cjoint

Publicité


Publicité

Commentaire : http://www.cjoint.com/c/FDddXFLffWv

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por user (administrador) em USER-PC (03-04-2016 00:39:44)
Executando a partir de C:\Users\user\Downloads
Perfis Carregados: user (Perfis Disponíveis: user)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\knsgEE6E.tmpfs
() C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\hnsq21E4.tmp
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\jnsq9D0.tmp
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.11245\WeatherService.exe
() C:\Program Files (x86)\D-Link\DWA-132\WPSHWPBC.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.11245\weather.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157456 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-02-11] (Electronic Arts)
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [868864 2016-03-17] (RemoteMouse.net)
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2041856 2016-03-31] ()
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\MountPoints2: E - E:\startme.exe
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\MountPoints2: {49ff3cc7-b527-11e5-b6c6-002655af5a81} - E:\startme.exe
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\MountPoints2: {525e4384-a8aa-11e5-bb47-002655af5a81} - E:\iStudio.exe
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\...\MountPoints2: {aaa0335c-683c-11e5-b216-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-10-01] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{87932A88-1B7C-493C-8FCC-15B3965DDE19}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B8CA8357-141E-4629-8C73-B587976D50BC}: [DhcpNameServer] 187.122.127.34 187.122.127.58
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=fdb7b8b9dfb9a72e30f99445d12b2bcc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=fdb7b8b9dfb9a72e30f99445d12b2bcc
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://yoursites123.com/web?type=ds&ts=1451895776&z=2f08d018d9f6a0d3605c05egfz0wdg8bbt8w5m7c1c&from=wpm12253&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\Software\Microsoft\Internet Explorer\Main,Start Page = kino-on-line.my1.ru
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35
HKU\S-1-5-21-477325340-1462177856-3662902613-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://yoursites123.com/web?type=ds&ts=1451895776&z=2f08d018d9f6a0d3605c05egfz0wdg8bbt8w5m7c1c&from=wpm12253&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\user\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-477325340-1462177856-3662902613-1000 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\user\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449713001&z=f81d724519439ab2c6988a6g0z3zctem6g6o7t2tbb&from=ient07021&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35&q={searchTerms}
SearchScopes: HKU\S-1-5-21-477325340-1462177856-3662902613-1000 -> DefaultScope {C43B659C-7A46-449E-90CA-40E771DB1FB0} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN19121956751212256&UM=4
SearchScopes: HKU\S-1-5-21-477325340-1462177856-3662902613-1000 -> {C43B659C-7A46-449E-90CA-40E771DB1FB0} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN19121956751212256&UM=4
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: BS Player ControlBar B Toolbar -> {31264a33-a653-46c4-af49-1232c59a7da5} -> C:\Users\user\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-25] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-25] (Oracle Corporation)
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\user\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1446482434&z=1b69bb6ed8f0e8fc08bdde3g4z8zaq5zcb8g3t2z3c&from=cor&uid=ST1000DM003-1ER162_Z4Y5YM35XXXXZ4Y5YM35

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-11-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-11-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-10-28] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-11] (Electronic Arts)
R2 rijufoze; C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\hnsq21E4.tmp [138240 2016-04-02] () [Arquivo não assinado]
R2 rocufyky; C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\jnsq9D0.tmp [389632 2016-04-02] () [Arquivo não assinado]
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-10-28] ()
R2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.11245\WeatherService.exe [141960 2016-03-21] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316472 2016-03-29] ()
R2 WPSHWPBC; C:\Program Files (x86)\D-Link\DWA-132\WPSHWPBC.exe [318976 2013-01-17] () [Arquivo não assinado]
R2 buzisoruzbt; C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3\knsgEE6E.tmpfs [X]
S2 ggbugreport; "C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AVER_H193; C:\Windows\System32\drivers\AVer888RC_64.sys [542464 2009-07-01] (AVerMedia TECHNOLOGIES, Inc.)
R3 CXCIR; C:\Windows\System32\DRIVERS\AVer888RCIR_64.sys [39424 2009-07-01] (AVerMedia TECHNOLOGIES, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-01-03] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-03 00:35 - 2016-04-03 00:37 - 00037960 _____ C:\Users\user\Downloads\Addition.txt
2016-04-03 00:34 - 2016-04-03 00:39 - 00017411 _____ C:\Users\user\Downloads\FRST.txt
2016-04-03 00:34 - 2016-04-03 00:39 - 00000000 ____D C:\FRST
2016-04-03 00:33 - 2016-04-03 00:33 - 02374144 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2016-04-03 00:13 - 2016-04-03 00:13 - 00001225 _____ C:\Users\user\Desktop\Continue PcSpeedUp Uninstaller.lnk
2016-04-03 00:02 - 2016-04-03 00:02 - 00003014 _____ C:\Windows\System32\Tasks\ttwifi
2016-04-03 00:02 - 2016-04-03 00:02 - 00002910 _____ C:\Windows\System32\Tasks\osTip
2016-04-03 00:02 - 2016-04-03 00:02 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-03 00:02 - 2016-04-03 00:02 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-03 00:02 - 2016-04-03 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-03 00:02 - 2016-04-03 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-04-02 23:47 - 2016-04-02 23:47 - 00000000 ____D C:\Users\user\AppData\Roaming\Spotify
2016-04-02 23:46 - 2016-04-02 23:46 - 00350936 _____ (Spotify Ltd) C:\Users\user\Downloads\SpotifySetup.exe
2016-04-02 23:30 - 2016-04-02 23:30 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2016-04-02 23:30 - 2016-04-02 23:30 - 00000000 ____D C:\Program Files (x86)\AAB7A280-1459650621-1015-AE48-D9BE395374E3
2016-04-02 23:30 - 2016-04-02 23:28 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-02 23:28 - 2016-04-03 00:11 - 00000000 ____D C:\Users\user\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-02 23:28 - 2016-04-02 23:28 - 00015160 _____ C:\Windows\System32\Tasks\WinTaske
2016-04-02 23:28 - 2016-04-02 23:28 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-02 23:28 - 2016-04-02 23:28 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-04-02 23:28 - 2016-04-02 23:28 - 00000000 ____D C:\Program Files (x86)\Winsere
2016-04-02 23:28 - 2016-04-02 23:28 - 00000000 ____D C:\extensions
2016-04-02 23:24 - 2016-04-02 23:24 - 00002950 _____ C:\Windows\System32\Tasks\{381F0057-BDAF-4F53-B5E8-12A928588A04}
2016-04-02 23:19 - 2016-04-02 23:23 - 00000000 ____D C:\Users\user\Downloads\Minecraft 1.7.2 Cracked [Full Installer] [Online] [Server List]
2016-03-25 20:31 - 2016-03-25 20:31 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-25 20:31 - 2016-03-25 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-25 20:31 - 2016-03-25 20:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-25 20:30 - 2016-03-25 20:30 - 00003272 _____ C:\Windows\System32\Tasks\{2FA1D10C-DAB2-4235-A110-C96EB9BC3A3C}
2016-03-25 20:27 - 2016-03-25 20:28 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-03-25 20:27 - 2016-03-25 20:28 - 00000000 ____D C:\ProgramData\Oracle
2016-03-25 20:27 - 2016-03-25 20:27 - 00003158 _____ C:\Windows\System32\Tasks\{D9463B49-ED45-4A94-8F69-DACF22561940}
2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\Users\user\AppData\Roaming\Sun
2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\Users\user\AppData\LocalLow\Sun
2016-03-25 20:27 - 2016-03-25 20:27 - 00000000 ____D C:\Users\user\.oracle_jre_usage
2016-03-25 20:26 - 2016-03-25 20:26 - 00000000 ____D C:\Users\user\AppData\LocalLow\Oracle
2016-03-25 20:23 - 2016-03-25 20:23 - 00003158 _____ C:\Windows\System32\Tasks\{A1D19200-87CD-4769-A454-7F0968B6F7BC}
2016-03-25 20:22 - 2016-03-25 20:22 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-03-25 20:22 - 2016-03-25 20:22 - 00000000 ____D C:\ProgramData\Skype
2016-03-24 21:22 - 2016-03-24 21:22 - 00000000 ____D C:\Users\Todos os Usuários\Playrix Entertainment
2016-03-24 21:22 - 2016-03-24 21:22 - 00000000 ____D C:\ProgramData\Playrix Entertainment
2016-03-24 21:12 - 2016-03-24 21:12 - 00000000 ____D C:\Users\user\AppData\Roaming\AlawarEntertainment
2016-03-24 21:12 - 2016-03-24 21:12 - 00000000 ____D C:\Users\Todos os Usuários\AlawarEntertainment
2016-03-24 21:12 - 2016-03-24 21:12 - 00000000 ____D C:\ProgramData\AlawarEntertainment
2016-03-24 21:08 - 2016-03-24 21:12 - 00000000 ____D C:\Users\Todos os Usuários\FarmFrenzy3_America
2016-03-24 21:08 - 2016-03-24 21:12 - 00000000 ____D C:\ProgramData\FarmFrenzy3_America
2016-03-24 21:08 - 2016-03-24 21:08 - 00000000 ____D C:\Users\Todos os Usuários\AlawarWrapper
2016-03-24 21:08 - 2016-03-24 21:08 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2016-03-24 21:08 - 2016-03-24 21:08 - 00000000 ____D C:\ProgramData\AlawarWrapper
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-03-24 20:54 - 2016-03-24 20:54 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Luxor Amun Rising
2016-03-24 20:54 - 2016-03-24 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luxor Amun Rising
2016-03-24 20:53 - 2016-03-24 20:54 - 00000000 ____D C:\Program Files (x86)\Luxor Amun Rising
2016-03-24 20:53 - 2016-03-24 20:53 - 00000000 ____D C:\Windows\Luxor Amun Rising
2016-03-24 20:53 - 2016-03-24 20:53 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy Hurricane Season
2016-03-24 20:53 - 2016-03-24 20:53 - 00000000 ____D C:\Program Files (x86)\Foxy Games
2016-03-24 20:52 - 2016-04-02 09:17 - 00000000 ____D C:\Users\user\Downloads\Jogos
2016-03-24 20:52 - 2016-03-24 20:52 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FarmFrenzy 3 American Pie
2016-03-24 20:52 - 2016-03-24 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarmFrenzy 3 American Pie
2016-03-24 20:52 - 2016-03-24 20:52 - 00000000 ____D C:\Program Files (x86)\FarmFrenzy 3 American Pie
2016-03-24 20:40 - 2016-03-24 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2016-03-24 20:39 - 2016-03-24 20:39 - 00000000 ____D C:\Program Files (x86)\GameTop.com
2016-03-24 20:26 - 2016-03-24 20:27 - 00000000 ____D C:\Program Files (x86)\Zuma's Revenge
2016-03-24 20:26 - 2016-03-24 20:26 - 00003318 _____ C:\Windows\System32\Tasks\{37498C2E-F251-4C86-B746-64C225300E92}
2016-03-24 20:17 - 2016-03-24 20:17 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zuma Deluxe RA
2016-03-24 20:17 - 2016-03-24 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zuma Deluxe RA
2016-03-24 20:17 - 2016-03-24 20:17 - 00000000 ____D C:\Program Files (x86)\Zuma Deluxe
2016-03-24 03:00 - 2016-03-24 03:00 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-03-19 18:57 - 2016-03-19 18:57 - 00000000 ____D C:\Program Files (x86)\Rock
2016-03-19 18:56 - 2016-03-19 18:58 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-03-15 19:40 - 2012-10-03 14:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2016-03-15 19:40 - 2012-10-03 14:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-03-15 19:40 - 2012-10-03 14:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-03-15 19:40 - 2012-10-03 13:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2016-03-15 19:40 - 2012-10-03 13:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-03-15 19:40 - 2012-10-03 13:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-03-15 19:39 - 2016-02-11 15:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-15 19:39 - 2016-02-11 15:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-15 19:39 - 2016-02-11 15:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-15 19:39 - 2016-02-11 15:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-15 19:39 - 2016-02-11 15:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-15 19:39 - 2016-02-11 15:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-15 19:39 - 2016-02-11 15:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-15 19:39 - 2016-02-11 15:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-15 19:39 - 2016-02-11 15:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-15 19:39 - 2016-02-11 15:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-15 19:39 - 2016-02-11 15:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-15 19:39 - 2016-02-11 15:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-15 19:39 - 2016-02-11 15:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-15 19:39 - 2016-02-11 15:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-15 19:39 - 2016-02-11 15:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-15 19:39 - 2016-02-11 15:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-15 19:39 - 2016-02-11 15:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-15 19:39 - 2016-02-11 15:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-15 19:39 - 2016-02-11 15:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-15 19:39 - 2016-02-11 15:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-15 19:39 - 2016-02-11 15:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-15 19:39 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-15 19:39 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-15 19:39 - 2016-02-11 15:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-15 19:39 - 2016-02-11 15:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-15 19:39 - 2016-02-11 15:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-15 19:39 - 2016-02-11 15:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-15 19:39 - 2016-02-11 15:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-15 19:39 - 2016-02-11 15:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-15 19:39 - 2016-02-11 15:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-15 19:39 - 2016-02-11 15:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-15 19:39 - 2016-02-11 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-15 19:39 - 2016-02-11 15:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-15 19:39 - 2016-02-11 15:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 14:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-15 19:39 - 2016-02-11 14:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-15 19:39 - 2016-02-11 14:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-15 19:39 - 2016-02-11 14:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-15 19:39 - 2016-02-11 14:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-15 19:39 - 2016-02-11 14:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-15 19:39 - 2016-02-11 14:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-15 19:39 - 2016-02-11 14:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-15 19:39 - 2016-02-11 14:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-15 19:39 - 2016-02-11 14:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-15 19:39 - 2016-02-11 14:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-15 19:39 - 2016-02-11 14:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-15 19:39 - 2016-02-11 14:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-15 19:39 - 2016-02-11 14:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-15 19:39 - 2016-02-11 14:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-15 19:39 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-14 14:27 - 2016-03-24 16:54 - 00000000 ____D C:\Users\user\Desktop\Anglo
2016-03-14 14:11 - 2015-11-05 16:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-03-14 14:11 - 2015-11-05 16:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-03-14 14:10 - 2016-02-12 15:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-14 14:10 - 2016-02-12 15:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-14 14:10 - 2016-02-12 15:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-14 14:10 - 2016-02-12 15:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-14 14:10 - 2016-02-12 15:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-14 14:10 - 2016-02-12 15:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-14 14:10 - 2016-02-12 15:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-14 14:10 - 2016-02-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-14 14:10 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-14 14:10 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-14 14:10 - 2016-02-12 15:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-14 14:10 - 2016-02-12 15:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-14 14:10 - 2016-02-12 15:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-14 14:10 - 2016-02-12 15:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-14 14:10 - 2016-02-12 15:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-14 14:10 - 2016-02-12 15:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-14 14:10 - 2012-10-09 15:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-03-14 14:10 - 2012-10-09 15:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-03-14 14:10 - 2012-10-09 14:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-03-14 14:10 - 2012-10-09 14:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-03-14 14:09 - 2016-01-22 03:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-14 14:09 - 2016-01-22 03:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-14 14:09 - 2016-01-22 03:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-14 14:09 - 2016-01-22 03:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-14 14:09 - 2016-01-22 03:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-14 14:09 - 2016-01-22 02:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-14 14:09 - 2016-01-22 02:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-14 14:09 - 2016-01-22 02:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-09 18:27 - 2016-02-05 15:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 18:27 - 2016-02-05 15:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 18:27 - 2016-02-05 15:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 18:27 - 2016-02-05 15:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 18:27 - 2016-02-05 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 18:27 - 2016-02-05 15:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 18:27 - 2016-02-05 15:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 18:27 - 2016-02-05 14:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 18:27 - 2016-02-05 14:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 18:27 - 2016-02-05 14:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 18:27 - 2011-05-04 02:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-03-09 18:27 - 2011-05-04 02:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-03-09 18:27 - 2011-05-04 02:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-03-09 18:27 - 2011-05-04 02:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-03-09 18:27 - 2011-05-04 02:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-03-09 18:27 - 2011-05-04 02:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-03-09 18:27 - 2011-05-04 02:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-03-09 18:27 - 2011-05-04 02:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-03-09 18:27 - 2011-05-04 02:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-03-09 18:27 - 2011-05-04 01:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-03-09 18:27 - 2011-05-04 01:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-03-09 18:27 - 2011-05-04 01:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-03-09 18:27 - 2011-05-04 01:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-03-09 18:27 - 2011-05-04 01:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-03-09 18:27 - 2011-05-04 01:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-03-09 18:27 - 2011-05-04 01:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-03-09 18:27 - 2011-05-04 01:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-03-09 18:27 - 2011-05-04 01:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-03-08 20:30 - 2016-02-04 14:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-08 20:30 - 2016-02-03 15:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-08 20:30 - 2016-02-03 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-08 20:30 - 2016-02-03 15:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-08 20:30 - 2016-02-03 15:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 20:30 - 2016-02-03 15:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 20:30 - 2016-01-11 16:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-08 20:29 - 2016-02-09 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-08 20:29 - 2016-02-04 22:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-08 20:29 - 2016-02-04 15:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-07 03:00 - 2015-01-08 20:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2016-03-07 03:00 - 2015-01-08 20:43 - 00419936 _____ C:\Windows\system32\locale.nls
2016-03-06 17:36 - 2016-03-06 17:36 - 00003286 _____ C:\Windows\System32\Tasks\{55127CB9-85EE-4D69-8CAF-9A4F8D908969}
2016-03-06 00:58 - 2016-03-06 00:58 - 00000000 ____D C:\Users\user\Documents\League of Legends
2016-03-05 18:27 - 2016-03-05 18:27 - 00000000 ____D C:\Riot Games
2016-03-05 18:27 - 2016-03-05 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-03-05 18:10 - 2016-03-05 18:10 - 00000000 ____D C:\Users\user\048298C9A4D3490B9FF9AB023A9238F3.TMP
2016-03-05 17:58 - 2016-03-05 18:03 - 00000000 ____D C:\Windows\system32\MRT
2016-03-05 17:58 - 2016-03-05 17:58 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-05 16:00 - 2016-03-20 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2016-03-05 16:00 - 2016-03-20 01:14 - 00000000 ____D C:\Program Files (x86)\Remote Mouse
2016-03-05 10:20 - 2016-03-05 10:20 - 00000000 ____D C:\Windows\SysWOW64\directx

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-03 00:38 - 2009-07-14 01:45 - 00023088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-03 00:38 - 2009-07-14 01:45 - 00023088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-03 00:27 - 2015-10-16 18:32 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-04-03 00:27 - 2015-10-16 18:32 - 00000000 ____D C:\ProgramData\Origin
2016-04-03 00:16 - 2015-10-01 21:35 - 00000198 _____ C:\Windows\Tasks\AutoKMS.job
2016-04-03 00:15 - 2015-11-09 20:49 - 00000304 _____ C:\Windows\Tasks\{89609BFF-EACC-4F9F-B5CA-C5CD3E6C17F7}.job
2016-04-03 00:15 - 2015-10-12 21:30 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-03 00:15 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-03 00:11 - 2015-10-28 15:53 - 00000000 ____D C:\Users\user\AppData\Roaming\Mozilla
2016-04-03 00:11 - 2015-10-12 21:30 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-03 00:08 - 2015-10-10 14:14 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2016-04-03 00:08 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-04-03 00:06 - 2009-07-29 13:08 - 00705474 _____ C:\Windows\system32\prfh0416.dat
2016-04-03 00:06 - 2009-07-29 13:08 - 00147314 _____ C:\Windows\system32\prfc0416.dat
2016-04-03 00:06 - 2009-07-14 02:13 - 01634498 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-02 23:47 - 2015-10-12 21:30 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-02 23:30 - 2015-10-01 19:58 - 00000000 ___RD C:\Users\user\Desktop\Jogos
2016-04-02 23:16 - 2016-03-02 19:29 - 00000000 ____D C:\Users\user\AppData\LocalLow\uTorrent
2016-04-02 23:12 - 2015-10-16 19:39 - 00000000 ____D C:\Users\user\AppData\Local\Origin
2016-04-02 23:11 - 2015-10-16 19:39 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-04-02 23:09 - 2015-10-16 18:34 - 00000000 ____D C:\Users\user\AppData\Roaming\Origin
2016-04-02 09:27 - 2015-10-10 16:50 - 00000000 ____D C:\Users\user\AppData\Roaming\WeatherTool
2016-04-02 09:16 - 2015-10-01 21:12 - 00000000 ____D C:\Users\user\Downloads\Outros
2016-04-02 08:43 - 2015-10-09 00:06 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForuser.job
2016-04-01 17:17 - 2015-10-09 00:06 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForuser
2016-03-30 18:59 - 2015-10-01 18:26 - 00000000 ____D C:\Users\user\Desktop\Programas
2016-03-25 03:00 - 2015-11-01 02:43 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-25 03:00 - 2015-11-01 02:43 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-25 02:42 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-03-24 21:22 - 2015-10-01 10:17 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2016-03-24 21:18 - 2015-10-16 19:42 - 00000000 ____D C:\Users\Todos os Usuários\PopCap Games
2016-03-24 21:18 - 2015-10-16 19:42 - 00000000 ____D C:\ProgramData\PopCap Games
2016-03-24 20:58 - 2016-01-03 11:23 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-24 20:26 - 2015-10-16 23:16 - 00000000 ____D C:\Program Files (x86)\PopCap Games
2016-03-24 17:18 - 2016-01-07 18:39 - 00000000 ____D C:\Users\user\Downloads\Musicas
2016-03-24 16:59 - 2015-10-16 14:21 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-03-24 16:59 - 2015-10-01 15:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-24 16:59 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-24 16:55 - 2015-10-01 18:26 - 00000000 ____D C:\Users\user\Desktop\Fotos
2016-03-24 03:00 - 2015-10-27 06:27 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-03-20 16:27 - 2015-10-01 21:27 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-19 19:01 - 2015-10-12 22:44 - 00000000 ____D C:\Users\user\AppData\Local\Popcorn-Time
2016-03-16 03:18 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-03-12 12:32 - 2015-10-09 03:03 - 00000000 ____D C:\Users\user\Desktop\Series
2016-03-12 12:28 - 2016-01-03 12:10 - 00000000 ____D C:\Users\user\Downloads\Roller Coaster Tycoon 3 Platinum (Soaked + Wild Expansions)(Direct Play) - RELOADED by CarlesNeo
2016-03-10 03:17 - 2009-07-14 01:45 - 00413552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-06 20:52 - 2016-01-03 12:21 - 00000000 ____D C:\Users\user\Desktop\RollerCoaster Tycoon 3 Platinum
2016-03-06 17:35 - 2015-10-01 15:21 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-03-06 17:30 - 2015-11-17 12:51 - 00000000 ____D C:\Games
2016-03-05 18:29 - 2015-10-10 23:03 - 00000000 ____D C:\Users\user\AppData\Roaming\Riot Games

==================== Arquivos na raiz de alguns diretórios =======

2016-01-04 05:22 - 2016-01-04 05:22 - 2863895 _____ (iBank) C:\Program Files (x86)\SSFK.exe
2016-01-08 18:59 - 2016-01-08 19:00 - 29511952 _____ (Sony Mobile Communications ) C:\Users\user\AppData\Local\pcc.exe
2015-11-10 17:15 - 2015-11-10 17:15 - 0164062 _____ () C:\Users\user\AppData\Local\tmpIMG_7220.0
2015-11-10 17:15 - 2015-11-10 17:15 - 0086586 _____ () C:\Users\user\AppData\Local\tmpIMG_7220.JPG
2015-12-11 20:26 - 2015-12-11 20:26 - 5174680 _____ ((c) PC Cleaners Inc) C:\ProgramData\pclunst.exe
2015-11-02 13:40 - 2016-01-08 03:15 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\pclunst.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\pclunst.exe
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\Tasks\{89609BFF-EACC-4F9F-B5CA-C5CD3E6C17F7}.job


Alguns arquivos em TEMP:
====================
C:\Users\user\AppData\Local\Temp\84BA.tmp.exe
C:\Users\user\AppData\Local\Temp\A6DB.tmp.exe
C:\Users\user\AppData\Local\Temp\AF92.tmp.exe
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\befjaibjef.exe
C:\Users\user\AppData\Local\Temp\EAD3AD1.exe
C:\Users\user\AppData\Local\Temp\EAD4CDA.exe
C:\Users\user\AppData\Local\Temp\EAD549B.exe
C:\Users\user\AppData\Local\Temp\EAD65F9.exe
C:\Users\user\AppData\Local\Temp\EAD7C0.exe
C:\Users\user\AppData\Local\Temp\EAD8EB.exe
C:\Users\user\AppData\Local\Temp\F122.tmp.exe
C:\Users\user\AppData\Local\Temp\installerdll25996880.dll
C:\Users\user\AppData\Local\Temp\NetFramework45.exe
C:\Users\user\AppData\Local\Temp\nsp8DB0.exe
C:\Users\user\AppData\Local\Temp\ose00000.exe
C:\Users\user\AppData\Local\Temp\RemoteMouse.exe
C:\Users\user\AppData\Local\Temp\setup.dll
C:\Users\user\AppData\Local\Temp\SIntf16.dll
C:\Users\user\AppData\Local\Temp\SIntf32.dll
C:\Users\user\AppData\Local\Temp\SIntfNT.dll
C:\Users\user\AppData\Local\Temp\spark_install.exe
C:\Users\user\AppData\Local\Temp\UninstallEADM.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-03-25 02:35

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité