cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by GenesisQ (administrator) on GENESIS (19-08-2015 09:57:58)
Running from C:\Users\GenesisQ\Desktop
Loaded Profiles: GenesisQ (Available Profiles: GenesisQ)
Platform: Windows 8 Single Language (X64) Language: Português (Brasil)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCRTP.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RAV\ravmond.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Positivo Informática S.A) C:\Program Files (x86)\Positivo Informática\Mundo Positivo Bateria\BatteryManagerService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PSafe) C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe
(PSafe S/A) C:\Program Files (x86)\PSafe\PSafesvc.exe
(PSafe) C:\Program Files (x86)\PSafe\PSafeWD.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Users\GenesisQ\AppData\Local\gmsd_br_006010061\upgmsd_br_006010061.exe
(Positivo Informática S.A) C:\Program Files (x86)\Positivo Informática\Mundo Positivo Bateria\BatteryPower.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Vitzo) C:\Program Files\VDownloader\VDownloader4.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RAV\rstray.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\QMNetMon\QQPCNetFlow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCRealTimeSpeedup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMChExt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [Deskmedia] => C:\Positivo\Deskmedia\GerenciadorLocal.exe [1348920 2014-11-13] (Positivo Informática)
HKLM\...\Run: [Sidebar] => "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
HKLM\...\Run: [StartUpManagerPositivo] => C:\Program Files\Positivo Informática\Mundo Positivo Gerenciador de Inicialização\ManagerWindows.exe [265808 2012-10-24] (Positivo Informática SA)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-09-10] (Synaptics Incorporated)
HKLM\...\Run: [gpuminer] => C:\Users\GenesisQ\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [96 2015-05-02] ()
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1575424 2015-08-07] (Vitzo)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [PSafeSysTray] => C:\Program Files (x86)\PSafe\PSafeSysTray.exe [4892424 2012-08-24] (PSafe)
HKLM-x32\...\Run: [gmsd_br_006010061] => [X]
HKLM-x32\...\Run: [gmsd_br_005010062] => [X]
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTRAY.EXE [355296 2015-08-16] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-24] (Beijing Rising Information Technology Co., Ltd.)
HKLM-x32\...\Run: [RavTRAY] => C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE [111000 2014-05-14] (Beijing Rising Information Technology Co., Ltd.)
HKLM-x32\...\RunOnce: [upgmsd_br_006010061.exe] => C:\Users\GenesisQ\AppData\Local\gmsd_br_006010061\upgmsd_br_006010061.exe [3311248 2015-08-14] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\Run: [SmartProtect] => C:\ProgramData\SmartProtect\SmartProtect.exe [56120 2014-11-13] (Positivo Informática)
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1575424 2015-08-07] (Vitzo)
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMGCShellExt64.dll [2015-08-16] (Tencent)
ShellIconOverlayIdentifiers: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.0.1208.24401\PSafeShellExtensionx64.dll [2012-08-24] (PSafe S/A)
ShellIconOverlayIdentifiers: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.0.1208.24401\PSafeShellExtensionx64.dll [2012-08-24] (PSafe S/A)
ShellIconOverlayIdentifiers: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.0.1208.24401\PSafeShellExtensionx64.dll [2012-08-24] (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [1PSafeOverlaySync] -> {A48EC0D3-3DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.0.1208.24401\PSafeShellExtensionx86.dll [2012-08-24] (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [2PSafeOverlayOk] -> {A48EC0D3-4DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.0.1208.24401\PSafeShellExtensionx86.dll [2012-08-24] (PSafe S/A)
ShellIconOverlayIdentifiers-x32: [3PSafeOverlayOut] -> {A48EC0D3-5DDF-4A75-B35E-B1AFBC6E40F7} => C:\Program Files (x86)\PSafe\shell\v3.0.1208.24401\PSafeShellExtensionx86.dll [2012-08-24] (PSafe S/A)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mundopositivo.com.br/?utm_source=PC&utm_medium=browser&utm_campaign=urldefault;
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://oem.msn.com
HKU\S-1-5-21-1506094221-713273713-2986573324-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://oem.msn.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
SearchScopes: HKLM -> {CABCECDC-0265-414A-A953-AD7775C5BB99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=POSTDF&pc=POS2&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
SearchScopes: HKLM-x32 -> {CABCECDC-0265-414A-A953-AD7775C5BB99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=POSTDF&pc=POS2&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1506094221-713273713-2986573324-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1506094221-713273713-2986573324-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1506094221-713273713-2986573324-1001 -> {CABCECDC-0265-414A-A953-AD7775C5BB99} URL =
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TSWebMon64.dat [2015-08-16] (Tencent)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll No File
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.253.1
Tcpip\..\Interfaces\{3E0A75CA-F9CE-4756-A524-6D0E410C05EC}: [DhcpNameServer] 192.168.253.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1439682375&z=15b79835a52746ef93a508agdzdc2tbqfbbo3c8maw&from=2sq1&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326

FireFox:
========
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\npQMExtensionsMozilla.dll [2015-08-16] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-16] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-08-16] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin HKU\S-1-5-21-1506094221-713273713-2986573324-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin HKU\S-1-5-21-1506094221-713273713-2986573324-1001: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)

Chrome:
=======
CHR Profile: C:\Users\GenesisQ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\GenesisQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GenesisQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-21]
CHR Extension: (电脑管家上网防护) - C:\Users\GenesisQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-08-18]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1439772996&z=83e67c02ee001547df190b6g7z8catfm2m9oct5ecq&from=cmi&uid=ST250LM004XHN-M250MBB_S2T0J9BCA09326

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BatteryManagerSrv; C:\Program Files (x86)\Positivo Informática\Mundo Positivo Bateria\BatteryManagerService.exe [52304 2012-09-21] (Positivo Informática S.A)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-16] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-16] (globalUpdate) [File not signed] <==== ATTENTION
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NetTcpHandler; C:\Users\GenesisQ\AppData\Roaming\NetService\netservice.exe [173088 2015-07-08] ()
R2 PSafeLockBoxSvc; C:\Program Files (x86)\PSafe\PSafeCategoryFinder.exe [1074440 2012-08-24] (PSafe)
R2 PSafeSVC; C:\Program Files (x86)\PSafe\PSafesvc.exe [1447176 2012-08-24] (PSafe S/A)
R2 PSafeWD; C:\Program Files (x86)\PSafe\PSafeWD.exe [30472 2012-08-24] (PSafe)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCRtp.exe [301728 2015-08-16] (Tencent)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-17] (Beijing Rising Information Technology Co., Ltd.)
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-14] (Beijing Rising Information Technology Co., Ltd.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TAOFrame.exe [293856 2015-08-16] (Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)
S2 comyninu; no ImagePath
S2 hoqejowu; C:\Program Files (x86)\88E5D4B4-1439683958-11E2-BA3A-860C1FA00800\knssC971.tmp [X]
S2 hyverumu; C:\Program Files (x86)\88E5D4B4-1439683958-11E2-BA3A-860C1FA00800\jnse85C1.tmp [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 HyperVM; C:\WINDOWS\system32\drivers\hvm.sys [41784 2015-08-17] (Beijing Rising Information Technology Co., Ltd.)
S3 NETJME; C:\Windows\system32\DRIVERS\NETJME.sys [137728 2012-07-05] (JMicron Technology Corp.)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QMUdisk64.sys [62264 2015-08-16] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQSysMonX64.sys [138040 2015-08-16] (电脑管家)
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-08-17] (Beijing Rising Information Technology Co., Ltd.)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-10] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-10] (Synaptics Incorporated)
R2 SoilIO; C:\Windows\System32\Drivers\SoilIO.sys [17912 2010-08-19] ()
R3 soilkbc; C:\Windows\System32\Drivers\soilkbc.sys [13816 2009-12-03] (Systems Internals)
R0 sysmon; C:\Windows\System32\DRIVERS\sysmon.sys [119256 2015-08-17] (Beijing Rising Information Technology Co., Ltd.)
R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-16] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\drivers\TAOKernel64.sys [274232 2015-08-16] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-16] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TS888x64.sys [28984 2015-08-19] (Tencent)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TsDefenseBT64.sys [28472 2015-08-16] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\TSSysKit64.sys [87352 2015-08-16] (电脑管家)
S1 ppfd_vw_1_10_0_21; system32\drivers\ppfd_vw_1_10_0_21.sys [X]
S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-19 09:57 - 2015-08-19 09:58 - 00021653 _____ C:\Users\GenesisQ\Desktop\FRST.txt
2015-08-19 09:57 - 2015-08-19 09:58 - 00000000 ____D C:\FRST
2015-08-19 09:56 - 2015-08-19 09:55 - 02173440 _____ (Farbar) C:\Users\GenesisQ\Desktop\FRST64.exe
2015-08-19 09:55 - 2015-08-19 09:55 - 02173440 _____ (Farbar) C:\Users\GenesisQ\Downloads\FRST64.exe
2015-08-18 16:20 - 2015-08-19 09:52 - 00003318 _____ C:\WINDOWS\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-18 11:32 - 2015-08-18 11:32 - 00002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-18 11:31 - 2015-08-18 11:31 - 00000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-18 11:31 - 2015-08-18 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-18 11:31 - 2015-08-18 11:31 - 00000000 ____D C:\Program Files\CCleaner
2015-08-18 11:28 - 2015-08-18 11:29 - 06609608 _____ (Piriform Ltd) C:\Users\GenesisQ\Downloads\ccsetup508.exe
2015-08-18 09:35 - 2015-08-18 09:35 - 00001817 _____ C:\Users\GenesisQ\Desktop\chrome - Atalho.lnk
2015-08-18 09:21 - 2015-08-18 09:26 - 00001881 _____ C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome - Atalho (2).lnk
2015-08-18 09:20 - 2015-08-18 09:26 - 00001881 _____ C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome - Atalho.lnk
2015-08-18 09:06 - 2015-08-18 09:06 - 00003188 _____ C:\WINDOWS\System32\Tasks\{D4014935-2DC6-475D-A13E-B03CF74C2A05}
2015-08-18 06:00 - 2015-08-19 09:52 - 00028984 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2015-08-17 06:01 - 2015-08-17 06:01 - 00000000 _____ C:\Users\GenesisQ\AppData\Local\{98C021FE-572F-4FE4-AF56-097D1B1875C2}
2015-08-17 03:00 - 2015-08-17 03:00 - 00000000 _____ C:\9693.tmp
2015-08-17 01:04 - 2015-08-17 00:43 - 00041784 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\hvm.sys
2015-08-17 00:58 - 2015-08-17 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-16 22:52 - 2015-08-16 22:52 - 00000150 __RSH C:\rising.ini
2015-08-16 22:52 - 2015-08-16 22:52 - 00000000 ___RD C:\RavBin
2015-08-16 22:52 - 2014-07-29 23:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\vpatch.dll
2015-08-16 22:52 - 2014-01-02 04:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\ravext64.dll
2015-08-16 22:52 - 2013-12-30 04:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\ravext.dll
2015-08-16 22:52 - 2012-09-05 21:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\SysWOW64\bsmain.exe
2015-08-16 22:51 - 2015-08-17 00:41 - 00119256 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\sysmon.sys
2015-08-16 22:51 - 2015-08-17 00:41 - 00071760 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\rsutils.sys
2015-08-16 22:51 - 2015-08-16 22:52 - 00000000 ____D C:\Users\Todos os Usuários\Rising
2015-08-16 22:51 - 2015-08-16 22:52 - 00000000 ____D C:\ProgramData\Rising
2015-08-16 22:51 - 2015-08-16 22:51 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-16 22:51 - 2012-02-29 04:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\rsndisp.sys
2015-08-16 22:50 - 2015-08-16 22:50 - 00000000 ____D C:\Users\Todos os Usuários\TXQMPC
2015-08-16 22:50 - 2015-08-16 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-16 22:50 - 2015-08-16 22:47 - 00074040 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2015-08-16 22:49 - 2015-08-16 22:49 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-16 22:48 - 2015-08-17 00:54 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-16 22:48 - 2015-08-16 22:47 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2015-08-16 22:48 - 2015-08-16 22:47 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2015-08-16 22:45 - 2015-08-16 23:10 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Tencent
2015-08-16 22:45 - 2015-08-16 22:52 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2015-08-16 22:45 - 2015-08-16 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-16 22:45 - 2015-08-16 22:45 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-16 22:29 - 2015-08-16 22:29 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\UG
2015-08-16 22:05 - 2015-08-19 09:51 - 00001028 _____ C:\WINDOWS\Tasks\CGV2p1WH4K4lKl.job
2015-08-16 22:05 - 2015-08-16 22:05 - 00004040 _____ C:\WINDOWS\System32\Tasks\CGV2p1WH4K4lKl
2015-08-16 22:04 - 2015-08-18 05:59 - 00000996 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-08-16 22:04 - 2015-08-16 22:04 - 00003968 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-08-16 22:04 - 2015-08-16 22:04 - 00003732 _____ C:\WINDOWS\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-08-16 22:03 - 2015-08-19 09:51 - 00000992 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-08-16 22:03 - 2015-08-16 22:03 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-16 22:03 - 2015-08-16 22:03 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\SysassistByHotWheel
2015-08-16 22:03 - 2015-08-16 22:03 - 00000000 ____D C:\ppsfile
2015-08-16 22:01 - 2015-08-18 07:01 - 00000000 ____D C:\IQIYI Video
2015-08-16 22:01 - 2015-08-18 06:59 - 00000000 ____D C:\Users\Todos os Usuários\IQIYI Video
2015-08-16 22:01 - 2015-08-18 06:59 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-16 22:01 - 2015-08-16 22:01 - 00004082 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-08-16 22:01 - 2015-08-16 22:01 - 00000000 ____D C:\Users\Public\QiYi
2015-08-16 22:01 - 2015-08-16 22:01 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\IQIYI Video
2015-08-16 21:58 - 2015-08-18 08:48 - 00000000 ____D C:\Program Files (x86)\UPCleaner
2015-08-16 21:57 - 2015-08-18 09:06 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\SmartWeb
2015-08-16 21:57 - 2015-08-16 23:06 - 00000434 _____ C:\task.vbs
2015-08-16 21:57 - 2015-08-16 21:57 - 00004044 _____ C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-08-16 21:57 - 2015-08-16 21:57 - 00000000 ____D C:\Users\Todos os Usuários\MWinManProM
2015-08-16 21:57 - 2015-08-16 21:57 - 00000000 ____D C:\ProgramData\MWinManProM
2015-08-15 21:48 - 2015-08-15 21:48 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro
2015-08-15 21:48 - 2015-08-15 21:48 - 00000000 ____D C:\ProgramData\ShopperPro
2015-08-15 21:15 - 2015-08-15 21:15 - 00000157 _____ C:\WINDOWS\SysWOW64\SystemPreferences.xml
2015-08-15 21:13 - 2015-08-15 21:13 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\88E5D4B4-1439673214-11E2-BA3A-860C1FA00800
2015-08-15 21:13 - 2012-07-26 02:26 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-15 21:12 - 2015-08-15 22:11 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-15 21:12 - 2015-08-15 21:12 - 00000000 ____D C:\Program Files (x86)\predm
2015-08-15 21:09 - 2015-08-16 22:03 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-15 21:09 - 2015-08-15 21:09 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-08-15 21:09 - 2015-08-15 21:09 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\globalUpdate
2015-08-15 21:08 - 2015-08-18 05:58 - 00000000 ____D C:\Program Files (x86)\ShopperPro
2015-08-15 21:07 - 2015-08-16 09:33 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\VDownloader
2015-08-15 21:07 - 2015-08-15 21:22 - 00000000 ____D C:\Users\Public\Documents\GOOBZO
2015-08-15 21:07 - 2015-08-15 21:21 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2015-08-15 21:07 - 2015-08-15 21:21 - 00000000 ____D C:\ProgramData\TEMP
2015-08-15 21:05 - 2015-08-16 09:31 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\VDownloader
2015-08-15 21:05 - 2015-08-15 21:11 - 00000000 ____D C:\Program Files\VDownloader
2015-08-15 21:05 - 2015-08-15 21:05 - 00001738 _____ C:\Users\Public\Desktop\VDownloader.lnk
2015-08-15 21:05 - 2015-08-15 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-08-15 21:04 - 2015-08-19 09:54 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\gmsd_br_006010061
2015-08-15 21:04 - 2015-08-15 21:12 - 00000000 ____D C:\Program Files (x86)\gmsd_br_006010061
2015-08-15 21:04 - 2015-08-15 21:04 - 00003522 _____ C:\WINDOWS\System32\Tasks\Inst_Rep
2015-08-15 21:04 - 2015-08-15 21:04 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\CrashRpt
2015-08-15 20:59 - 2015-08-15 20:59 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\WinRAR
2015-08-15 20:57 - 2015-08-15 20:57 - 00001036 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-08-15 20:57 - 2015-08-15 20:57 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-15 20:57 - 2015-08-15 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-15 20:56 - 2015-08-15 20:57 - 00000000 ____D C:\Program Files\WinRAR
2015-08-15 20:55 - 2015-08-15 20:56 - 03478920 _____ C:\Users\GenesisQ\Downloads\winrar-x64-521br.exe
2015-08-15 20:55 - 2015-08-15 20:55 - 00003158 _____ C:\WINDOWS\System32\Tasks\{CAB9D268-01A9-4513-9330-82E9D761ACCF}
2015-08-15 20:47 - 2015-08-15 20:47 - 00218716 _____ C:\Users\GenesisQ\Downloads\VDownloader4OC (2).rar
2015-08-15 20:46 - 2015-08-15 22:03 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\cpuminer
2015-08-15 20:46 - 2015-08-15 20:47 - 00000000 ____D C:\Users\Todos os Usuários\rWinManPror
2015-08-15 20:46 - 2015-08-15 20:47 - 00000000 ____D C:\ProgramData\rWinManPror
2015-08-15 20:46 - 2015-08-15 20:46 - 00000000 _____ C:\WINDOWS\prleth.sys
2015-08-15 20:46 - 2015-08-15 20:46 - 00000000 _____ C:\WINDOWS\hgfs.sys
2015-08-15 20:45 - 2015-08-15 21:38 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\RunDir
2015-08-15 20:45 - 2015-08-15 20:45 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\NetService
2015-08-15 20:42 - 2015-08-15 20:43 - 00689352 _____ ( ) C:\Users\GenesisQ\Downloads\WinRAR.cpl
2015-08-15 16:54 - 2015-08-15 16:54 - 00218716 _____ C:\Users\GenesisQ\Downloads\VDownloader4OC (1).rar
2015-08-15 16:43 - 2015-08-15 16:44 - 00218716 _____ C:\Users\GenesisQ\Downloads\VDownloader4OC.rar
2015-08-09 18:10 - 2014-04-16 15:20 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-08-09 18:10 - 2014-04-16 15:20 - 00869568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-08-09 18:10 - 2014-04-16 15:20 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-08-09 18:10 - 2014-04-16 15:20 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-08-09 18:10 - 2014-04-16 15:20 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-08-09 18:10 - 2014-04-16 15:20 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-08-09 18:07 - 2015-08-09 18:08 - 01118920 _____ (Microsoft Corporation) C:\Users\GenesisQ\Downloads\NDP452-KB2901954-Web (1).exe
2015-08-09 18:07 - 2015-08-09 18:07 - 01118920 _____ (Microsoft Corporation) C:\Users\GenesisQ\Downloads\NDP452-KB2901954-Web.exe
2015-08-09 17:58 - 2015-08-09 17:58 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com
2015-08-09 17:51 - 2015-08-18 11:08 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Deployment
2015-08-09 17:51 - 2015-08-09 17:51 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Apps\2.0
2015-08-09 17:05 - 2015-08-09 17:05 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-09 17:05 - 2015-08-09 17:05 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-09 17:04 - 2015-08-09 17:04 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-09 17:04 - 2015-08-09 17:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-09 17:04 - 2015-08-09 17:04 - 00000000 ____D C:\Program Files\MSBuild
2015-08-09 17:00 - 2012-07-05 23:02 - 01166440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-09 17:00 - 2012-07-05 23:02 - 00778856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-09 17:00 - 2012-07-05 23:02 - 00124040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 17:00 - 2012-07-05 23:02 - 00102528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 17:00 - 2012-07-05 23:02 - 00035400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-09 17:00 - 2012-07-05 23:02 - 00035400 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-09 16:49 - 2015-08-09 16:49 - 01291088 _____ (PokerStrategy.com) C:\Users\GenesisQ\Downloads\SideKickSetup.exe
2015-08-08 10:07 - 2015-08-08 10:07 - 00002380 _____ C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2015-08-08 10:07 - 2015-08-08 10:07 - 00002350 _____ C:\Users\GenesisQ\Desktop\ICMIZER.lnk
2015-08-05 20:05 - 2013-01-10 13:36 - 00695648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-05 20:05 - 2013-01-10 13:36 - 00080736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 20:04 - 2015-08-18 09:22 - 00327256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-01 17:56 - 2015-08-08 10:09 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Equilab
2015-07-28 15:08 - 2015-07-05 07:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-26 18:44 - 2015-07-26 18:44 - 00000517 _____ C:\Users\GenesisQ\Desktop\Pergunta.txt
2015-07-26 08:07 - 2015-07-26 08:11 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\ICMTrainerLight
2015-07-25 16:11 - 2015-07-25 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-25 16:10 - 2015-07-25 16:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-25 16:10 - 2015-07-25 16:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-25 16:09 - 2015-07-25 16:09 - 13095136 _____ (Microsoft Corporation) C:\Users\GenesisQ\Downloads\Silverlight_x64 (1).exe
2015-07-25 16:08 - 2015-07-25 16:09 - 13095136 _____ (Microsoft Corporation) C:\Users\GenesisQ\Downloads\Silverlight_x64.exe
2015-07-25 15:24 - 2015-07-25 15:24 - 00003095 _____ C:\Users\GenesisQ\Desktop\ICM Trainer Light.lnk
2015-07-25 15:24 - 2015-07-25 15:24 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy
2015-07-25 15:21 - 2015-07-25 15:21 - 16094720 _____ C:\Users\GenesisQ\Downloads\ICM_Trainer_Light.msi
2015-07-25 15:10 - 2015-07-25 15:11 - 42173668 _____ ( ) C:\Users\GenesisQ\Downloads\setup_icmtrainer (1).exe
2015-07-25 15:09 - 2015-07-25 15:09 - 00001733 _____ C:\Users\Public\Desktop\Positivo Aplicativos.lnk
2015-07-25 15:08 - 2015-07-25 15:08 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Positivo_Informática_S.A
2015-07-25 15:08 - 2015-07-25 15:08 - 00000000 ____D C:\Program Files (x86)\PokerStrategy
2015-07-25 15:07 - 2015-07-25 15:08 - 42173668 _____ ( ) C:\Users\GenesisQ\Downloads\setup_icmtrainer.exe
2015-07-25 15:01 - 2015-07-25 15:24 - 00000000 ____D C:\Program Files (x86)\PokerStrategy.com
2015-07-25 15:01 - 2015-07-25 15:01 - 00002266 _____ C:\Users\Public\Desktop\Equilab.lnk
2015-07-25 15:01 - 2015-07-25 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com
2015-07-25 15:00 - 2015-07-25 15:00 - 10592148 _____ (PokerStrategy.com ) C:\Users\GenesisQ\Downloads\equilab.exe
2015-07-25 15:00 - 2015-07-25 15:00 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Downloaded Installations
2015-07-24 20:21 - 2015-07-24 20:21 - 00000000 _____ C:\Users\GenesisQ\AppData\Local\{CC4F86F3-11D8-416C-B6EB-38A5770EDAEC}
2015-07-23 21:32 - 2013-04-09 02:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-07-23 21:32 - 2013-04-09 02:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-07-23 21:32 - 2013-04-09 02:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-07-23 21:32 - 2013-04-09 02:20 - 00306952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll
2015-07-23 21:32 - 2013-04-09 02:17 - 01829408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-07-23 21:32 - 2013-04-09 02:14 - 01455880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-07-23 21:32 - 2013-04-09 01:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-23 21:32 - 2013-04-09 01:52 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-23 21:32 - 2013-04-09 01:52 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-07-23 21:32 - 2013-04-09 01:51 - 14267904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 13648384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 10116096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-07-23 21:32 - 2013-04-09 01:51 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2015-07-23 21:32 - 2013-04-09 01:50 - 02107904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-23 21:32 - 2013-04-09 01:50 - 01285632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-07-23 21:32 - 2013-04-09 01:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-07-23 21:32 - 2013-04-09 01:50 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-07-23 21:32 - 2013-04-09 01:49 - 01444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2015-07-23 21:32 - 2013-04-09 01:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-07-23 21:32 - 2013-04-09 01:49 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2015-07-23 21:32 - 2013-04-09 01:49 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2015-07-23 21:32 - 2013-04-09 01:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2015-07-23 21:32 - 2013-04-09 01:48 - 02303488 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-23 21:32 - 2013-04-09 01:48 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-23 21:32 - 2013-04-08 23:33 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-07-23 21:32 - 2013-04-08 23:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2015-07-23 21:32 - 2013-04-08 23:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-07-23 21:32 - 2013-04-08 20:39 - 01408896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-07-23 21:32 - 2013-04-08 20:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-07-23 21:32 - 2013-04-08 20:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-07-23 21:32 - 2013-04-08 18:52 - 11878912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-07-23 21:32 - 2013-04-08 18:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-23 21:32 - 2013-04-08 18:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-07-23 21:32 - 2013-04-08 18:51 - 10789888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 08857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 02035200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-07-23 21:32 - 2013-04-08 18:51 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-07-23 21:32 - 2013-04-04 20:30 - 00503080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-07-23 21:32 - 2013-04-02 19:08 - 00387688 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-23 21:32 - 2013-03-30 15:16 - 01403784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-07-23 21:32 - 2013-03-30 15:16 - 01267424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-07-23 21:32 - 2013-03-28 19:09 - 01217328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-07-23 21:32 - 2013-03-28 19:09 - 01093880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-07-23 21:32 - 2013-03-15 19:05 - 00298456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2015-07-23 21:32 - 2013-03-15 19:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2015-07-23 21:32 - 2013-03-01 23:43 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-23 21:32 - 2013-02-06 22:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-23 21:31 - 2013-04-09 02:27 - 00284424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-07-23 21:31 - 2013-04-09 02:20 - 00086280 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2015-07-23 21:31 - 2013-04-09 02:18 - 00077960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdvm.dll
2015-07-23 21:31 - 2013-04-09 01:52 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2015-07-23 21:31 - 2013-04-09 01:52 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-07-23 21:31 - 2013-04-09 01:51 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2015-07-23 21:31 - 2013-04-09 01:50 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-07-23 21:31 - 2013-04-09 01:50 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenuineCenter.dll
2015-07-23 21:31 - 2013-04-09 01:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-07-23 21:31 - 2013-04-09 01:50 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2015-07-23 21:31 - 2013-04-09 01:50 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2015-07-23 21:31 - 2013-04-09 01:49 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-07-23 21:31 - 2013-04-09 01:49 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2015-07-23 21:31 - 2013-04-09 01:49 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fmifs.dll
2015-07-23 21:31 - 2013-04-09 01:48 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2015-07-23 21:31 - 2013-04-09 01:48 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-23 21:31 - 2013-04-08 23:34 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-07-23 21:31 - 2013-04-08 23:34 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2015-07-23 21:31 - 2013-04-08 23:34 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2015-07-23 21:31 - 2013-04-08 23:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-07-23 21:31 - 2013-04-08 23:31 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-07-23 21:31 - 2013-04-08 20:44 - 00123880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2015-07-23 21:31 - 2013-04-08 18:52 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2015-07-23 21:31 - 2013-04-08 18:52 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2015-07-23 21:31 - 2013-04-08 18:52 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-07-23 21:31 - 2013-04-08 18:51 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2015-07-23 21:31 - 2013-04-08 18:51 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fmifs.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2015-07-23 21:31 - 2013-04-08 18:51 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2015-07-23 21:31 - 2013-03-02 07:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-07-23 21:31 - 2013-02-02 05:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll
2015-07-23 21:31 - 2013-02-02 05:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2015-07-23 21:31 - 2013-01-09 22:40 - 00303848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-07-23 21:31 - 2012-12-13 01:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2015-07-23 21:31 - 2012-12-13 00:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2015-07-23 21:18 - 2014-12-18 03:52 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2015-07-23 21:18 - 2014-12-18 03:51 - 01282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-23 21:18 - 2014-12-18 03:20 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2015-07-23 21:18 - 2014-12-18 01:47 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-07-23 21:18 - 2014-12-18 01:15 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-07-23 21:18 - 2014-12-09 20:14 - 00569720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-07-23 21:18 - 2014-10-11 02:41 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-07-23 21:18 - 2014-10-11 02:05 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-07-23 21:18 - 2014-05-29 20:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-07-23 21:18 - 2014-04-12 06:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-07-23 21:18 - 2014-04-12 06:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2015-07-23 21:18 - 2014-04-12 06:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2015-07-23 21:18 - 2014-04-12 06:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-07-23 21:18 - 2014-04-12 04:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2015-07-23 21:18 - 2014-04-12 04:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2015-07-23 21:18 - 2014-04-12 04:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2015-07-23 21:18 - 2014-04-12 03:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2015-07-23 21:17 - 2013-01-28 22:57 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-07-23 21:17 - 2013-01-28 20:08 - 00230904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-07-23 21:10 - 2012-11-10 01:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-07-23 21:09 - 2015-02-18 04:39 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-07-23 21:09 - 2015-02-18 04:38 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2015-07-23 21:09 - 2012-11-10 01:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2015-07-23 21:09 - 2012-11-10 01:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2015-07-23 21:09 - 2012-11-10 01:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2015-07-23 21:08 - 2014-10-23 09:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-07-23 21:08 - 2014-10-23 08:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-07-23 21:04 - 2014-11-08 08:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-07-23 21:04 - 2014-11-08 03:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-07-23 20:59 - 2015-06-24 22:54 - 04064768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-23 20:59 - 2015-04-25 00:41 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-07-23 20:59 - 2015-04-24 20:13 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-07-23 20:59 - 2015-01-24 03:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-07-23 20:59 - 2015-01-24 02:00 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-07-23 20:48 - 2014-04-03 08:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-07-23 20:48 - 2013-03-02 06:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-07-23 20:46 - 2014-06-06 11:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-07-23 20:46 - 2014-06-06 07:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-07-23 20:43 - 2013-09-28 00:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-07-23 20:42 - 2015-02-17 02:13 - 17561600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-07-23 20:41 - 2015-02-17 03:54 - 19777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-07-23 20:36 - 2013-04-02 20:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2015-07-23 20:36 - 2013-04-02 20:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2015-07-23 20:27 - 2015-01-22 02:00 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-07-23 20:26 - 2015-01-22 03:42 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-07-23 20:26 - 2014-12-19 03:48 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-07-23 20:12 - 2013-11-01 02:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2015-07-23 20:12 - 2013-11-01 00:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-07-23 20:06 - 2014-10-30 04:20 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-07-23 20:06 - 2014-10-30 02:22 - 01569792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-07-23 19:59 - 2014-11-08 03:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-23 19:59 - 2014-04-12 04:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-23 19:58 - 2014-11-08 08:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-23 19:58 - 2014-10-11 05:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-23 19:58 - 2014-04-12 06:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-22 12:39 - 2014-08-21 20:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-07-22 12:39 - 2014-08-21 20:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-07-22 12:39 - 2012-11-01 01:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2015-07-22 12:39 - 2012-11-01 01:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2015-07-22 12:38 - 2015-01-15 18:45 - 06973248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-07-22 12:26 - 2012-11-01 01:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-07-22 12:26 - 2012-11-01 01:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-07-22 12:26 - 2012-11-01 01:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2015-07-22 12:26 - 2012-11-01 01:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2015-07-22 12:23 - 2015-04-06 02:36 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-07-22 12:23 - 2015-04-06 01:08 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-07-22 11:54 - 2015-07-22 11:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-22 11:53 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-21 20:36 - 2014-05-14 22:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-21 20:36 - 2014-05-14 19:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-21 20:36 - 2014-05-14 19:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-21 20:36 - 2014-05-14 19:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-21 20:36 - 2014-05-14 19:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-07-21 20:35 - 2013-08-16 02:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-21 19:33 - 2015-07-21 19:33 - 00001701 _____ C:\Users\GenesisQ\Desktop\fpdb.lnk
2015-07-21 19:31 - 2015-08-19 06:12 - 00000000 ____D C:\Users\GenesisQ\.matplotlib
2015-07-21 19:31 - 2015-08-18 20:47 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\fpdb
2015-07-21 19:29 - 2015-07-21 19:31 - 00000000 ____D C:\Users\GenesisQ\Downloads\fpdb-0.40.5
2015-07-21 19:27 - 2015-07-21 19:29 - 19495917 _____ (Igor Pavlov) C:\Users\GenesisQ\Downloads\fpdb-0.40.5.exe
2015-07-21 19:18 - 2015-08-19 06:23 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\PokerStars
2015-07-21 19:18 - 2015-07-21 19:18 - 00001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk
2015-07-21 19:18 - 2015-07-21 19:18 - 00001954 _____ C:\Users\Public\Desktop\PokerStars.lnk
2015-07-21 19:18 - 2015-07-21 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2015-07-21 19:17 - 2015-08-13 19:59 - 00000000 ____D C:\Program Files (x86)\PokerStars
2015-07-21 19:08 - 2015-07-21 19:16 - 92549112 _____ (PokerStars) C:\Users\GenesisQ\Downloads\PokerStarsInstall.exe
2015-07-21 15:26 - 2015-07-21 15:26 - 72087787 _____ C:\Users\GenesisQ\Downloads\Não confirmado 277451.crdownload
2015-07-21 13:34 - 2015-07-21 13:50 - 00000016 _____ C:\Users\GenesisQ\Desktop\TEMP.txt
2015-07-21 06:01 - 2015-08-16 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-21 05:55 - 2015-08-19 09:51 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-21 05:55 - 2015-08-19 07:00 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-21 05:55 - 2015-07-24 20:31 - 00000000 ___HD C:\Users\Todos os Usuários\SmartProtect
2015-07-21 05:55 - 2015-07-24 20:31 - 00000000 ___HD C:\ProgramData\SmartProtect
2015-07-21 05:55 - 2015-07-21 05:58 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Google
2015-07-21 05:55 - 2015-07-21 05:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-21 05:55 - 2015-07-21 05:55 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-21 05:55 - 2015-07-21 05:55 - 00003824 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-21 05:55 - 2015-07-21 05:55 - 00000000 ____D C:\Users\Todos os Usuários\Positivo Informática
2015-07-21 05:55 - 2015-07-21 05:55 - 00000000 ____D C:\ProgramData\Positivo Informática
2015-07-21 05:54 - 2015-07-21 05:54 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Macromedia
2015-07-21 05:49 - 2015-07-21 05:49 - 00000000 _____ C:\Users\GenesisQ\agent.log
2015-07-21 05:48 - 2015-08-19 09:56 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1506094221-713273713-2986573324-1001
2015-07-21 05:44 - 2015-07-21 05:44 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Intel Corporation
2015-07-21 05:43 - 2015-07-25 15:08 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Positivo
2015-07-21 05:43 - 2015-07-21 05:43 - 00000000 ____D C:\Users\GenesisQ\PSafe
2015-07-21 05:42 - 2015-08-16 21:56 - 00001707 _____ C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-21 05:42 - 2015-07-21 05:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-07-21 05:42 - 2015-07-21 05:42 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Adobe
2015-07-21 05:38 - 2015-08-19 09:55 - 01515814 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-21 05:38 - 2015-08-18 07:06 - 00000000 ____D C:\Users\GenesisQ
2015-07-21 05:38 - 2015-08-16 22:49 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\VirtualStore
2015-07-21 05:38 - 2015-08-15 16:48 - 00000000 ____D C:\Users\GenesisQ\AppData\Local\Packages
2015-07-21 05:38 - 2015-07-21 05:38 - 00000020 ___SH C:\Users\GenesisQ\ntuser.ini
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Modelos
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Meus Documentos
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Menu Iniciar
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Documents\Minhas Músicas
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Documents\Minhas Imagens
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Documents\Meus Vídeos
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Dados de Aplicativos
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Configurações Locais
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\AppData\Local\Histórico
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\AppData\Local\Dados de Aplicativos
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Ambiente de Rede
2015-07-21 05:38 - 2015-07-21 05:38 - 00000000 _SHDL C:\Users\GenesisQ\Ambiente de Impressão
2015-07-21 05:38 - 2012-07-26 05:13 - 00000000 ___RD C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-21 05:38 - 2012-07-26 05:13 - 00000000 ___RD C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-21 05:38 - 2012-07-26 05:13 - 00000000 ___RD C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-21 05:38 - 2012-07-26 05:13 - 00000000 ____D C:\Users\GenesisQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-20 21:44 - 2015-07-20 21:44 - 00000000 _____ C:\Recovery.txt
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Músicas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas Imagens
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus Vídeos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de Aplicativos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Usuário Padrão
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de Aplicativos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Todos os Usuários
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Modelos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Meus Documentos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Músicas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Documents\Minhas Imagens
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Documents\Meus Vídeos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Dados de Aplicativos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Configurações Locais
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Ambiente de Rede
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default\Ambiente de Impressão
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Músicas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas Imagens
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default User\Documents\Meus Vídeos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de Aplicativos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\ProgramData\Modelos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\ProgramData\Documentos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\ProgramData\Dados de Aplicativos
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2015-07-20 20:48 - 2015-07-20 20:48 - 00000000 _SHDL C:\Arquivos de Programas

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-19 09:59 - 2013-01-26 16:56 - 00000000 ____D C:\Users\Todos os Usuários\PSafe
2015-08-19 09:51 - 2013-01-26 16:42 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-08-19 09:51 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-18 20:21 - 2013-01-26 16:56 - 00000000 ____D C:\ProgramData\PSafe
2015-08-18 19:29 - 2013-01-26 16:42 - 00000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-08-18 19:09 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-08-18 11:45 - 2013-01-26 16:29 - 00030294 _____ C:\WINDOWS\PFRO.log
2015-08-18 11:45 - 2012-07-26 04:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-18 11:45 - 2012-07-26 02:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-18 10:44 - 2013-01-26 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Positivo Jogos
2015-08-18 10:44 - 2013-01-26 17:02 - 00000000 ____D C:\Program Files (x86)\Zylom Games
2015-08-18 09:31 - 2012-07-26 07:32 - 00763854 _____ C:\WINDOWS\system32\prfh0416.dat
2015-08-18 09:31 - 2012-07-26 07:32 - 00155144 _____ C:\WINDOWS\system32\prfc0416.dat
2015-08-18 09:31 - 2012-07-26 04:28 - 01769104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-15 22:36 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 21:42 - 2012-07-26 05:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-08-15 21:42 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-08-15 20:36 - 2013-01-26 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-09 18:15 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-09 17:04 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-09 17:04 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-05 19:59 - 2012-07-26 07:34 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-05 19:59 - 2012-07-26 05:12 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-05 19:59 - 2012-07-26 05:12 - 00000000 ___RD C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-05 19:59 - 2012-07-26 05:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-05 19:59 - 2012-07-26 05:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-05 19:59 - 2012-07-26 05:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-05 19:59 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-08-01 09:31 - 2012-07-26 05:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-01 09:31 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\AppCompat
2015-08-01 09:31 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-08-01 09:31 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-08-01 09:31 - 2012-07-26 02:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-01 09:31 - 2012-07-26 02:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-01 09:30 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-01 09:30 - 2012-07-26 02:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-01 09:29 - 2012-07-26 05:12 - 00000000 ___RD C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-01 09:29 - 2012-07-26 05:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-01 09:29 - 2012-07-26 05:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-01 09:29 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-01 09:29 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-01 09:28 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-01 09:28 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-01 09:27 - 2012-07-26 02:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-07-29 20:12 - 2012-07-26 02:37 - 00000000 ____D C:\WINDOWS\servicing
2015-07-28 14:41 - 2013-01-26 16:53 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2015-07-28 14:41 - 2013-01-26 16:53 - 00000000 ____D C:\ProgramData\McAfee
2015-07-28 14:41 - 2013-01-26 16:53 - 00000000 ____D C:\Program Files\mcafee
2015-07-28 14:41 - 2013-01-26 16:53 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-07-28 14:41 - 2013-01-26 16:53 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-26 18:38 - 2012-07-26 02:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-26 18:17 - 2012-07-26 05:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-07-26 17:51 - 2012-07-26 04:21 - 00016944 _____ C:\WINDOWS\setupact.log
2015-07-25 15:09 - 2013-01-26 16:56 - 00000000 ____D C:\Users\Todos os Usuários\Positivo
2015-07-25 15:09 - 2013-01-26 16:56 - 00000000 ____D C:\ProgramData\Positivo
2015-07-25 15:09 - 2013-01-26 16:56 - 00000000 ____D C:\Program Files (x86)\Positivo Informática
2015-07-25 15:09 - 2013-01-26 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Positivo Informática
2015-07-21 20:34 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-21 13:25 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-21 13:22 - 2013-01-26 22:27 - 00000000 ____D C:\WINDOWS\Panther
2015-07-21 05:38 - 2012-07-26 05:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-20 21:44 - 2012-07-26 05:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-07-20 21:44 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-07-20 20:48 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files\Windows NT
2015-07-20 20:48 - 2012-07-26 02:37 - 00000000 __RHD C:\Users\Default
2015-07-20 20:45 - 2012-07-26 05:13 - 00002664 _____ C:\WINDOWS\DtcInstall.log

==================== Files in the root of some directories =======

2015-04-19 09:20 - 2015-04-19 09:20 - 0005872 ____N () C:\Users\GenesisQ\AppData\Roaming\CGV2p1WH4K4lKl
2015-08-17 06:01 - 2015-08-17 06:01 - 0000000 _____ () C:\Users\GenesisQ\AppData\Local\{98C021FE-572F-4FE4-AF56-097D1B1875C2}
2015-07-24 20:21 - 2015-07-24 20:21 - 0000000 _____ () C:\Users\GenesisQ\AppData\Local\{CC4F86F3-11D8-416C-B6EB-38A5770EDAEC}
2013-01-26 16:42 - 2013-01-26 16:42 - 0510976 _____ () C:\ProgramData\DRV10.tmp
2013-01-26 16:42 - 2013-01-26 16:42 - 9891840 _____ (OEM) C:\ProgramData\E1010.tmp
2013-01-26 16:56 - 2013-01-26 16:56 - 0000157 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\GenesisQ\AppData\Local\Temp\103242625.exe
C:\Users\GenesisQ\AppData\Local\Temp\4911.exe
C:\Users\GenesisQ\AppData\Local\Temp\7321.exe
C:\Users\GenesisQ\AppData\Local\Temp\9033.exe
C:\Users\GenesisQ\AppData\Local\Temp\amisetup7940__12237.exe
C:\Users\GenesisQ\AppData\Local\Temp\cabex.dll
C:\Users\GenesisQ\AppData\Local\Temp\ClientToMobilePlatform.exe
C:\Users\GenesisQ\AppData\Local\Temp\fsdB607.exe
C:\Users\GenesisQ\AppData\Local\Temp\install1804741.exe
C:\Users\GenesisQ\AppData\Local\Temp\IQIYIsetup_l_huayukeji@kb006.exe
C:\Users\GenesisQ\AppData\Local\Temp\mccspuninstall.exe
C:\Users\GenesisQ\AppData\Local\Temp\Oursurfing.exe
C:\Users\GenesisQ\AppData\Local\Temp\qqpcmgr_v10.11.16588.235_72603_Silence.exe
C:\Users\GenesisQ\AppData\Local\Temp\setup.exe
C:\Users\GenesisQ\AppData\Local\Temp\setup3.exe
C:\Users\GenesisQ\AppData\Local\Temp\setup_gmsd_br.exe
C:\Users\GenesisQ\AppData\Local\Temp\tu17p84.exe
C:\Users\GenesisQ\AppData\Local\Temp\unelevate.exe
C:\Users\GenesisQ\AppData\Local\Temp\Uninstall.exe
C:\Users\GenesisQ\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-10 19:28

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité