No_Copyright_Music_01_NCS_Gaming_Mix_Best_of_2015_HOT.webm 2016-04-08 21:53 - 2016-04-08 21:57 - 82153647 _____ C:\Users\Messias\Desktop\♫_Best_of_No_Copyright_Music_01_NCS_Gaming_Mix_Best_of_2015_HOT_130k.m4a 2016-04-06 11:48 - 2016-04-06 11:48 - 00000000 ____D C:\Users\Public\Documents\Baidu 2016-04-06 08:22 - 2016-04-06 08:22 - 00000000 ____D C:\Program Files\Common Files\Intel 2016-04-05 19:01 - 2016-04-05 19:01 - 00000000 ____D C:\Users\Messias\AppData\Local\CEF 2016-04-05 19:00 - 2016-04-05 19:00 - 00000000 ____D C:\Program Files\Intel 2016-04-05 18:58 - 2016-04-05 18:58 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-04-05 18:58 - 2016-04-05 18:58 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-05 18:57 - 2016-04-09 13:41 - 00000000 ____D C:\Program Files\Common Files\McAfee 2016-04-05 18:57 - 2016-04-07 08:12 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-04-05 18:46 - 2016-04-05 18:46 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Macromedia 2016-04-05 18:46 - 2016-04-05 18:46 - 00000000 ____D C:\Users\Messias\AppData\Local\Macromedia 2016-04-05 18:45 - 2016-04-09 13:39 - 00000000 ____D C:\Users\Todos os Usuários\McAfee 2016-04-05 18:45 - 2016-04-09 13:39 - 00000000 ____D C:\ProgramData\McAfee 2016-04-05 18:45 - 2016-04-05 18:45 - 00000000 ____D C:\Users\Todos os Usuários\McAfee Security Scan 2016-04-05 18:45 - 2016-04-05 18:45 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2016-04-05 18:45 - 2016-04-05 18:45 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan 2016-04-05 18:44 - 2016-04-09 16:54 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-05 18:44 - 2016-04-07 21:54 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-05 18:44 - 2016-04-07 21:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-05 18:44 - 2016-04-07 21:54 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-04-05 18:44 - 2016-04-05 18:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-04-05 18:44 - 2016-04-05 18:44 - 00000000 ____D C:\Windows\system32\Macromed 2016-04-05 18:43 - 2016-04-05 18:45 - 00000000 ____D C:\Users\Messias\AppData\Local\Adobe 2016-04-05 18:38 - 2016-04-09 16:48 - 00000000 ____D C:\Users\Messias\AppData\Roaming\WeatherTool 2016-04-05 18:38 - 2016-04-09 14:46 - 00000000 ____D C:\Program Files (x86)\WeatherTool 2016-04-05 18:38 - 2016-04-05 18:38 - 00026541 _____ C:\Users\Messias\Downloads\leethax.xpi 2016-04-05 18:38 - 2016-04-05 18:38 - 00000000 ____D C:\Users\Public\Documents\Guid 2016-04-05 18:37 - 2016-04-05 18:37 - 00001085 _____ C:\Users\Messias\Desktop\Cheat Engine.lnk 2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\Users\Messias\Documents\My Cheat Tables 2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\Users\Messias\AppData\Roaming\OpenCandy 2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5 2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5 2016-04-05 18:36 - 2016-04-09 01:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-05 18:36 - 2016-04-05 18:45 - 00000000 ____D C:\Users\Messias\AppData\Local\Mozilla 2016-04-05 18:36 - 2016-04-05 18:37 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Mozilla 2016-04-05 18:36 - 2016-04-05 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-05 18:33 - 2016-04-05 18:37 - 10842040 _____ (Cheat Engine ) C:\Users\Messias\Downloads\CheatEngine65.exe 2016-04-05 18:33 - 2016-04-05 18:33 - 00242240 _____ C:\Users\Messias\Downloads\Firefox Setup Stub 45.0.1.exe 2016-04-05 13:09 - 2016-04-09 01:14 - 00002056 _____ C:\Users\Messias\Desktop\Google Chrome.lnk 2016-03-23 16:26 - 2016-03-25 14:47 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Audacity 2016-03-23 16:26 - 2016-03-23 16:26 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-03-23 16:26 - 2016-03-23 16:26 - 00001007 _____ C:\Users\Public\Desktop\Audacity.lnk 2016-03-23 16:26 - 2016-03-23 16:26 - 00000000 ____D C:\Users\Messias\AppData\Local\Audacity 2016-03-23 16:25 - 2016-03-23 16:26 - 00000000 ____D C:\Program Files (x86)\Audacity 2016-03-23 16:23 - 2016-03-23 16:24 - 26496761 _____ (Audacity Team ) C:\Users\Messias\Downloads\audacity-win-2.1.2.exe 2016-03-22 18:19 - 2016-03-22 18:19 - 00240064 _____ C:\Users\Messias\Desktop\Pré-atendimento eleitoral - Título Net — Tribunal Superior Eleitoral.pdf 2016-03-21 23:28 - 2016-03-21 23:28 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2016-03-21 23:22 - 2016-03-21 23:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Messias\Documents\samsung 2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Samsung 2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Messias\AppData\Local\Samsung 2016-03-21 23:16 - 2016-01-08 05:51 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-03-21 23:16 - 2016-01-08 05:51 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2016-03-21 23:16 - 2016-01-08 05:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2016-03-21 23:16 - 2016-01-08 05:51 - 00120416 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2016-03-21 23:08 - 2016-03-21 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-03-21 23:08 - 2016-03-21 23:08 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information 2016-03-21 23:08 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2016-03-21 23:08 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2016-03-21 23:07 - 2016-03-21 23:16 - 00000000 ____D C:\Users\Todos os Usuários\Samsung 2016-03-21 23:07 - 2016-03-21 23:16 - 00000000 ____D C:\ProgramData\Samsung 2016-03-21 23:07 - 2016-03-21 23:16 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-03-21 23:05 - 2016-03-21 23:05 - 00000000 ____D C:\Users\Messias\AppData\Local\Downloaded Installations 2016-03-21 23:01 - 2016-03-21 23:04 - 79061256 _____ (Samsung Electronics Co., Ltd.) C:\Users\Messias\Downloads\KiesSetup.exe 2016-03-10 21:38 - 2016-02-09 03:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-03-10 21:38 - 2016-02-09 03:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-03-10 21:38 - 2016-02-08 18:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-03-10 21:38 - 2016-02-08 17:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-03-10 21:38 - 2016-02-08 17:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-03-10 21:38 - 2016-02-08 17:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-03-10 21:38 - 2016-02-08 17:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-03-10 21:38 - 2016-02-08 17:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-03-10 21:38 - 2016-02-08 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-03-10 21:38 - 2016-02-08 17:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-03-10 21:38 - 2016-02-08 17:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-03-10 21:38 - 2016-02-08 17:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-03-10 21:38 - 2016-02-08 17:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-03-10 21:38 - 2016-02-08 17:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-03-10 21:38 - 2016-02-08 17:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-03-10 21:38 - 2016-02-08 17:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-03-10 21:38 - 2016-02-08 17:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-03-10 21:38 - 2016-02-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-03-10 21:38 - 2016-02-08 17:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-03-10 21:38 - 2016-02-08 17:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-03-10 21:38 - 2016-02-08 17:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-03-10 21:38 - 2016-02-08 17:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-03-10 21:38 - 2016-02-08 17:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-03-10 21:38 - 2016-02-08 17:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-03-10 21:38 - 2016-02-08 17:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-10 21:38 - 2016-02-08 17:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-03-10 21:38 - 2016-02-08 17:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-03-10 21:38 - 2016-02-08 17:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-03-10 21:38 - 2016-02-08 17:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-03-10 21:38 - 2016-02-08 17:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-03-10 21:38 - 2016-02-08 16:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-03-10 21:38 - 2016-02-08 16:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-03-10 21:38 - 2016-02-08 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-03-10 21:38 - 2016-02-08 15:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-03-10 21:38 - 2016-02-08 15:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-03-10 21:38 - 2016-02-08 15:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-10 21:38 - 2016-02-08 15:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-03-10 21:38 - 2016-02-08 15:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-03-10 21:38 - 2016-02-08 15:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-03-10 21:38 - 2016-02-08 15:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-03-10 21:38 - 2016-02-08 15:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-03-10 21:38 - 2016-02-08 15:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-03-10 21:38 - 2016-02-08 15:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-03-10 21:38 - 2016-02-08 15:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-03-10 21:38 - 2016-02-08 15:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-03-10 21:38 - 2016-02-08 15:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-03-10 21:38 - 2016-02-08 15:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-03-10 21:38 - 2016-02-08 15:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-03-10 21:38 - 2016-02-08 15:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-03-10 21:38 - 2016-02-08 15:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-03-10 21:38 - 2016-02-08 15:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-03-10 21:38 - 2016-02-08 14:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-03-10 21:38 - 2016-02-08 14:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-03-10 21:38 - 2016-02-08 14:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-03-10 21:38 - 2016-02-08 14:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-03-10 21:38 - 2016-02-08 14:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-03-10 21:38 - 2016-02-08 14:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-03-10 21:38 - 2016-02-08 14:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-03-10 21:38 - 2016-02-08 14:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-03-10 21:38 - 2016-02-08 14:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-03-10 21:38 - 2016-02-08 14:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-10 21:38 - 2016-02-08 14:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-03-10 21:38 - 2016-02-08 14:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-03-10 21:38 - 2016-02-08 14:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-03-10 21:38 - 2016-02-08 14:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-03-10 21:38 - 2016-02-08 13:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-03-10 20:34 - 2016-02-12 15:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-03-10 20:34 - 2016-02-12 15:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-03-10 20:34 - 2016-02-12 15:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-03-10 20:34 - 2016-02-12 15:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-03-10 20:34 - 2016-02-12 15:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-03-10 20:34 - 2016-02-12 15:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-10 20:34 - 2016-02-12 15:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-03-10 20:34 - 2016-02-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-03-10 20:34 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-03-10 20:34 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-03-10 20:34 - 2016-02-12 15:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-03-10 20:34 - 2016-02-12 15:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-03-10 20:34 - 2016-02-12 15:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-03-10 20:34 - 2016-02-12 15:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-03-10 20:34 - 2016-02-12 15:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-03-10 20:34 - 2016-02-12 15:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-03-10 20:34 - 2016-02-04 14:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-03-10 20:34 - 2016-02-03 15:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-03-10 20:34 - 2016-02-03 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-10 20:34 - 2016-02-03 15:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-03-10 20:34 - 2016-02-03 15:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-10 20:34 - 2016-02-03 15:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-03-10 20:34 - 2016-01-11 16:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-03-10 20:34 - 2015-11-19 11:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2016-03-10 20:29 - 2016-02-11 15:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-10 20:29 - 2016-02-11 15:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-03-10 20:29 - 2016-02-11 15:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-03-10 20:29 - 2016-02-11 15:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-03-10 20:29 - 2016-02-11 15:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-03-10 20:29 - 2016-02-11 15:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-03-10 20:29 - 2016-02-11 15:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-03-10 20:29 - 2016-02-11 15:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-03-10 20:29 - 2016-02-11 15:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-03-10 20:29 - 2016-02-11 15:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-03-10 20:29 - 2016-02-11 15:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-03-10 20:29 - 2016-02-11 15:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-03-10 20:29 - 2016-02-11 15:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-03-10 20:29 - 2016-02-11 15:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-03-10 20:29 - 2016-02-11 15:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-03-10 20:29 - 2016-02-11 15:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-03-10 20:29 - 2016-02-11 15:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-03-10 20:29 - 2016-02-11 15:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-03-10 20:29 - 2016-02-11 15:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-03-10 20:29 - 2016-02-11 15:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-03-10 20:29 - 2016-02-11 15:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-03-10 20:29 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-03-10 20:29 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-03-10 20:29 - 2016-02-11 15:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-03-10 20:29 - 2016-02-11 15:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-03-10 20:29 - 2016-02-11 15:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-03-10 20:29 - 2016-02-11 15:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-03-10 20:29 - 2016-02-11 15:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-03-10 20:29 - 2016-02-11 15:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-03-10 20:29 - 2016-02-11 15:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-03-10 20:29 - 2016-02-11 15:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-03-10 20:29 - 2016-02-11 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-03-10 20:29 - 2016-02-11 15:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-03-10 20:29 - 2016-02-11 15:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 14:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-03-10 20:29 - 2016-02-11 14:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-03-10 20:29 - 2016-02-11 14:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-03-10 20:29 - 2016-02-11 14:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-03-10 20:29 - 2016-02-11 14:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-03-10 20:29 - 2016-02-11 14:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-03-10 20:29 - 2016-02-11 14:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-03-10 20:29 - 2016-02-11 14:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-03-10 20:29 - 2016-02-11 14:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-03-10 20:29 - 2016-02-11 14:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-03-10 20:29 - 2016-02-11 14:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-03-10 20:29 - 2016-02-11 14:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-03-10 20:29 - 2016-02-11 14:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-03-10 20:29 - 2016-02-11 14:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-03-10 20:29 - 2016-02-11 14:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-03-10 20:29 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-03-10 20:28 - 2016-02-09 06:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-10 20:28 - 2016-02-09 06:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-03-10 20:28 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-03-10 20:28 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-03-10 20:28 - 2016-02-09 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-10 20:28 - 2016-02-09 06:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-03-10 20:28 - 2016-02-09 06:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-03-10 20:28 - 2016-02-09 06:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-03-10 20:28 - 2016-02-09 06:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2016-03-10 20:28 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2016-03-10 20:28 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2016-03-10 20:28 - 2016-02-05 15:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-03-10 20:28 - 2016-02-05 15:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-03-10 20:28 - 2016-02-05 15:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-10 20:28 - 2016-02-05 15:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-03-10 20:28 - 2016-02-05 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-03-10 20:28 - 2016-02-05 15:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-03-10 20:28 - 2016-02-05 15:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-03-10 20:28 - 2016-02-05 14:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-10 20:28 - 2016-02-05 14:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-10 20:28 - 2016-02-05 14:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-10 20:28 - 2016-02-04 22:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-10 20:28 - 2016-02-04 15:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-03-10 20:23 - 2016-02-19 16:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-03-10 20:23 - 2016-02-19 15:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-03-10 20:23 - 2016-02-19 11:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-03-10 20:23 - 2016-02-11 11:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-03-10 20:23 - 2016-02-05 11:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-03-10 20:23 - 2016-02-05 11:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-03-10 20:23 - 2016-02-05 11:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-09 19:29 - 2015-12-20 22:27 - 00000000 ____D C:\Users\Messias\AppData\Roaming\PhotoScape 2016-04-09 19:29 - 2015-12-05 07:03 - 00000000 ____D C:\Users\Messias\AppData\Roaming\uTorrent 2016-04-09 19:25 - 2015-11-15 17:49 - 00000000 ____D C:\Windows\Panther 2016-04-09 17:56 - 2015-11-15 11:57 - 00001401 _____ C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-04-09 17:20 - 2015-11-15 12:03 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-09 17:14 - 2009-07-14 01:45 - 00019520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-09 17:14 - 2009-07-14 01:45 - 00019520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-09 17:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF 2016-04-09 17:11 - 2009-07-29 12:49 - 00705474 _____ C:\Windows\system32\prfh0416.dat 2016-04-09 17:11 - 2009-07-29 12:49 - 00147314 _____ C:\Windows\system32\prfc0416.dat 2016-04-09 17:11 - 2009-07-14 02:13 - 01634498 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-09 17:11 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2016-04-09 17:08 - 2015-11-15 12:15 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler 2016-04-09 17:08 - 2015-11-15 12:15 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Messias) 2016-04-09 17:07 - 2002-01-01 00:03 - 00001223 _____ C:\Users\Public\Desktop\Get Random Viral.lnk 2016-04-09 17:07 - 2002-01-01 00:03 - 00001223 _____ C:\Users\Messias\Desktop\Get Random Viral.lnk 2016-04-09 17:07 - 2002-01-01 00:03 - 00001175 _____ C:\Users\Public\Desktop\Google Search.lnk 2016-04-09 17:07 - 2002-01-01 00:03 - 00001175 _____ C:\Users\Messias\Desktop\Google Search.lnk 2016-04-09 17:05 - 2015-11-15 12:03 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-09 17:05 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-09 12:53 - 2015-11-15 12:02 - 00000000 ____D C:\Users\Messias\AppData\Local\Apps\2.0 2016-04-09 12:46 - 2015-11-15 11:56 - 00000000 ____D C:\Users\Messias 2016-04-09 12:36 - 2009-07-13 23:34 - 00000505 _____ C:\Windows\win.ini 2016-04-09 11:50 - 2015-11-15 13:30 - 00001437 ____R C:\Users\Messias\Desktop\Internet Explorer.lnk 2016-04-09 11:43 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-04-09 11:43 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy 2016-04-09 11:01 - 2015-11-17 18:47 - 00000000 ____D C:\Windows\Minidump 2016-04-09 02:05 - 2002-01-01 00:05 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Skype 2016-04-09 01:44 - 2016-03-09 07:18 - 00002150 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk 2016-04-09 01:43 - 2015-11-15 13:28 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2016-04-09 01:43 - 2015-11-15 13:28 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-09 01:41 - 2015-11-15 13:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-04-09 01:39 - 2015-11-15 13:22 - 18634264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-04-09 01:39 - 2015-11-15 13:22 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-04-09 01:39 - 2015-11-15 13:22 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-04-09 01:39 - 2015-11-15 13:22 - 03210784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-04-09 01:39 - 2015-11-15 13:22 - 00026157 _____ C:\Windows\system32\nvinfo.pb 2016-04-09 01:29 - 2015-11-15 12:15 - 00000000 ____D C:\Users\Todos os Usuários\ProductData 2016-04-09 01:29 - 2015-11-15 12:15 - 00000000 ____D C:\ProgramData\ProductData 2016-04-09 01:14 - 2015-11-15 12:18 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-05 22:20 - 2015-11-24 16:21 - 01598884 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-03-23 22:25 - 2015-11-25 00:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-03-23 22:25 - 2015-11-25 00:21 - 00000000 ___SD C:\Windows\system32\GWX 2016-03-13 08:46 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-03-11 17:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache 2016-03-11 06:21 - 2009-07-14 01:45 - 00267448 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-10 22:59 - 2015-11-16 02:57 - 00000000 ____D C:\Windows\system32\appraiser ==================== Arquivos na raiz de alguns diretórios ======= 2016-04-09 17:55 - 2016-04-09 17:55 - 2777282 _____ () C:\Program Files\Common Files\tyoxt21d.exe 2016-04-09 12:04 - 2016-04-09 12:04 - 2777282 _____ () C:\Program Files\Common Files\zhre3jfr.exe 2016-04-09 13:09 - 2016-04-09 13:53 - 6504960 _____ () C:\Users\Messias\AppData\Roaming\agent.dat 2016-04-09 13:08 - 2016-04-09 13:53 - 0054272 _____ () C:\Users\Messias\AppData\Roaming\ApplicationHosting.dat 2016-04-09 13:07 - 2016-04-09 13:07 - 0848437 _____ () C:\Users\Messias\AppData\Roaming\Blackdox.bin 2016-04-09 11:51 - 2016-04-09 11:51 - 0001251 _____ () C:\Users\Messias\AppData\Roaming\Bubble Dock.boostrap.log 2016-04-09 11:53 - 2016-04-09 11:53 - 0000117 _____ () C:\Users\Messias\AppData\Roaming\Bubble Dock.installation.log 2016-04-09 13:09 - 2016-04-09 13:53 - 0065424 _____ () C:\Users\Messias\AppData\Roaming\Config.xml 2016-04-09 11:48 - 2016-02-24 06:18 - 1085440 _____ () C:\Users\Messias\AppData\Roaming\delCalendarReg.exe 2016-04-09 13:53 - 2016-04-09 13:52 - 1134592 _____ () C:\Users\Messias\AppData\Roaming\HomeNix.exe 2016-04-09 13:53 - 2016-04-09 13:53 - 1626416 _____ () C:\Users\Messias\AppData\Roaming\HomeNix.tst 2016-04-09 11:46 - 2015-11-25 15:31 - 1100288 _____ () C:\Users\Messias\AppData\Roaming\HomePage.exe 2016-04-09 13:06 - 2016-04-09 13:52 - 0200994 _____ () C:\Users\Messias\AppData\Roaming\inst.lat 2016-04-09 13:06 - 2016-04-09 13:52 - 0016992 _____ () C:\Users\Messias\AppData\Roaming\InstallationConfiguration.xml 2016-04-09 13:06 - 2016-04-09 13:52 - 0127488 _____ () C:\Users\Messias\AppData\Roaming\Installer.dat 2016-04-09 13:09 - 2016-04-09 13:09 - 0189654 _____ () C:\Users\Messias\AppData\Roaming\K-Remfix.bin 2016-04-09 13:08 - 2016-04-09 13:53 - 0126464 _____ () C:\Users\Messias\AppData\Roaming\lobby.dat 2016-04-09 13:09 - 2016-04-09 13:53 - 0018432 _____ () C:\Users\Messias\AppData\Roaming\Main.dat 2016-04-09 13:08 - 2016-04-09 13:53 - 0005568 _____ () C:\Users\Messias\AppData\Roaming\md.xml 2016-04-09 11:45 - 2016-04-01 14:51 - 1917952 _____ () C:\Users\Messias\AppData\Roaming\msiql.exe 2016-04-09 13:09 - 2016-04-09 13:53 - 0126464 _____ () C:\Users\Messias\AppData\Roaming\noah.dat 2016-04-09 11:44 - 2016-03-31 11:32 - 1747456 _____ () C:\Users\Messias\AppData\Roaming\service.exe 2016-04-09 13:08 - 2016-04-09 13:06 - 1202688 _____ () C:\Users\Messias\AppData\Roaming\Statjoytex.exe 2016-04-09 13:08 - 2016-04-09 13:08 - 0072699 _____ () C:\Users\Messias\AppData\Roaming\Statjoytex.tst 2016-04-09 11:45 - 2016-04-09 17:09 - 2767872 _____ (TODO: ) C:\Users\Messias\AppData\Roaming\svrupg.exe 2016-04-09 13:52 - 2016-04-09 13:52 - 0848437 _____ () C:\Users\Messias\AppData\Roaming\Treetough.bin 2016-04-09 13:08 - 2016-04-09 13:06 - 1202688 _____ () C:\Users\Messias\AppData\Roaming\TrioHold.exe 2016-04-09 13:09 - 2016-04-09 13:09 - 1626416 _____ () C:\Users\Messias\AppData\Roaming\TrioHold.tst 2016-04-09 13:52 - 2016-04-09 13:52 - 1134592 _____ () C:\Users\Messias\AppData\Roaming\Trust-Trax.exe 2016-04-09 13:53 - 2016-04-09 13:53 - 0072699 _____ () C:\Users\Messias\AppData\Roaming\Trust-Trax.tst 2016-04-09 13:55 - 2016-04-09 13:55 - 0001150 _____ () C:\Users\Messias\AppData\Roaming\uninstall_temp.ico 2016-04-09 13:53 - 2016-04-09 13:53 - 0189654 _____ () C:\Users\Messias\AppData\Roaming\VilaOveron.bin 2016-04-09 12:45 - 2016-04-09 12:45 - 0000042 _____ () C:\Users\Messias\AppData\Roaming\WB.CFG 2016-04-09 11:45 - 2016-04-09 17:08 - 0016815 _____ () C:\Users\Messias\AppData\Roaming\webad.xml 2016-04-09 11:51 - 2016-04-09 11:51 - 0000097 _____ () C:\Users\Messias\AppData\Roaming\WindApp.boostrap.log 2016-04-09 11:47 - 2015-12-10 15:43 - 0600312 _____ () C:\Users\Messias\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe 2016-04-09 13:20 - 2016-04-09 13:10 - 0041472 _____ () C:\Users\Messias\AppData\Local\Anottrans.dat 2016-04-09 13:20 - 2016-04-09 13:11 - 0028160 _____ () C:\Users\Messias\AppData\Local\Anottrans.exe 2016-04-09 13:20 - 2016-04-09 13:11 - 0000187 _____ () C:\Users\Messias\AppData\Local\Anottrans.exe.config 2016-04-09 13:54 - 2016-04-09 13:54 - 0041472 _____ () C:\Users\Messias\AppData\Local\Doublebase.dat 2016-04-09 13:54 - 2016-04-09 13:54 - 0028160 _____ () C:\Users\Messias\AppData\Local\Doublebase.exe 2016-04-09 13:54 - 2016-04-09 13:54 - 0000187 _____ () C:\Users\Messias\AppData\Local\Doublebase.exe.config 2016-04-09 11:47 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe 2015-11-15 13:25 - 2015-11-15 13:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-04-09 11:48 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe 2016-04-09 11:47 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe 2016-04-09 11:45 - 2016-04-01 14:51 - 1917952 _____ () C:\ProgramData\msiql.exe 2016-04-09 11:44 - 2016-03-31 11:32 - 1747456 _____ () C:\ProgramData\service.exe 2016-04-09 12:06 - 2016-04-09 12:06 - 0016815 _____ () C:\ProgramData\webad.xml 2016-04-09 11:48 - 2016-04-09 11:32 - 0073452 _____ () C:\ProgramData\YSIns.exe Arquivos para serem movidos ou deletados: ==================== C:\Users\Messias\AppData\Local\Temp\is-2V1Q0.tmp\print.exe C:\Users\Messias\AppData\Local\Temp\R7BEVR99F\R7BEVR99F.exe C:\ProgramData\delCalendarReg.exe C:\ProgramData\HomePage.exe C:\ProgramData\LightGate.exe C:\ProgramData\msiql.exe C:\ProgramData\service.exe C:\ProgramData\YSIns.exe C:\Users\Todos os Usuários\delCalendarReg.exe C:\Users\Todos os Usuários\HomePage.exe C:\Users\Todos os Usuários\LightGate.exe C:\Users\Todos os Usuários\msiql.exe C:\Users\Todos os Usuários\service.exe C:\Users\Todos os Usuários\YSIns.exe Alguns arquivos em TEMP: ==================== C:\Users\Messias\AppData\Local\Temp\115E.tmp.exe C:\Users\Messias\AppData\Local\Temp\1324.tmp.exe C:\Users\Messias\AppData\Local\Temp\13FF.tmp.exe C:\Users\Messias\AppData\Local\Temp\1H7LLZRFK3.exe C:\Users\Messias\AppData\Local\Temp\23333.exe C:\Users\Messias\AppData\Local\Temp\3B8C.tmp.exe C:\Users\Messias\AppData\Local\Temp\697.tmp.exe C:\Users\Messias\AppData\Local\Temp\699B.tmp.exe C:\Users\Messias\AppData\Local\Temp\6A76.tmp.exe C:\Users\Messias\AppData\Local\Temp\7KXFGY6VL0.exe C:\Users\Messias\AppData\Local\Temp\8HMR0E6LHB.exe C:\Users\Messias\AppData\Local\Temp\92CD.tmp.exe C:\Users\Messias\AppData\Local\Temp\94492374-D784-9438-D90A-88FF9BFD79E8.exe C:\Users\Messias\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.dll C:\Users\Messias\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.exe C:\Users\Messias\AppData\Local\Temp\ACD3.tmp.exe C:\Users\Messias\AppData\Local\Temp\AHYCEKZSCR.exe C:\Users\Messias\AppData\Local\Temp\B0006BDF98.exe C:\Users\Messias\AppData\Local\Temp\BingSvc.exe C:\Users\Messias\AppData\Local\Temp\BPIFBAY76M.exe C:\Users\Messias\AppData\Local\Temp\Browser_V5.6.11466.7_r_4728_(Build1603281525).exe C:\Users\Messias\AppData\Local\Temp\BSvcProcessor.exe C:\Users\Messias\AppData\Local\Temp\BSvcUpdater.exe C:\Users\Messias\AppData\Local\Temp\cedcb032-3830-4cf1-bf0f-2a794757da62.dll C:\Users\Messias\AppData\Local\Temp\de08cec8-1bd2-4480-a287-49a9cc4237b5.dll C:\Users\Messias\AppData\Local\Temp\DO3EOS122J.exe C:\Users\Messias\AppData\Local\Temp\fsd93D6.exe C:\Users\Messias\AppData\Local\Temp\FWI5HR5J2L.exe C:\Users\Messias\AppData\Local\Temp\G0DDNVRCSS.exe C:\Users\Messias\AppData\Local\Temp\HF8HZHE5C2.exe C:\Users\Messias\AppData\Local\Temp\LNNAG19APJ.exe C:\Users\Messias\AppData\Local\Temp\LocustsMescals.dll C:\Users\Messias\AppData\Local\Temp\mdu_7eurp.exe C:\Users\Messias\AppData\Local\Temp\nsd7D2C.exe C:\Users\Messias\AppData\Local\Temp\nsj5734.exe C:\Users\Messias\AppData\Local\Temp\PGAK1H7OSX.exe C:\Users\Messias\AppData\Local\Temp\PriceFountainUpdateVer.exe C:\Users\Messias\AppData\Local\Temp\QMNB180DWQ.exe C:\Users\Messias\AppData\Local\Temp\SDG4NRH5Y8.exe C:\Users\Messias\AppData\Local\Temp\TOEBBPML3N.exe C:\Users\Messias\AppData\Local\Temp\WS8V0BA4JN.exe C:\Users\Messias\AppData\Local\Temp\XG6B9P0KI1.exe C:\Users\Messias\AppData\Local\Temp\YZ63W2PLYC.exe C:\Users\Messias\AppData\Local\Temp\ZEDAIMJLFM.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll [2015-11-24 12:32] - [2015-11-24 12:32] - 0357888 ____A (Microsoft Corporation) 8B8D593F6C5238B2946032AAE5ABCAF9 C:\Windows\SysWOW64\dnsapi.dll [2015-11-24 12:32] - [2015-11-24 12:32] - 0270336 ____A (Microsoft Corporation) 7EEAFF6FD4FCB1D6E95BDA9DE135C21F C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-04-09 02:57 ==================== Fim de FRST.txt ============================