Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:24-02-2016
Executado por Gerson-PC (administrador) em GERSON-PC (25-02-2016 23:42:40)
Executando a partir de C:\Users\Gerson-PC\Desktop
Perfis Carregados: Gerson-PC (Perfis Disponíveis: Gerson-PC)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(© 2015 Microsoft Corporation) C:\Users\Gerson-PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46051.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2015-11-02] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [BingSvc] => C:\Users\Gerson-PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-25] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-09] ()
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\RunOnce: [Uninstall C:\Users\Gerson-PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerson-PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 5520 series (Rede).lnk [2016-01-09]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 5520 series (Rede).lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{e1dae992-a85d-459a-afe0-ae112f3ce8c7}: [DhcpNameServer] 187.64.0.34 187.64.0.122 187.64.0.112
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKU\S-1-5-21-3545598357-960246443-762122577-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {3B1D0648-C37B-4C4A-A925-EF6057C2A452} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Gerson-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4ad9r6iz.default
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3545598357-960246443-762122577-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gerson-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Gerson-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4ad9r6iz.default\searchplugins\bing-.xml [2016-01-21]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo
CHR Profile: C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo!) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijepgjdjkdbopbnaopmlmobimmhjklhd [2016-02-25]
CHR Extension: (Skype) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-24]
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems)
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-24] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-11-23] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2015-11-02] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-02-05] (Wellbia.com Co., Ltd.)
S3 xspirit; C:\WINDOWS\xspirit.sys [19176 2016-02-05] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-25 23:42 - 2016-02-25 23:43 - 00023546 _____ C:\Users\Gerson-PC\Desktop\FRST.txt
2016-02-25 23:41 - 2016-02-25 23:42 - 00000000 ____D C:\FRST
2016-02-25 23:41 - 2016-02-25 23:40 - 02371072 _____ (Farbar) C:\Users\Gerson-PC\Desktop\FRST64.exe
2016-02-25 23:40 - 2016-02-25 23:40 - 02371072 _____ (Farbar) C:\Users\Gerson-PC\Downloads\FRST64.exe
2016-02-25 23:40 - 2016-02-25 23:40 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-25 23:40 - 2016-02-25 23:40 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-25 23:38 - 2016-02-25 23:38 - 00987728 _____ (Google Inc.) C:\Users\Gerson-PC\Downloads\ChromeSetup (3).exe
2016-02-25 16:43 - 2016-02-25 16:43 - 00000000 ____D C:\Users\Gerson-PC\.android
2016-02-25 16:33 - 2016-02-25 16:33 - 00987728 _____ (Google Inc.) C:\Users\Gerson-PC\Downloads\ChromeSetup (2).exe
2016-02-25 16:24 - 2016-02-25 16:24 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (11).exe
2016-02-25 16:21 - 2016-02-25 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-02-25 16:11 - 2016-02-25 16:24 - 00000000 ____D C:\AdwCleaner
2016-02-25 16:09 - 2016-02-25 16:11 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (3).exe
2016-02-25 16:09 - 2016-02-25 16:10 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (9).exe
2016-02-25 16:09 - 2016-02-25 16:10 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (10).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\adwcleaner_5.036.exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (8).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (7).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (6).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (5).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (4).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (2).exe
2016-02-25 16:08 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (1).exe
2016-02-25 16:08 - 2016-02-25 16:08 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner.exe
2016-02-25 15:25 - 2016-02-25 15:25 - 01309184 _____ C:\Users\Gerson-PC\Desktop\zoek.exe
2016-02-25 15:25 - 2016-02-25 15:25 - 00000000 ____D C:\zoek_backup
2016-02-25 15:24 - 2016-02-25 15:25 - 01309184 _____ C:\Users\Gerson-PC\Downloads\zoek.exe
2016-02-25 15:23 - 2016-02-25 23:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-25 15:23 - 2016-02-25 15:23 - 22908888 _____ (Malwarebytes ) C:\Users\Gerson-PC\Desktop\mbam-setup-org-2.2.0.1024.exe
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-25 15:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-25 15:23 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-25 15:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-25 15:22 - 2016-02-25 15:23 - 22908888 _____ (Malwarebytes ) C:\Users\Gerson-PC\Downloads\mbam-setup-org-2.2.0.1024.exe
2016-02-24 23:31 - 2016-02-25 23:37 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-02-24 23:31 - 2016-02-25 23:37 - 00000000 ____D C:\ProgramData\ProductData
2016-02-24 23:31 - 2016-02-25 11:36 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\ProductData
2016-02-24 23:26 - 2016-02-24 23:26 - 01609216 _____ (Malwarebytes) C:\Users\Gerson-PC\Desktop\JRT.exe
2016-02-24 23:25 - 2016-02-24 23:26 - 01609216 _____ (Malwarebytes) C:\Users\Gerson-PC\Downloads\JRT.exe
2016-02-24 20:57 - 2016-02-24 20:57 - 00001263 _____ C:\Users\Gerson-PC\Desktop\Continue Last version Installation.lnk
2016-02-24 20:27 - 2016-02-24 20:28 - 00002225 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-02-24 20:27 - 2016-02-24 20:27 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-02-24 20:27 - 2016-02-24 20:27 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-02-24 20:27 - 2016-02-24 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-02-24 20:26 - 2016-02-24 20:26 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-02-24 20:26 - 2016-02-24 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\IObit
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\ProgramData\IObit
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-24 20:25 - 2016-02-24 20:55 - 00002236 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-02-24 20:25 - 2016-02-24 20:27 - 00003314 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-02-24 20:25 - 2016-02-24 20:27 - 00000000 ____D C:\Users\Gerson-PC\AppData\LocalLow\IObit
2016-02-24 20:25 - 2016-02-24 20:25 - 00003438 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Gerson-PC
2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\Users\Todos os Usuários\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-24 20:12 - 2016-02-24 20:25 - 41171496 _____ (IObit ) C:\Users\Gerson-PC\Downloads\advanced-systemcare-setup.exe
2016-02-24 19:49 - 2016-02-24 19:49 - 00003318 _____ C:\WINDOWS\System32\Tasks\{D6269E3F-6D7C-4FD1-9E93-CEFF13D1C593}
2016-02-24 18:52 - 2016-02-24 18:52 - 00000045 _____ C:\Users\Gerson-PC\AppData\Roaming\WB.CFG
2016-02-24 18:20 - 2016-02-24 18:20 - 00000374 _____ C:\WINDOWS\SysWOW64\data.bin
2016-02-24 18:08 - 2016-02-24 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-02-24 18:06 - 2016-02-24 18:06 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Setup Wizard
2016-02-24 18:05 - 2016-02-24 18:05 - 00003652 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-02-24 18:05 - 2016-02-24 18:05 - 00003118 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-02-24 18:05 - 2016-02-24 18:05 - 00003012 _____ C:\WINDOWS\System32\Tasks\osTip
2016-02-24 18:05 - 2016-02-24 18:05 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-24 18:05 - 2016-02-24 18:05 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-24 17:59 - 2016-02-25 17:18 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-24 17:59 - 2016-02-24 17:59 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\gplyra
2016-02-24 17:54 - 2016-02-24 17:54 - 00000000 ____D C:\Users\Gerson-PC\Desktop\2016-08
2016-02-24 17:52 - 2016-02-24 17:52 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-24 17:52 - 2016-02-24 17:52 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-02-24 17:51 - 2016-02-24 17:51 - 00001136 _____ C:\Users\Gerson-PC\Desktop\Format Factory.lnk
2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 _____ C:\WINDOWS\SysWOW64\track
2016-02-24 17:50 - 2016-02-25 17:16 - 00000000 ____D C:\Users\Todos os Usuários\umBMnf
2016-02-24 17:50 - 2016-02-25 17:16 - 00000000 ____D C:\ProgramData\umBMnf
2016-02-24 17:49 - 2016-02-24 17:48 - 00000997 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-02-24 17:41 - 2016-02-24 17:41 - 00003436 _____ C:\WINDOWS\System32\Tasks\Format Factory
2016-02-24 17:40 - 2016-02-24 17:41 - 04508993 _____ (FF, Inc ) C:\Users\Gerson-PC\Downloads\fast-video-converter-3.8.0.4.exe
2016-02-24 14:05 - 2016-02-24 14:05 - 00626622 _____ C:\Users\Gerson-PC\Downloads\Tundra by Vilonium.zip
2016-02-23 00:24 - 2016-02-23 00:24 - 00656680 _____ C:\Users\Gerson-PC\Downloads\CP Member Maker V5.exe
2016-02-23 00:24 - 2010-08-30 15:27 - 00000000 ____D C:\Users\Gerson-PC\Downloads\CP Member Maker V5
2016-02-22 12:42 - 2016-02-22 12:42 - 00177149 _____ C:\Users\Gerson-PC\Downloads\Smaragd Mod.zip
2016-02-22 12:39 - 2016-02-22 12:39 - 00001434 _____ C:\Users\Gerson-PC\Downloads\Better Gold v18.zip
2016-02-22 12:26 - 2016-02-22 12:26 - 00095905 _____ C:\Users\Gerson-PC\Downloads\LotsOfSteves0.6.jar.zip
2016-02-22 12:19 - 2016-02-22 12:19 - 00565061 _____ C:\Users\Gerson-PC\Downloads\unzip-me_mod_jar_file_inside9886349.zip
2016-02-21 17:09 - 2016-02-21 17:09 - 00000000 ____D C:\Users\Gerson-PC\AppData\LocalLow\uTorrent
2016-02-21 14:25 - 2016-02-21 14:25 - 00499943 _____ C:\Users\Gerson-PC\Downloads\SHARPNESS V [32x] For MC 1.7 +.zip
2016-02-21 14:11 - 2016-02-21 14:13 - 34864620 _____ C:\Users\Gerson-PC\Downloads\Brobi V2 Pack.zip
2016-02-21 13:31 - 2016-02-21 13:31 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft (2).exe
2016-02-18 23:46 - 2016-02-18 23:46 - 11531758 _____ C:\Users\Gerson-PC\Downloads\Edit.BOLADA.zip
2016-02-18 22:06 - 2016-02-18 22:06 - 04734664 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (4).exe
2016-02-17 22:36 - 2016-02-17 22:37 - 34469764 _____ C:\Users\Gerson-PC\Downloads\Mythruna-20120627-Windows.zip
2016-02-17 22:16 - 2016-02-17 22:16 - 00013627 _____ C:\Users\Gerson-PC\Downloads\Hurt World.torrent
2016-02-17 22:08 - 2016-02-17 22:08 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG (2).torrent
2016-02-17 22:07 - 2016-02-17 22:07 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG (1).torrent
2016-02-17 22:05 - 2016-02-17 22:05 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG.torrent
2016-02-17 21:42 - 2016-02-23 00:24 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Nova pasta (2)
2016-02-17 20:45 - 2016-02-24 12:01 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-02-17 20:45 - 2016-02-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-02-17 20:43 - 2016-02-17 20:43 - 02314240 _____ C:\Users\Gerson-PC\Downloads\MinecraftInstaller (1).msi
2016-02-17 20:43 - 2016-02-17 20:43 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft (1).exe
2016-02-17 13:43 - 2016-02-17 13:44 - 01016759 _____ C:\Users\Gerson-PC\Desktop\Minecraft(1).exe
2016-02-16 20:42 - 2016-02-16 20:42 - 00049522 _____ C:\Users\Gerson-PC\Downloads\Klient_Dayz_SA_v_0_58_128566_v3_0_torrent.torrent
2016-02-16 17:54 - 2016-02-16 17:54 - 00513214 _____ C:\Users\Gerson-PC\Downloads\TENTANDO UM MAPA _3.zip
2016-02-15 16:43 - 2016-02-15 16:43 - 02845707 _____ C:\Users\Gerson-PC\Downloads\CDA Mod 1.1.5 (1).zip
2016-02-15 05:07 - 2016-02-15 05:07 - 00097905 _____ C:\Users\Gerson-PC\Downloads\Saving.Private.Ryan.1998.1080p.BrRip.x264.YIFY_PtB.srt
2016-02-15 05:07 - 2016-02-15 05:07 - 00011596 _____ C:\Users\Gerson-PC\Downloads\Saving Private Ryan (1998) [1080p].torrent
2016-02-15 03:23 - 2016-02-15 03:23 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Macromedia
2016-02-15 03:22 - 2016-02-25 17:27 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-15 03:22 - 2016-02-15 03:22 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-15 03:22 - 2016-02-15 03:22 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-02-15 03:22 - 2016-02-15 03:22 - 00000000 ____D C:\ProgramData\McAfee
2016-02-15 03:06 - 2016-02-15 03:06 - 00016133 _____ C:\Users\Gerson-PC\Downloads\A617A4156A79D9F0594828294B88EA71BFDE6C70.torrent
2016-02-14 21:55 - 2016-02-14 21:56 - 00000014 _____ C:\Users\Gerson-PC\Desktop\zcxfa.txt
2016-02-14 20:43 - 2016-02-14 20:43 - 00002866 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-02-14 20:43 - 2016-02-14 20:43 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-14 20:43 - 2016-02-14 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-02-14 20:43 - 2016-02-14 20:43 - 00000000 ____D C:\Program Files\CCleaner
2016-02-14 20:42 - 2016-02-14 20:43 - 06828320 _____ (Piriform Ltd) C:\Users\Gerson-PC\Downloads\ccsetup514.exe
2016-02-14 16:29 - 2016-02-14 16:29 - 04734664 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (3).exe
2016-02-14 16:24 - 2016-02-14 16:26 - 84021068 _____ C:\Users\Gerson-PC\Downloads\sanflores v1.1 (1).rar
2016-02-14 16:17 - 2016-02-14 16:19 - 84021068 _____ C:\Users\Gerson-PC\Downloads\sanflores v1.1.rar
2016-02-14 14:42 - 2016-02-14 14:42 - 02845707 _____ C:\Users\Gerson-PC\Downloads\CDA Mod 1.1.5.zip
2016-02-14 14:11 - 2016-02-14 14:11 - 00711998 _____ C:\Users\Gerson-PC\Downloads\The Walking Dead Mod v2.7 for MC 1.7.10.zip
2016-02-14 13:40 - 2016-02-14 13:40 - 00022599 _____ C:\Users\Gerson-PC\Downloads\zonbie.zip
2016-02-14 12:33 - 2016-02-14 12:33 - 37121699 _____ C:\Users\Gerson-PC\Downloads\MineLoL [64x64] Realistic Texture Pack (V.1.8+).zip
2016-02-13 20:48 - 2016-02-23 00:04 - 00000246 _____ C:\Users\Gerson-PC\Desktop\minha conta.txt
2016-02-13 19:50 - 2016-02-13 19:50 - 00664446 _____ C:\Users\Gerson-PC\Downloads\modpack..zip
2016-02-13 19:49 - 2016-02-13 19:49 - 00453341 _____ C:\Users\Gerson-PC\Downloads\Dragon Mount 1.7.10 por Xbolado Games.jar.zip
2016-02-12 20:49 - 2016-02-12 20:49 - 00539146 _____ C:\Users\Gerson-PC\Downloads\ShapeShifterZ81.zip
2016-02-12 20:06 - 2016-02-12 20:06 - 02786954 _____ C:\Users\Gerson-PC\Downloads\forge-1.7.2-10.12.2.1121-installer.jar.zip
2016-02-12 19:26 - 2016-02-12 19:26 - 00338500 _____ C:\Users\Gerson-PC\Downloads\zamfor188840324.zip
2016-02-11 20:22 - 2016-02-12 10:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 01:12 - 2016-02-16 23:48 - 00000244 _____ C:\Users\Gerson-PC\Desktop\contas.txt
2016-02-10 23:13 - 2016-02-10 23:17 - 132231089 _____ C:\Users\Gerson-PC\Downloads\minecraft.1.7.10+The-Sims-Craft-AuthenticGames.rar
2016-02-10 21:35 - 2016-02-10 21:35 - 03749528 _____ C:\Users\Gerson-PC\Downloads\#CDG - Imgur.zip
2016-02-10 12:31 - 2016-02-10 12:32 - 00000028 _____ C:\Users\Gerson-PC\Desktop\codigos do minecreft.txt
2016-02-10 12:12 - 2016-02-10 12:16 - 22127965 _____ C:\Users\Gerson-PC\Downloads\JurassiCraft 2.0.0 Pre-release 5.jar.zip
2016-02-09 22:47 - 2016-02-09 22:47 - 00016024 _____ C:\Users\Gerson-PC\Downloads\B0bGary_s_Stone_Armour_1.6.4_v1.1.0.zip
2016-02-09 22:26 - 2016-02-09 22:31 - 198931077 _____ C:\Users\Gerson-PC\Downloads\Modpack 1.8 ConexaoPlayer.rar
2016-02-09 22:13 - 2016-02-09 22:13 - 00110268 _____ C:\Users\Gerson-PC\Downloads\TooManyItems2014_07_05_1.7.10.zip
2016-02-09 21:44 - 2016-02-09 21:44 - 00587156 _____ C:\Users\Gerson-PC\Downloads\MC Heli Mod Installer 1.7.2.zip
2016-02-09 20:47 - 2016-01-29 03:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 20:47 - 2016-01-29 03:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 20:47 - 2016-01-27 03:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 20:47 - 2016-01-27 03:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 20:47 - 2016-01-27 03:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 20:47 - 2016-01-27 03:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 20:47 - 2016-01-27 03:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 20:47 - 2016-01-27 02:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 20:47 - 2016-01-27 02:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 20:47 - 2016-01-27 02:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 20:47 - 2016-01-27 02:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 20:47 - 2016-01-27 02:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 20:47 - 2016-01-27 02:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 20:47 - 2016-01-27 02:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 20:47 - 2016-01-27 02:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 20:47 - 2016-01-27 02:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 20:47 - 2016-01-27 02:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 20:47 - 2016-01-27 02:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 20:47 - 2016-01-27 02:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 20:47 - 2016-01-27 02:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 20:47 - 2016-01-27 02:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 20:47 - 2016-01-27 02:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 20:47 - 2016-01-27 02:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 20:47 - 2016-01-27 02:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 20:47 - 2016-01-27 02:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 20:47 - 2016-01-27 02:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 20:47 - 2016-01-27 02:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 20:47 - 2016-01-27 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 20:47 - 2016-01-27 02:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 20:47 - 2016-01-27 02:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 20:47 - 2016-01-27 02:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 20:47 - 2016-01-27 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 20:47 - 2016-01-27 02:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 20:47 - 2016-01-27 02:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 20:47 - 2016-01-27 02:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 20:47 - 2016-01-27 02:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 20:47 - 2016-01-27 02:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 20:47 - 2016-01-27 02:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 20:47 - 2016-01-27 02:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 20:47 - 2016-01-27 01:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 20:47 - 2016-01-27 01:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 20:47 - 2016-01-27 01:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 20:47 - 2016-01-27 01:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 20:47 - 2016-01-27 01:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 20:47 - 2016-01-27 01:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 20:47 - 2016-01-27 01:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 20:47 - 2016-01-27 01:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 20:47 - 2016-01-27 01:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 20:47 - 2016-01-27 01:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 20:47 - 2016-01-27 01:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 20:47 - 2016-01-27 01:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 20:47 - 2016-01-27 01:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 20:47 - 2016-01-27 01:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 20:47 - 2016-01-27 01:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 20:47 - 2016-01-27 01:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 20:47 - 2016-01-27 01:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 20:47 - 2016-01-27 01:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 20:47 - 2016-01-27 01:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 20:47 - 2016-01-27 01:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 20:47 - 2016-01-27 01:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 20:47 - 2016-01-27 01:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-07 05:45 - 2016-02-07 05:45 - 00047312 _____ C:\Users\Gerson-PC\Downloads\scarface.(1983).pob.1cd.(3471095).zip
2016-02-07 05:41 - 2016-02-07 05:41 - 00047370 _____ C:\Users\Gerson-PC\Downloads\scarface.(1983).pob.1cd.(5120192)(1).zip
2016-02-05 22:50 - 2016-02-05 22:55 - 00000000 ____D C:\Users\Gerson-PC\Desktop\WTF
2016-02-05 22:50 - 2016-02-05 22:55 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Data
2016-02-05 22:35 - 2016-02-05 22:35 - 00002149 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Hurtworld (2).lnk
2016-02-05 22:05 - 2016-02-05 22:08 - 10335064 _____ (MEGA Limited) C:\Users\Gerson-PC\Downloads\MEGAsyncSetup(1).exe
2016-02-05 21:45 - 2016-02-05 21:45 - 00000000 ____D C:\Program Files (x86)\Bankroll Studios
2016-02-05 21:44 - 2016-02-05 21:44 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Downloaded Installations
2016-02-04 19:02 - 2016-02-04 19:03 - 65857390 _____ C:\Users\Gerson-PC\Downloads\minecraft(1).rar
2016-02-03 22:48 - 2016-02-15 03:22 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Adobe
2016-02-03 22:48 - 2016-02-04 13:20 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Adobe
2016-02-03 22:48 - 2016-02-03 22:48 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-02-03 22:48 - 2016-02-03 22:48 - 00000000 ____D C:\ProgramData\Adobe
2016-02-03 22:30 - 2016-02-03 22:30 - 00030998 _____ C:\Users\Gerson-PC\Downloads\curriculum-vitae (1).pdf
2016-02-03 22:27 - 2016-02-03 22:28 - 00030998 _____ C:\Users\Gerson-PC\Downloads\curriculum-vitae.pdf
2016-02-03 20:14 - 2016-02-03 20:14 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft.exe
2016-02-02 11:34 - 2016-02-16 16:15 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGerson-PC.job
2016-01-31 20:07 - 2016-01-31 20:07 - 01474094 _____ (suprx) C:\Users\Gerson-PC\Downloads\suprx2.exe
2016-01-31 00:00 - 2016-01-31 00:00 - 05157504 _____ C:\Users\Gerson-PC\Downloads\Guia de receitas anarquistas completo port MA.rar
2016-01-30 17:27 - 2016-01-30 17:28 - 58543367 _____ C:\Users\Gerson-PC\Downloads\metallurgy2 1.4.6 ReiRex.rar
2016-01-30 16:39 - 2016-01-30 16:41 - 53506172 _____ C:\Users\Gerson-PC\Downloads\ShapeShifter.rar
2016-01-30 16:26 - 2016-01-30 16:32 - 252185216 _____ C:\Users\Gerson-PC\Downloads\pixelmon-do-Tio-Golden.zip
2016-01-28 21:32 - 2016-01-28 21:32 - 00003629 _____ C:\Users\Gerson-PC\Downloads\ACWarn-Plugin-In-Here.zip
2016-01-28 20:09 - 2016-01-28 20:09 - 00056319 _____ C:\Users\Gerson-PC\Downloads\LootMod 0.1 for MC 1.2.5.zip
2016-01-28 19:21 - 2016-01-28 19:31 - 435503655 _____ C:\Users\Gerson-PC\Downloads\Rezende Avetureiro - Modpack.rar
2016-01-28 19:14 - 2016-01-28 19:14 - 00007637 _____ C:\Users\Gerson-PC\Downloads\vanilla.recipes
2016-01-28 19:11 - 2016-01-28 19:11 - 00027394 _____ C:\Users\Gerson-PC\Downloads\Emerald-and-Obsidian-Tools.zip
2016-01-28 18:42 - 2016-01-28 18:42 - 00583488 _____ C:\Users\Gerson-PC\Downloads\CustomMobSpawner 3.0.0.zip
2016-01-28 18:19 - 2016-01-28 18:19 - 00622570 _____ C:\Users\Gerson-PC\Downloads\Guardsmod v1.3 (1).zip
2016-01-28 18:17 - 2016-01-28 18:18 - 02312461 _____ C:\Users\Gerson-PC\Downloads\forge-1.6.4-9.11.1.1345-installer.jar
2016-01-28 01:28 - 2016-01-16 03:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 01:28 - 2016-01-16 03:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 01:28 - 2016-01-16 03:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 01:28 - 2016-01-16 03:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 01:28 - 2016-01-16 03:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 01:28 - 2016-01-16 03:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 01:28 - 2016-01-16 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 01:28 - 2016-01-16 03:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 01:28 - 2016-01-16 03:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 01:28 - 2016-01-16 03:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 01:28 - 2016-01-16 03:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 01:28 - 2016-01-16 02:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 01:28 - 2016-01-16 02:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 01:28 - 2016-01-16 02:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 01:28 - 2016-01-16 02:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 01:28 - 2016-01-16 02:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 01:28 - 2016-01-16 02:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 01:28 - 2016-01-16 02:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 01:28 - 2016-01-16 02:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 01:28 - 2016-01-16 02:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 01:28 - 2016-01-16 02:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 01:28 - 2016-01-16 02:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 01:28 - 2016-01-16 02:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 01:28 - 2016-01-16 02:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 01:28 - 2016-01-16 02:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 01:28 - 2016-01-16 02:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 01:28 - 2016-01-16 02:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 01:28 - 2016-01-16 02:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 01:28 - 2016-01-16 02:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 01:28 - 2016-01-16 02:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 01:28 - 2016-01-16 02:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 01:28 - 2016-01-16 02:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 01:28 - 2016-01-16 02:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 01:28 - 2016-01-16 02:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 01:28 - 2016-01-16 02:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 01:28 - 2016-01-16 02:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 01:28 - 2016-01-16 02:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 01:28 - 2016-01-16 02:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 01:28 - 2016-01-16 02:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 01:28 - 2016-01-16 02:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 01:27 - 2016-01-16 03:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 01:27 - 2016-01-16 03:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 01:27 - 2016-01-16 03:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 01:27 - 2016-01-16 03:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 01:27 - 2016-01-16 03:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 01:27 - 2016-01-16 03:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 01:27 - 2016-01-16 03:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 01:27 - 2016-01-16 02:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 01:27 - 2016-01-16 02:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 01:27 - 2016-01-16 02:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 01:27 - 2016-01-16 02:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 01:27 - 2016-01-16 02:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 01:27 - 2016-01-16 02:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 01:27 - 2016-01-16 02:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 01:27 - 2016-01-16 02:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 01:27 - 2016-01-16 02:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 01:27 - 2016-01-16 02:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 01:27 - 2016-01-16 02:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 01:27 - 2016-01-16 02:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 01:27 - 2016-01-16 02:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 01:27 - 2016-01-16 02:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 01:27 - 2016-01-16 02:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 01:27 - 2016-01-16 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 01:27 - 2016-01-16 02:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 01:27 - 2016-01-16 02:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 01:27 - 2016-01-16 02:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 01:27 - 2016-01-16 02:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 01:27 - 2016-01-16 02:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 01:27 - 2016-01-16 02:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 01:27 - 2016-01-16 02:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 01:27 - 2016-01-16 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 01:27 - 2016-01-16 02:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 01:27 - 2016-01-16 02:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 01:27 - 2016-01-16 02:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 01:27 - 2016-01-16 02:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 01:27 - 2016-01-16 02:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 01:27 - 2016-01-16 02:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 01:27 - 2016-01-16 02:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 01:27 - 2016-01-16 02:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 01:27 - 2016-01-16 02:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 01:27 - 2016-01-16 02:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 01:27 - 2016-01-16 02:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 01:27 - 2016-01-16 02:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 01:27 - 2016-01-16 02:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 01:27 - 2016-01-16 02:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 01:27 - 2016-01-16 02:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 01:27 - 2016-01-16 02:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 01:27 - 2016-01-16 02:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-27 20:38 - 2016-01-27 20:47 - 412679786 _____ C:\Users\Gerson-PC\Downloads\minecraft.rar
2016-01-27 00:42 - 2016-02-03 21:55 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\PointBlank
2016-01-27 00:38 - 2016-02-05 20:09 - 00036904 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-01-27 00:38 - 2016-02-05 20:09 - 00019176 _____ C:\WINDOWS\xspirit.sys
2016-01-27 00:10 - 2016-01-27 00:10 - 00000786 _____ C:\Users\Gerson-PC\Desktop\PointBlank.lnk
2016-01-27 00:10 - 2016-01-27 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank
2016-01-27 00:04 - 2016-01-27 00:04 - 00000000 ____D C:\ongame
2016-01-26 23:30 - 2016-01-26 23:30 - 00011576 _____ C:\Users\Gerson-PC\Downloads\PointBlankSetup_20150813.torrent
2016-01-26 20:03 - 2016-01-26 20:04 - 04734232 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (2).exe
2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Google
2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-01-26 03:10 - 2016-01-26 03:10 - 00054706 _____ C:\Users\Gerson-PC\Downloads\scarface-528-poster (1)
2016-01-26 03:10 - 2016-01-26 03:10 - 00054706 _____ C:\Users\Gerson-PC\Downloads\scarface-528-poster
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-25 23:38 - 2015-11-19 22:02 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-25 23:38 - 2015-10-30 16:11 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat
2016-02-25 23:38 - 2015-10-30 16:11 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat
2016-02-25 23:38 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-25 23:36 - 2016-01-15 11:03 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-02-25 23:36 - 2016-01-15 11:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-02-25 23:35 - 2015-11-25 13:48 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\LogMeIn Hamachi
2016-02-25 23:33 - 2015-11-25 21:45 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Skype
2016-02-25 23:32 - 2016-01-10 02:56 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-25 23:32 - 2015-12-16 18:04 - 00000334 _____ C:\WINDOWS\Tasks\{8EF42242-F6C9-48C9-8BCF-195C9A16E87D}.job
2016-02-25 23:32 - 2015-11-19 22:12 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-25 23:32 - 2015-11-19 22:12 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-25 23:32 - 2015-11-02 15:25 - 00000000 __SHD C:\Users\Gerson-PC\IntelGraphicsProfiles
2016-02-25 23:31 - 2016-01-10 03:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-25 23:20 - 2015-11-20 21:07 - 00001140 _____ C:\Users\Gerson-PC\Desktop\nativelog.txt
2016-02-25 17:55 - 2015-11-20 11:55 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{180EAB1A-FCBF-461A-B8C1-830DA6428D6C}
2016-02-25 16:43 - 2016-01-10 02:59 - 00000000 ____D C:\Users\Gerson-PC
2016-02-25 16:20 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-25 15:46 - 2015-11-21 00:32 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\MPC-HC
2016-02-25 15:18 - 2015-12-16 18:04 - 00002119 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2016-02-25 15:18 - 2015-11-19 22:35 - 00000269 _____ C:\WINDOWS\win.ini
2016-02-24 22:00 - 2015-09-10 02:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-24 20:54 - 2016-01-10 03:50 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-24 20:53 - 2015-11-21 00:27 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Media Player Classic
2016-02-24 17:53 - 2015-12-16 18:06 - 00001490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-24 17:52 - 2015-11-19 22:35 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-24 17:52 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-24 17:11 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-24 15:38 - 2015-11-20 11:50 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\.minecraft
2016-02-24 14:06 - 2016-01-24 17:03 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\.technic
2016-02-23 20:14 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-23 16:41 - 2015-11-20 23:20 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\uTorrent
2016-02-21 16:24 - 2015-11-26 09:04 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\PhotoScape
2016-02-21 13:31 - 2015-11-18 14:03 - 00001242 _____ C:\Users\Gerson-PC\Downloads\nativelog.txt
2016-02-21 13:31 - 2015-11-18 14:03 - 00000000 ____D C:\Users\Gerson-PC\Downloads\game
2016-02-15 05:57 - 2016-01-23 18:00 - 00000000 ____D C:\Users\Gerson-PC\Desktop\WhatsApp
2016-02-15 05:13 - 2016-01-23 16:47 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Aqui
2016-02-15 05:13 - 2015-11-22 17:37 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\ElevatedDiagnostics
2016-02-12 22:50 - 2015-11-22 18:38 - 00000843 _____ C:\Users\Gerson-PC\Desktop\LASZ.txt
2016-02-12 19:08 - 2015-11-25 21:44 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-02-12 19:08 - 2015-11-25 21:44 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 12:21 - 2016-01-10 03:48 - 00000000 ____D C:\Windows.old
2016-02-12 10:21 - 2016-01-07 22:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-11 20:16 - 2015-11-19 22:04 - 00002381 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-11 20:16 - 2015-11-02 14:42 - 00000000 ___RD C:\Users\Gerson-PC\OneDrive
2016-02-11 07:01 - 2015-11-19 21:59 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Packages
2016-02-11 06:24 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 22:16 - 2016-01-11 11:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-10 22:16 - 2016-01-11 11:12 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-02-10 11:59 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 01:45 - 2015-11-20 22:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 01:45 - 2015-11-20 22:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 01:44 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-08 13:28 - 2016-01-15 11:04 - 00001742 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-02-08 13:28 - 2016-01-15 11:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksGameManager
2016-02-08 13:28 - 2016-01-15 11:04 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-02-08 13:28 - 2015-10-30 04:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\ProgramData\BlueStacks
2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-02-05 22:09 - 2015-12-16 21:53 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\MEGAsync
2016-02-03 16:01 - 2015-10-30 04:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 16:01 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-01 13:49 - 2015-12-17 22:11 - 00000026 _____ C:\Users\Gerson-PC\Desktop\Novo Documento de Texto.txt
2016-02-01 13:37 - 2015-12-24 17:53 - 00000183 _____ C:\Users\Gerson-PC\Desktop\gzx.txt
2016-02-01 13:30 - 2015-12-17 00:47 - 00001029 _____ C:\Users\Gerson-PC\Desktop\la vem.txt
2016-02-01 03:27 - 2015-11-19 22:12 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 03:27 - 2015-11-19 22:12 - 00003922 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 14:52 - 2016-01-10 02:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-30 14:52 - 2015-11-26 06:53 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 03:39 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-26 19:27 - 2015-11-26 09:05 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-01-26 19:27 - 2015-11-26 09:05 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-01-26 19:27 - 2015-11-26 09:05 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-01-26 19:27 - 2015-11-26 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Arquivos na raiz de alguns diretórios =======
2016-02-25 11:45 - 2016-02-25 11:45 - 0032038 _____ () C:\Users\Gerson-PC\AppData\Roaming\Edge.ico
2016-02-24 18:52 - 2016-02-24 18:52 - 0000045 _____ () C:\Users\Gerson-PC\AppData\Roaming\WB.CFG
2015-11-23 17:58 - 2015-11-23 17:58 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-10 02:56 - 2016-01-10 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{8EF42242-F6C9-48C9-8BCF-195C9A16E87D}.job
Alguns arquivos em TEMP:
====================
C:\Users\Gerson-PC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-02-18 16:14
==================== Fim de FRST.txt ============================
Executado por Gerson-PC (administrador) em GERSON-PC (25-02-2016 23:42:40)
Executando a partir de C:\Users\Gerson-PC\Desktop
Perfis Carregados: Gerson-PC (Perfis Disponíveis: Gerson-PC)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(© 2015 Microsoft Corporation) C:\Users\Gerson-PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46051.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2015-11-02] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [BingSvc] => C:\Users\Gerson-PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-25] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-09] ()
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-3545598357-960246443-762122577-1001\...\RunOnce: [Uninstall C:\Users\Gerson-PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gerson-PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gerson-PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 5520 series (Rede).lnk [2016-01-09]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 5520 series (Rede).lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{e1dae992-a85d-459a-afe0-ae112f3ce8c7}: [DhcpNameServer] 187.64.0.34 187.64.0.122 187.64.0.112
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKU\S-1-5-21-3545598357-960246443-762122577-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyCzz0E0DtDzy0E0E0AtN0D0Tzu0StCyDtCyDtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StB0ByDzyzztCzz0BtGtDtDtAzytGzz0CzytCtGyEyDtAyEtGyCzz0CtBtA0EtBtBzyyB0C0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtA0CtAzyzytC0AtG0DyCzz0DtGyEyEtB0CtGzz0EtA0CtG0EyBzy0EtByCyDzytB0FtAyD2QtN0A0LzuyE%26cr%3D1606442579%26a%3Dwncy_fs_16_08%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {3B1D0648-C37B-4C4A-A925-EF6057C2A452} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3545598357-960246443-762122577-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Gerson-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4ad9r6iz.default
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3545598357-960246443-762122577-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gerson-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Gerson-PC\AppData\Roaming\Mozilla\Firefox\Profiles\4ad9r6iz.default\searchplugins\bing-.xml [2016-01-21]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo
CHR Profile: C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo!) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijepgjdjkdbopbnaopmlmobimmhjklhd [2016-02-25]
CHR Extension: (Skype) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Gerson-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-24]
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems)
R3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-24] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-11-23] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2015-11-02] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-02-05] (Wellbia.com Co., Ltd.)
S3 xspirit; C:\WINDOWS\xspirit.sys [19176 2016-02-05] ()
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-25 23:42 - 2016-02-25 23:43 - 00023546 _____ C:\Users\Gerson-PC\Desktop\FRST.txt
2016-02-25 23:41 - 2016-02-25 23:42 - 00000000 ____D C:\FRST
2016-02-25 23:41 - 2016-02-25 23:40 - 02371072 _____ (Farbar) C:\Users\Gerson-PC\Desktop\FRST64.exe
2016-02-25 23:40 - 2016-02-25 23:40 - 02371072 _____ (Farbar) C:\Users\Gerson-PC\Downloads\FRST64.exe
2016-02-25 23:40 - 2016-02-25 23:40 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-25 23:40 - 2016-02-25 23:40 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-25 23:38 - 2016-02-25 23:38 - 00987728 _____ (Google Inc.) C:\Users\Gerson-PC\Downloads\ChromeSetup (3).exe
2016-02-25 16:43 - 2016-02-25 16:43 - 00000000 ____D C:\Users\Gerson-PC\.android
2016-02-25 16:33 - 2016-02-25 16:33 - 00987728 _____ (Google Inc.) C:\Users\Gerson-PC\Downloads\ChromeSetup (2).exe
2016-02-25 16:24 - 2016-02-25 16:24 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (11).exe
2016-02-25 16:21 - 2016-02-25 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-02-25 16:11 - 2016-02-25 16:24 - 00000000 ____D C:\AdwCleaner
2016-02-25 16:09 - 2016-02-25 16:11 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (3).exe
2016-02-25 16:09 - 2016-02-25 16:10 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (9).exe
2016-02-25 16:09 - 2016-02-25 16:10 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (10).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\adwcleaner_5.036.exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (8).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (7).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (6).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (5).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (4).exe
2016-02-25 16:09 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (2).exe
2016-02-25 16:08 - 2016-02-25 16:09 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner (1).exe
2016-02-25 16:08 - 2016-02-25 16:08 - 01511936 _____ C:\Users\Gerson-PC\Downloads\AdwCleaner.exe
2016-02-25 15:25 - 2016-02-25 15:25 - 01309184 _____ C:\Users\Gerson-PC\Desktop\zoek.exe
2016-02-25 15:25 - 2016-02-25 15:25 - 00000000 ____D C:\zoek_backup
2016-02-25 15:24 - 2016-02-25 15:25 - 01309184 _____ C:\Users\Gerson-PC\Downloads\zoek.exe
2016-02-25 15:23 - 2016-02-25 23:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-25 15:23 - 2016-02-25 15:23 - 22908888 _____ (Malwarebytes ) C:\Users\Gerson-PC\Desktop\mbam-setup-org-2.2.0.1024.exe
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-25 15:23 - 2016-02-25 15:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-25 15:23 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-25 15:23 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-25 15:23 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-25 15:22 - 2016-02-25 15:23 - 22908888 _____ (Malwarebytes ) C:\Users\Gerson-PC\Downloads\mbam-setup-org-2.2.0.1024.exe
2016-02-24 23:31 - 2016-02-25 23:37 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-02-24 23:31 - 2016-02-25 23:37 - 00000000 ____D C:\ProgramData\ProductData
2016-02-24 23:31 - 2016-02-25 11:36 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\ProductData
2016-02-24 23:26 - 2016-02-24 23:26 - 01609216 _____ (Malwarebytes) C:\Users\Gerson-PC\Desktop\JRT.exe
2016-02-24 23:25 - 2016-02-24 23:26 - 01609216 _____ (Malwarebytes) C:\Users\Gerson-PC\Downloads\JRT.exe
2016-02-24 20:57 - 2016-02-24 20:57 - 00001263 _____ C:\Users\Gerson-PC\Desktop\Continue Last version Installation.lnk
2016-02-24 20:27 - 2016-02-24 20:28 - 00002225 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-02-24 20:27 - 2016-02-24 20:27 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-02-24 20:27 - 2016-02-24 20:27 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-02-24 20:27 - 2016-02-24 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-02-24 20:26 - 2016-02-24 20:26 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-02-24 20:26 - 2016-02-24 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\IObit
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\ProgramData\IObit
2016-02-24 20:25 - 2016-02-24 23:28 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-24 20:25 - 2016-02-24 20:55 - 00002236 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-02-24 20:25 - 2016-02-24 20:27 - 00003314 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-02-24 20:25 - 2016-02-24 20:27 - 00000000 ____D C:\Users\Gerson-PC\AppData\LocalLow\IObit
2016-02-24 20:25 - 2016-02-24 20:25 - 00003438 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_Gerson-PC
2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\Users\Todos os Usuários\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-02-24 20:25 - 2016-02-24 20:25 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-24 20:12 - 2016-02-24 20:25 - 41171496 _____ (IObit ) C:\Users\Gerson-PC\Downloads\advanced-systemcare-setup.exe
2016-02-24 19:49 - 2016-02-24 19:49 - 00003318 _____ C:\WINDOWS\System32\Tasks\{D6269E3F-6D7C-4FD1-9E93-CEFF13D1C593}
2016-02-24 18:52 - 2016-02-24 18:52 - 00000045 _____ C:\Users\Gerson-PC\AppData\Roaming\WB.CFG
2016-02-24 18:20 - 2016-02-24 18:20 - 00000374 _____ C:\WINDOWS\SysWOW64\data.bin
2016-02-24 18:08 - 2016-02-24 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-02-24 18:06 - 2016-02-24 18:06 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Setup Wizard
2016-02-24 18:05 - 2016-02-24 18:05 - 00003652 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-02-24 18:05 - 2016-02-24 18:05 - 00003118 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-02-24 18:05 - 2016-02-24 18:05 - 00003012 _____ C:\WINDOWS\System32\Tasks\osTip
2016-02-24 18:05 - 2016-02-24 18:05 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-24 18:05 - 2016-02-24 18:05 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-24 17:59 - 2016-02-25 17:18 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-24 17:59 - 2016-02-24 17:59 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\gplyra
2016-02-24 17:54 - 2016-02-24 17:54 - 00000000 ____D C:\Users\Gerson-PC\Desktop\2016-08
2016-02-24 17:52 - 2016-02-24 17:52 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-24 17:52 - 2016-02-24 17:52 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-02-24 17:51 - 2016-02-24 17:51 - 00001136 _____ C:\Users\Gerson-PC\Desktop\Format Factory.lnk
2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-02-24 17:51 - 2016-02-24 17:51 - 00000000 _____ C:\WINDOWS\SysWOW64\track
2016-02-24 17:50 - 2016-02-25 17:16 - 00000000 ____D C:\Users\Todos os Usuários\umBMnf
2016-02-24 17:50 - 2016-02-25 17:16 - 00000000 ____D C:\ProgramData\umBMnf
2016-02-24 17:49 - 2016-02-24 17:48 - 00000997 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-02-24 17:41 - 2016-02-24 17:41 - 00003436 _____ C:\WINDOWS\System32\Tasks\Format Factory
2016-02-24 17:40 - 2016-02-24 17:41 - 04508993 _____ (FF, Inc ) C:\Users\Gerson-PC\Downloads\fast-video-converter-3.8.0.4.exe
2016-02-24 14:05 - 2016-02-24 14:05 - 00626622 _____ C:\Users\Gerson-PC\Downloads\Tundra by Vilonium.zip
2016-02-23 00:24 - 2016-02-23 00:24 - 00656680 _____ C:\Users\Gerson-PC\Downloads\CP Member Maker V5.exe
2016-02-23 00:24 - 2010-08-30 15:27 - 00000000 ____D C:\Users\Gerson-PC\Downloads\CP Member Maker V5
2016-02-22 12:42 - 2016-02-22 12:42 - 00177149 _____ C:\Users\Gerson-PC\Downloads\Smaragd Mod.zip
2016-02-22 12:39 - 2016-02-22 12:39 - 00001434 _____ C:\Users\Gerson-PC\Downloads\Better Gold v18.zip
2016-02-22 12:26 - 2016-02-22 12:26 - 00095905 _____ C:\Users\Gerson-PC\Downloads\LotsOfSteves0.6.jar.zip
2016-02-22 12:19 - 2016-02-22 12:19 - 00565061 _____ C:\Users\Gerson-PC\Downloads\unzip-me_mod_jar_file_inside9886349.zip
2016-02-21 17:09 - 2016-02-21 17:09 - 00000000 ____D C:\Users\Gerson-PC\AppData\LocalLow\uTorrent
2016-02-21 14:25 - 2016-02-21 14:25 - 00499943 _____ C:\Users\Gerson-PC\Downloads\SHARPNESS V [32x] For MC 1.7 +.zip
2016-02-21 14:11 - 2016-02-21 14:13 - 34864620 _____ C:\Users\Gerson-PC\Downloads\Brobi V2 Pack.zip
2016-02-21 13:31 - 2016-02-21 13:31 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft (2).exe
2016-02-18 23:46 - 2016-02-18 23:46 - 11531758 _____ C:\Users\Gerson-PC\Downloads\Edit.BOLADA.zip
2016-02-18 22:06 - 2016-02-18 22:06 - 04734664 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (4).exe
2016-02-17 22:36 - 2016-02-17 22:37 - 34469764 _____ C:\Users\Gerson-PC\Downloads\Mythruna-20120627-Windows.zip
2016-02-17 22:16 - 2016-02-17 22:16 - 00013627 _____ C:\Users\Gerson-PC\Downloads\Hurt World.torrent
2016-02-17 22:08 - 2016-02-17 22:08 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG (2).torrent
2016-02-17 22:07 - 2016-02-17 22:07 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG (1).torrent
2016-02-17 22:05 - 2016-02-17 22:05 - 00024304 _____ C:\Users\Gerson-PC\Downloads\ARSV92 - FDG.torrent
2016-02-17 21:42 - 2016-02-23 00:24 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Nova pasta (2)
2016-02-17 20:45 - 2016-02-24 12:01 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-02-17 20:45 - 2016-02-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-02-17 20:43 - 2016-02-17 20:43 - 02314240 _____ C:\Users\Gerson-PC\Downloads\MinecraftInstaller (1).msi
2016-02-17 20:43 - 2016-02-17 20:43 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft (1).exe
2016-02-17 13:43 - 2016-02-17 13:44 - 01016759 _____ C:\Users\Gerson-PC\Desktop\Minecraft(1).exe
2016-02-16 20:42 - 2016-02-16 20:42 - 00049522 _____ C:\Users\Gerson-PC\Downloads\Klient_Dayz_SA_v_0_58_128566_v3_0_torrent.torrent
2016-02-16 17:54 - 2016-02-16 17:54 - 00513214 _____ C:\Users\Gerson-PC\Downloads\TENTANDO UM MAPA _3.zip
2016-02-15 16:43 - 2016-02-15 16:43 - 02845707 _____ C:\Users\Gerson-PC\Downloads\CDA Mod 1.1.5 (1).zip
2016-02-15 05:07 - 2016-02-15 05:07 - 00097905 _____ C:\Users\Gerson-PC\Downloads\Saving.Private.Ryan.1998.1080p.BrRip.x264.YIFY_PtB.srt
2016-02-15 05:07 - 2016-02-15 05:07 - 00011596 _____ C:\Users\Gerson-PC\Downloads\Saving Private Ryan (1998) [1080p].torrent
2016-02-15 03:23 - 2016-02-15 03:23 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Macromedia
2016-02-15 03:22 - 2016-02-25 17:27 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-15 03:22 - 2016-02-15 03:22 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-15 03:22 - 2016-02-15 03:22 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-02-15 03:22 - 2016-02-15 03:22 - 00000000 ____D C:\ProgramData\McAfee
2016-02-15 03:06 - 2016-02-15 03:06 - 00016133 _____ C:\Users\Gerson-PC\Downloads\A617A4156A79D9F0594828294B88EA71BFDE6C70.torrent
2016-02-14 21:55 - 2016-02-14 21:56 - 00000014 _____ C:\Users\Gerson-PC\Desktop\zcxfa.txt
2016-02-14 20:43 - 2016-02-14 20:43 - 00002866 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-02-14 20:43 - 2016-02-14 20:43 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-14 20:43 - 2016-02-14 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-02-14 20:43 - 2016-02-14 20:43 - 00000000 ____D C:\Program Files\CCleaner
2016-02-14 20:42 - 2016-02-14 20:43 - 06828320 _____ (Piriform Ltd) C:\Users\Gerson-PC\Downloads\ccsetup514.exe
2016-02-14 16:29 - 2016-02-14 16:29 - 04734664 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (3).exe
2016-02-14 16:24 - 2016-02-14 16:26 - 84021068 _____ C:\Users\Gerson-PC\Downloads\sanflores v1.1 (1).rar
2016-02-14 16:17 - 2016-02-14 16:19 - 84021068 _____ C:\Users\Gerson-PC\Downloads\sanflores v1.1.rar
2016-02-14 14:42 - 2016-02-14 14:42 - 02845707 _____ C:\Users\Gerson-PC\Downloads\CDA Mod 1.1.5.zip
2016-02-14 14:11 - 2016-02-14 14:11 - 00711998 _____ C:\Users\Gerson-PC\Downloads\The Walking Dead Mod v2.7 for MC 1.7.10.zip
2016-02-14 13:40 - 2016-02-14 13:40 - 00022599 _____ C:\Users\Gerson-PC\Downloads\zonbie.zip
2016-02-14 12:33 - 2016-02-14 12:33 - 37121699 _____ C:\Users\Gerson-PC\Downloads\MineLoL [64x64] Realistic Texture Pack (V.1.8+).zip
2016-02-13 20:48 - 2016-02-23 00:04 - 00000246 _____ C:\Users\Gerson-PC\Desktop\minha conta.txt
2016-02-13 19:50 - 2016-02-13 19:50 - 00664446 _____ C:\Users\Gerson-PC\Downloads\modpack..zip
2016-02-13 19:49 - 2016-02-13 19:49 - 00453341 _____ C:\Users\Gerson-PC\Downloads\Dragon Mount 1.7.10 por Xbolado Games.jar.zip
2016-02-12 20:49 - 2016-02-12 20:49 - 00539146 _____ C:\Users\Gerson-PC\Downloads\ShapeShifterZ81.zip
2016-02-12 20:06 - 2016-02-12 20:06 - 02786954 _____ C:\Users\Gerson-PC\Downloads\forge-1.7.2-10.12.2.1121-installer.jar.zip
2016-02-12 19:26 - 2016-02-12 19:26 - 00338500 _____ C:\Users\Gerson-PC\Downloads\zamfor188840324.zip
2016-02-11 20:22 - 2016-02-12 10:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 01:12 - 2016-02-16 23:48 - 00000244 _____ C:\Users\Gerson-PC\Desktop\contas.txt
2016-02-10 23:13 - 2016-02-10 23:17 - 132231089 _____ C:\Users\Gerson-PC\Downloads\minecraft.1.7.10+The-Sims-Craft-AuthenticGames.rar
2016-02-10 21:35 - 2016-02-10 21:35 - 03749528 _____ C:\Users\Gerson-PC\Downloads\#CDG - Imgur.zip
2016-02-10 12:31 - 2016-02-10 12:32 - 00000028 _____ C:\Users\Gerson-PC\Desktop\codigos do minecreft.txt
2016-02-10 12:12 - 2016-02-10 12:16 - 22127965 _____ C:\Users\Gerson-PC\Downloads\JurassiCraft 2.0.0 Pre-release 5.jar.zip
2016-02-09 22:47 - 2016-02-09 22:47 - 00016024 _____ C:\Users\Gerson-PC\Downloads\B0bGary_s_Stone_Armour_1.6.4_v1.1.0.zip
2016-02-09 22:26 - 2016-02-09 22:31 - 198931077 _____ C:\Users\Gerson-PC\Downloads\Modpack 1.8 ConexaoPlayer.rar
2016-02-09 22:13 - 2016-02-09 22:13 - 00110268 _____ C:\Users\Gerson-PC\Downloads\TooManyItems2014_07_05_1.7.10.zip
2016-02-09 21:44 - 2016-02-09 21:44 - 00587156 _____ C:\Users\Gerson-PC\Downloads\MC Heli Mod Installer 1.7.2.zip
2016-02-09 20:47 - 2016-01-29 03:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 20:47 - 2016-01-29 03:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 20:47 - 2016-01-27 03:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 20:47 - 2016-01-27 03:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 20:47 - 2016-01-27 03:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 20:47 - 2016-01-27 03:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 20:47 - 2016-01-27 03:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 20:47 - 2016-01-27 02:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 20:47 - 2016-01-27 02:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 20:47 - 2016-01-27 02:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 20:47 - 2016-01-27 02:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 20:47 - 2016-01-27 02:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 20:47 - 2016-01-27 02:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 20:47 - 2016-01-27 02:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 20:47 - 2016-01-27 02:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 20:47 - 2016-01-27 02:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 20:47 - 2016-01-27 02:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 20:47 - 2016-01-27 02:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 20:47 - 2016-01-27 02:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 20:47 - 2016-01-27 02:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 20:47 - 2016-01-27 02:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 20:47 - 2016-01-27 02:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 20:47 - 2016-01-27 02:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 20:47 - 2016-01-27 02:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 20:47 - 2016-01-27 02:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 20:47 - 2016-01-27 02:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 20:47 - 2016-01-27 02:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 20:47 - 2016-01-27 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 20:47 - 2016-01-27 02:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 20:47 - 2016-01-27 02:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 20:47 - 2016-01-27 02:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 20:47 - 2016-01-27 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 20:47 - 2016-01-27 02:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 20:47 - 2016-01-27 02:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 20:47 - 2016-01-27 02:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 20:47 - 2016-01-27 02:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 20:47 - 2016-01-27 02:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 20:47 - 2016-01-27 02:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 20:47 - 2016-01-27 02:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 20:47 - 2016-01-27 02:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 20:47 - 2016-01-27 01:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 20:47 - 2016-01-27 01:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 20:47 - 2016-01-27 01:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 20:47 - 2016-01-27 01:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 20:47 - 2016-01-27 01:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 20:47 - 2016-01-27 01:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 20:47 - 2016-01-27 01:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 20:47 - 2016-01-27 01:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 20:47 - 2016-01-27 01:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 20:47 - 2016-01-27 01:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 20:47 - 2016-01-27 01:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 20:47 - 2016-01-27 01:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 20:47 - 2016-01-27 01:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 20:47 - 2016-01-27 01:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 20:47 - 2016-01-27 01:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 20:47 - 2016-01-27 01:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 20:47 - 2016-01-27 01:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 20:47 - 2016-01-27 01:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 20:47 - 2016-01-27 01:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 20:47 - 2016-01-27 01:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 20:47 - 2016-01-27 01:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 20:47 - 2016-01-27 01:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-07 05:45 - 2016-02-07 05:45 - 00047312 _____ C:\Users\Gerson-PC\Downloads\scarface.(1983).pob.1cd.(3471095).zip
2016-02-07 05:41 - 2016-02-07 05:41 - 00047370 _____ C:\Users\Gerson-PC\Downloads\scarface.(1983).pob.1cd.(5120192)(1).zip
2016-02-05 22:50 - 2016-02-05 22:55 - 00000000 ____D C:\Users\Gerson-PC\Desktop\WTF
2016-02-05 22:50 - 2016-02-05 22:55 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Data
2016-02-05 22:35 - 2016-02-05 22:35 - 00002149 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Hurtworld (2).lnk
2016-02-05 22:05 - 2016-02-05 22:08 - 10335064 _____ (MEGA Limited) C:\Users\Gerson-PC\Downloads\MEGAsyncSetup(1).exe
2016-02-05 21:45 - 2016-02-05 21:45 - 00000000 ____D C:\Program Files (x86)\Bankroll Studios
2016-02-05 21:44 - 2016-02-05 21:44 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Downloaded Installations
2016-02-04 19:02 - 2016-02-04 19:03 - 65857390 _____ C:\Users\Gerson-PC\Downloads\minecraft(1).rar
2016-02-03 22:48 - 2016-02-15 03:22 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Adobe
2016-02-03 22:48 - 2016-02-04 13:20 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Adobe
2016-02-03 22:48 - 2016-02-03 22:48 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-02-03 22:48 - 2016-02-03 22:48 - 00000000 ____D C:\ProgramData\Adobe
2016-02-03 22:30 - 2016-02-03 22:30 - 00030998 _____ C:\Users\Gerson-PC\Downloads\curriculum-vitae (1).pdf
2016-02-03 22:27 - 2016-02-03 22:28 - 00030998 _____ C:\Users\Gerson-PC\Downloads\curriculum-vitae.pdf
2016-02-03 20:14 - 2016-02-03 20:14 - 01247112 _____ (Mojang) C:\Users\Gerson-PC\Downloads\Minecraft.exe
2016-02-02 11:34 - 2016-02-16 16:15 - 00000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGerson-PC.job
2016-01-31 20:07 - 2016-01-31 20:07 - 01474094 _____ (suprx) C:\Users\Gerson-PC\Downloads\suprx2.exe
2016-01-31 00:00 - 2016-01-31 00:00 - 05157504 _____ C:\Users\Gerson-PC\Downloads\Guia de receitas anarquistas completo port MA.rar
2016-01-30 17:27 - 2016-01-30 17:28 - 58543367 _____ C:\Users\Gerson-PC\Downloads\metallurgy2 1.4.6 ReiRex.rar
2016-01-30 16:39 - 2016-01-30 16:41 - 53506172 _____ C:\Users\Gerson-PC\Downloads\ShapeShifter.rar
2016-01-30 16:26 - 2016-01-30 16:32 - 252185216 _____ C:\Users\Gerson-PC\Downloads\pixelmon-do-Tio-Golden.zip
2016-01-28 21:32 - 2016-01-28 21:32 - 00003629 _____ C:\Users\Gerson-PC\Downloads\ACWarn-Plugin-In-Here.zip
2016-01-28 20:09 - 2016-01-28 20:09 - 00056319 _____ C:\Users\Gerson-PC\Downloads\LootMod 0.1 for MC 1.2.5.zip
2016-01-28 19:21 - 2016-01-28 19:31 - 435503655 _____ C:\Users\Gerson-PC\Downloads\Rezende Avetureiro - Modpack.rar
2016-01-28 19:14 - 2016-01-28 19:14 - 00007637 _____ C:\Users\Gerson-PC\Downloads\vanilla.recipes
2016-01-28 19:11 - 2016-01-28 19:11 - 00027394 _____ C:\Users\Gerson-PC\Downloads\Emerald-and-Obsidian-Tools.zip
2016-01-28 18:42 - 2016-01-28 18:42 - 00583488 _____ C:\Users\Gerson-PC\Downloads\CustomMobSpawner 3.0.0.zip
2016-01-28 18:19 - 2016-01-28 18:19 - 00622570 _____ C:\Users\Gerson-PC\Downloads\Guardsmod v1.3 (1).zip
2016-01-28 18:17 - 2016-01-28 18:18 - 02312461 _____ C:\Users\Gerson-PC\Downloads\forge-1.6.4-9.11.1.1345-installer.jar
2016-01-28 01:28 - 2016-01-16 03:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 01:28 - 2016-01-16 03:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 01:28 - 2016-01-16 03:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 01:28 - 2016-01-16 03:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 01:28 - 2016-01-16 03:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 01:28 - 2016-01-16 03:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 01:28 - 2016-01-16 03:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 01:28 - 2016-01-16 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 01:28 - 2016-01-16 03:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 01:28 - 2016-01-16 03:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 01:28 - 2016-01-16 03:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 01:28 - 2016-01-16 03:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 01:28 - 2016-01-16 02:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 01:28 - 2016-01-16 02:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 01:28 - 2016-01-16 02:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 01:28 - 2016-01-16 02:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 01:28 - 2016-01-16 02:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 01:28 - 2016-01-16 02:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 01:28 - 2016-01-16 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 01:28 - 2016-01-16 02:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 01:28 - 2016-01-16 02:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 01:28 - 2016-01-16 02:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 01:28 - 2016-01-16 02:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 01:28 - 2016-01-16 02:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 01:28 - 2016-01-16 02:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 01:28 - 2016-01-16 02:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 01:28 - 2016-01-16 02:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 01:28 - 2016-01-16 02:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 01:28 - 2016-01-16 02:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 01:28 - 2016-01-16 02:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 01:28 - 2016-01-16 02:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 01:28 - 2016-01-16 02:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 01:28 - 2016-01-16 02:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 01:28 - 2016-01-16 02:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 01:28 - 2016-01-16 02:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 01:28 - 2016-01-16 02:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 01:28 - 2016-01-16 02:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 01:28 - 2016-01-16 02:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 01:28 - 2016-01-16 02:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 01:28 - 2016-01-16 02:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 01:28 - 2016-01-16 02:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 01:28 - 2016-01-16 02:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 01:28 - 2016-01-16 02:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 01:27 - 2016-01-16 03:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 01:27 - 2016-01-16 03:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 01:27 - 2016-01-16 03:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 01:27 - 2016-01-16 03:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 01:27 - 2016-01-16 03:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 01:27 - 2016-01-16 03:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 01:27 - 2016-01-16 03:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 01:27 - 2016-01-16 02:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 01:27 - 2016-01-16 02:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 01:27 - 2016-01-16 02:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 01:27 - 2016-01-16 02:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 01:27 - 2016-01-16 02:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 01:27 - 2016-01-16 02:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 01:27 - 2016-01-16 02:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 01:27 - 2016-01-16 02:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 01:27 - 2016-01-16 02:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 01:27 - 2016-01-16 02:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 01:27 - 2016-01-16 02:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 01:27 - 2016-01-16 02:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 01:27 - 2016-01-16 02:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 01:27 - 2016-01-16 02:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 01:27 - 2016-01-16 02:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 01:27 - 2016-01-16 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 01:27 - 2016-01-16 02:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 01:27 - 2016-01-16 02:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 01:27 - 2016-01-16 02:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 01:27 - 2016-01-16 02:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 01:27 - 2016-01-16 02:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 01:27 - 2016-01-16 02:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 01:27 - 2016-01-16 02:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 01:27 - 2016-01-16 02:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 01:27 - 2016-01-16 02:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 01:27 - 2016-01-16 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 01:27 - 2016-01-16 02:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 01:27 - 2016-01-16 02:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 01:27 - 2016-01-16 02:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 01:27 - 2016-01-16 02:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 01:27 - 2016-01-16 02:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 01:27 - 2016-01-16 02:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 01:27 - 2016-01-16 02:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 01:27 - 2016-01-16 02:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 01:27 - 2016-01-16 02:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 01:27 - 2016-01-16 02:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 01:27 - 2016-01-16 02:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 01:27 - 2016-01-16 02:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 01:27 - 2016-01-16 02:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 01:27 - 2016-01-16 02:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 01:27 - 2016-01-16 02:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 01:27 - 2016-01-16 02:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 01:27 - 2016-01-16 02:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-27 20:38 - 2016-01-27 20:47 - 412679786 _____ C:\Users\Gerson-PC\Downloads\minecraft.rar
2016-01-27 00:42 - 2016-02-03 21:55 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\PointBlank
2016-01-27 00:38 - 2016-02-05 20:09 - 00036904 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-01-27 00:38 - 2016-02-05 20:09 - 00019176 _____ C:\WINDOWS\xspirit.sys
2016-01-27 00:10 - 2016-01-27 00:10 - 00000786 _____ C:\Users\Gerson-PC\Desktop\PointBlank.lnk
2016-01-27 00:10 - 2016-01-27 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank
2016-01-27 00:04 - 2016-01-27 00:04 - 00000000 ____D C:\ongame
2016-01-26 23:30 - 2016-01-26 23:30 - 00011576 _____ C:\Users\Gerson-PC\Downloads\PointBlankSetup_20150813.torrent
2016-01-26 20:03 - 2016-01-26 20:04 - 04734232 _____ () C:\Users\Gerson-PC\Downloads\TechnicLauncher (2).exe
2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Google
2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-01-26 19:27 - 2016-01-26 19:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-01-26 03:10 - 2016-01-26 03:10 - 00054706 _____ C:\Users\Gerson-PC\Downloads\scarface-528-poster (1)
2016-01-26 03:10 - 2016-01-26 03:10 - 00054706 _____ C:\Users\Gerson-PC\Downloads\scarface-528-poster
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-25 23:38 - 2015-11-19 22:02 - 01819274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-25 23:38 - 2015-10-30 16:11 - 00785262 _____ C:\WINDOWS\system32\prfh0416.dat
2016-02-25 23:38 - 2015-10-30 16:11 - 00154048 _____ C:\WINDOWS\system32\prfc0416.dat
2016-02-25 23:38 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-25 23:36 - 2016-01-15 11:03 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-02-25 23:36 - 2016-01-15 11:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-02-25 23:35 - 2015-11-25 13:48 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\LogMeIn Hamachi
2016-02-25 23:33 - 2015-11-25 21:45 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Skype
2016-02-25 23:32 - 2016-01-10 02:56 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-25 23:32 - 2015-12-16 18:04 - 00000334 _____ C:\WINDOWS\Tasks\{8EF42242-F6C9-48C9-8BCF-195C9A16E87D}.job
2016-02-25 23:32 - 2015-11-19 22:12 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-25 23:32 - 2015-11-19 22:12 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-25 23:32 - 2015-11-02 15:25 - 00000000 __SHD C:\Users\Gerson-PC\IntelGraphicsProfiles
2016-02-25 23:31 - 2016-01-10 03:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-25 23:20 - 2015-11-20 21:07 - 00001140 _____ C:\Users\Gerson-PC\Desktop\nativelog.txt
2016-02-25 17:55 - 2015-11-20 11:55 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{180EAB1A-FCBF-461A-B8C1-830DA6428D6C}
2016-02-25 16:43 - 2016-01-10 02:59 - 00000000 ____D C:\Users\Gerson-PC
2016-02-25 16:20 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-25 15:46 - 2015-11-21 00:32 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\MPC-HC
2016-02-25 15:18 - 2015-12-16 18:04 - 00002119 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2016-02-25 15:18 - 2015-11-19 22:35 - 00000269 _____ C:\WINDOWS\win.ini
2016-02-24 22:00 - 2015-09-10 02:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-24 20:54 - 2016-01-10 03:50 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-24 20:53 - 2015-11-21 00:27 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\Media Player Classic
2016-02-24 17:53 - 2015-12-16 18:06 - 00001490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-24 17:52 - 2015-11-19 22:35 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-24 17:52 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-24 17:11 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-24 15:38 - 2015-11-20 11:50 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\.minecraft
2016-02-24 14:06 - 2016-01-24 17:03 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\.technic
2016-02-23 20:14 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-23 16:41 - 2015-11-20 23:20 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\uTorrent
2016-02-21 16:24 - 2015-11-26 09:04 - 00000000 ____D C:\Users\Gerson-PC\AppData\Roaming\PhotoScape
2016-02-21 13:31 - 2015-11-18 14:03 - 00001242 _____ C:\Users\Gerson-PC\Downloads\nativelog.txt
2016-02-21 13:31 - 2015-11-18 14:03 - 00000000 ____D C:\Users\Gerson-PC\Downloads\game
2016-02-15 05:57 - 2016-01-23 18:00 - 00000000 ____D C:\Users\Gerson-PC\Desktop\WhatsApp
2016-02-15 05:13 - 2016-01-23 16:47 - 00000000 ____D C:\Users\Gerson-PC\Desktop\Aqui
2016-02-15 05:13 - 2015-11-22 17:37 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\ElevatedDiagnostics
2016-02-12 22:50 - 2015-11-22 18:38 - 00000843 _____ C:\Users\Gerson-PC\Desktop\LASZ.txt
2016-02-12 19:08 - 2015-11-25 21:44 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-02-12 19:08 - 2015-11-25 21:44 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 12:21 - 2016-01-10 03:48 - 00000000 ____D C:\Windows.old
2016-02-12 10:21 - 2016-01-07 22:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-11 20:16 - 2015-11-19 22:04 - 00002381 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-11 20:16 - 2015-11-02 14:42 - 00000000 ___RD C:\Users\Gerson-PC\OneDrive
2016-02-11 07:01 - 2015-11-19 21:59 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\Packages
2016-02-11 06:24 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 22:16 - 2016-01-11 11:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-10 22:16 - 2016-01-11 11:12 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-02-10 11:59 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 01:45 - 2015-11-20 22:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 01:45 - 2015-11-20 22:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 01:44 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-08 13:28 - 2016-01-15 11:04 - 00001742 _____ C:\Users\Gerson-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-02-08 13:28 - 2016-01-15 11:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksGameManager
2016-02-08 13:28 - 2016-01-15 11:04 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-02-08 13:28 - 2015-10-30 04:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\ProgramData\BlueStacks
2016-02-08 13:27 - 2016-01-15 11:04 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-02-05 22:09 - 2015-12-16 21:53 - 00000000 ____D C:\Users\Gerson-PC\AppData\Local\MEGAsync
2016-02-03 16:01 - 2015-10-30 04:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 16:01 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-01 13:49 - 2015-12-17 22:11 - 00000026 _____ C:\Users\Gerson-PC\Desktop\Novo Documento de Texto.txt
2016-02-01 13:37 - 2015-12-24 17:53 - 00000183 _____ C:\Users\Gerson-PC\Desktop\gzx.txt
2016-02-01 13:30 - 2015-12-17 00:47 - 00001029 _____ C:\Users\Gerson-PC\Desktop\la vem.txt
2016-02-01 03:27 - 2015-11-19 22:12 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 03:27 - 2015-11-19 22:12 - 00003922 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 14:52 - 2016-01-10 02:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-30 14:52 - 2015-11-26 06:53 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 13:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 03:39 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-26 19:27 - 2015-11-26 09:05 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-01-26 19:27 - 2015-11-26 09:05 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-01-26 19:27 - 2015-11-26 09:05 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-01-26 19:27 - 2015-11-26 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Arquivos na raiz de alguns diretórios =======
2016-02-25 11:45 - 2016-02-25 11:45 - 0032038 _____ () C:\Users\Gerson-PC\AppData\Roaming\Edge.ico
2016-02-24 18:52 - 2016-02-24 18:52 - 0000045 _____ () C:\Users\Gerson-PC\AppData\Roaming\WB.CFG
2015-11-23 17:58 - 2015-11-23 17:58 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-10 02:56 - 2016-01-10 02:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{8EF42242-F6C9-48C9-8BCF-195C9A16E87D}.job
Alguns arquivos em TEMP:
====================
C:\Users\Gerson-PC\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-02-18 16:14
==================== Fim de FRST.txt ============================