FRST.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por Messias (administrador) em MESSIAS-PC (09-04-2016 17:22:34)
Executando a partir de C:\Users\Messias\Downloads
Perfis Carregados: Messias (Perfis Disponíveis: Messias)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\CloudPrinter\CloudPrinter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() C:\Windows\fjp.exe
() C:\Users\Messias\AppData\Roaming\Yfeqj\Yfeqj.exe
() C:\Users\Messias\AppData\Roaming\Yfeqj\Yhuzuwumri.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
() C:\Users\Messias\AppData\Roaming\Yfeqj\Mapuyg.exe
(VLOME) C:\Users\Messias\AppData\Local\Temp\is-2V1Q0.tmp\print.exe
() C:\Users\Messias\AppData\Roaming\CuiiAxek\Gorjev.exe
() C:\Users\Messias\AppData\Roaming\SeejBudseje\Semud.exe
() C:\Windows\mfjp.exe
() C:\Users\Messias\AppData\Roaming\Oluungorri\Oluungorri.exe
() C:\Users\Messias\AppData\Roaming\Oluungorri\Wueushas.exe
() C:\Users\Messias\AppData\Roaming\Oluungorri\Gydrozsakx.exe
() C:\Users\Messias\AppData\Roaming\Iaguwletfu\Iaguwletfu.exe
() C:\Users\Messias\AppData\Roaming\Iaguwletfu\Hiudfojp.exe
() C:\Users\Messias\AppData\Roaming\Iaguwletfu\Bhqaubuj.exe
() C:\Users\Messias\AppData\Local\Doublebase.exe
() C:\Users\Messias\AppData\Local\Apps\2.0\abril.exe
() C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\hnsa892E.tmp
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\jnsf63D1.tmp
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\knsl3F5B.tmpfs
() C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe
() C:\Users\Messias\AppData\Local\Anottrans.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.0.11150\weather.exe
(Microsoft Corporation) C:\Users\Messias\AppData\Roaming\XBox\XBLive.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
() C:\Users\Messias\AppData\Local\SunnyDay21\usun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\Messias\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Users\Messias\AppData\Local\Temp\06860\Setup.exe
() C:\Users\Messias\AppData\Roaming\msiql.exe
(MediaDownloader ) C:\Users\Messias\Downloads\MediaDownloader.exe
() C:\Users\Messias\AppData\Local\Temp\is-RF1TA.tmp\MediaDownloader.tmp
() C:\Users\Messias\AppData\Local\Setup Wizard\08fa6e8b-3ad3-4c7f-a17d-0902f05ff403\vlc-media-player.exe
(Skype Technologies S.A.) C:\Users\Messias\AppData\Local\Setup Wizard\212a2109-b485-44a1-a843-056b4b2c1898\skypesetupfull.exe
() C:\Users\Messias\AppData\Local\Temp\08960\Setup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files (x86)\JFileManager\WebBrowser.exe
() C:\Program Files (x86)\JFileManager\JFileManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Messias\Downloads\FRST64 (1).exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-11-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe [487514 2016-04-09] ( )
HKLM-x32\...\Run: [sun21] => [X]
HKLM-x32\...\Run: [rec_en_247] => [X]
HKLM-x32\...\Run: [mbot_en_037050292] => [X]
HKLM\...\RunOnce: [WINDOWS_SCREEN_MANAGER_UPDATER_1] => C:\Program Files\Windows Screen Manager\Windows screen manage updater.exe [16896 2016-04-09] (Wizzservices)
HKLM-x32\...\RunOnce: [usun.exe] => C:\Users\Messias\AppData\Local\SunnyDay21\usun.exe [3322544 2016-04-09] ()
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [Pritc] => C:\Users\Messias\AppData\Local\Temp\is-2V1Q0.tmp\print.exe [2960896 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [msiql] => c:\users\messias\appdata\roaming\msiql.exe [1917952 2016-04-01] ()
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [YeaInstaller] => C:\Users\Messias\AppData\Local\Temp\R7BEVR99F\R7BEVR99F.exe [1968128 2016-04-09] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [Chromium] => "c:\users\messias\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31090272 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\Run: [BingSvc] => C:\Users\Messias\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-04-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\RunOnce: [PriceFountain] => [X]
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\RunOnce: [UpdateTask] => [X]
HKU\S-1-5-21-4125528095-360351865-885866514-1000\...\MountPoints2: {80d97073-d824-11e5-9a41-001fc632711c} - E:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-17] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\Airtostrong\Bio-Tom.dll => C:\ProgramData\Airtostrong\Bio-Tom.dll [363520 2016-04-09] ()
AppInit_DLLs-x32: C:\ProgramData\Airtostrong\Rank-Tip.dll => C:\ProgramData\Airtostrong\Rank-Tip.dll [257536 2016-04-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserJFile.lnk [2016-04-09]
ShortcutTarget: WebBrowserJFile.lnk -> C:\Program Files (x86)\JFileManager\WebBrowser.exe ()

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.16.1
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{A4F449F0-032E-421C-B09E-95F7B048B23E}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{A4F449F0-032E-421C-B09E-95F7B048B23E}: [DhcpNameServer] 192.168.16.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms}
HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms}
HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms}
HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-4125528095-360351865-885866514-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp00HlRLCyS-ZEu96gK0oFQFgovMNImdrnic3-CtTmSrY59aFrWOc3E9E-Q_RMF-BPHEs68j66XYDjI-ktBkDMpE_JwtoGHQ,
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {ielnksrch} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://www.globasearch.com/?serie=211&installkey=QWISLZA2hXp7b9LhAwwL&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4125528095-360351865-885866514-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzIzWpjgBnLTsVRzDEtiGcJ1D13iokhnfk4dGwGDAFEVsQ1s-MoeS1jKrFzujrx2PnA6ZZkGwQkqAp0GWrtq4K7tF8ybIjjx_nmKNZC21Y1dX3kTZAso5nBXJtL9G-m589hG3FPkYQH_TQBLf6l1j0i5msE6w3ySgrfbbufJgoXU,&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\Messias\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-06-18] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=yessearches
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Search Provided by Yahoo
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_15¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0F0CyCtAtByBtCtC0CyByB0EyCtN0D0Tzu0StCyDyCtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBzzyCyD0B0C0E0FtGtCyB0CtCtG0FtA0DtCtGyEtC0F0AtGtA0A0C0FtB0A0B0A0AzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByB0EtD0C0EzyyDtGtBzytAtAtGyEtD0AtBtG0A0DyB0DtGtBtC0CyBzyyBtCyC0C0D0B0A2QtN0A0LzuyE%26cr%3D1825761697%26a%3Dwbf_nwmeddnld_16_15%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
FF Keyword.URL: hxxp://www.yessearches.com/chrome.php?uid=D6C353D4986C88AB7C2BEFCFD28DEB5F&ptid=sqr1&ts=AHEqA38oAHQoBk..&v=20160409&mode=ffexttoolbar&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF user.js: detected! => C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\user.js [2016-04-09]
FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\.xml [2016-04-09]
FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\DD1B66D4.xml [2016-04-09]
FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\navegaki.xml [2016-04-09]
FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\searchplugins\Search Provided by Yahoo.xml [2016-04-09]
FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-04-09]
FF SearchPlugin: C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Search Provided by Yahoo.xml [2016-04-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2016-04-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystarttb.xml [2016-04-09]
FF Extension: leethax.net extension - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\leethax@leethax.net.xpi [2016-04-05]
FF Extension: FlashGot - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-04-08]
FF Extension: leethax.net extension - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\Extensions\leethax@leethax.net.xpi [2016-04-05]
FF Extension: FlashGot - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-04-08]
FF Extension: Steel Cut 1.0.1 - C:\Users\Messias\AppData\Roaming\Mozilla\Firefox\Profiles\5990n2x6.default\Extensions\{86802a16-8572-49cb-a26a-69ecc1c09906}.xpi [2016-04-09] [não assinado]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [não assinado]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [não assinado]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Profile 3 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR StartupUrls: Profile 3 -> "hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=GOOGLE"
CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-27]
CHR Extension: (Stylish) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-12-28]
CHR Extension: (AdBlock) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-28]
CHR Extension: (Winter Chills) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kjciefciokhnhkflkjnkcooigcbpgdhe [2015-12-28]
CHR Extension: (The Avengers For New Tab) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnfkoamkfecfgpmjanjebmemnnnbcdnj [2015-12-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-27]
CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Stylish) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-01-04]
CHR Extension: (AdBlock) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-21]
CHR Extension: (Winter Chills) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kjciefciokhnhkflkjnkcooigcbpgdhe [2016-01-16]
CHR Extension: (The Avengers For New Tab) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lnfkoamkfecfgpmjanjebmemnnnbcdnj [2016-01-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03]
CHR Profile: C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Skype) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Messias\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR HKLM\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4125528095-360351865-885866514-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4125528095-360351865-885866514-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bahkljhhdeciiaodlkppoonappfnheoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 Airtostrong; C:\ProgramData\\Airtostrong\\Airtostrong.exe [528896 2016-03-29] () [Arquivo não assinado]
R2 BitTorrent; C:\Program Files\BitTorrent\BitTorrent.exe [383488 2016-04-09] () [Arquivo não assinado]
S2 BugreportW; C:\Program Files (x86)\SpeedSearchesbnd\Bugreportauclt.exe [1623128 2016-04-09] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [1202688 2016-04-09] () [Arquivo não assinado]
R2 fjp; c:\windows\fjp.exe [417792 2016-04-09] () [Arquivo não assinado]
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1747456 2016-03-31] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\Users\Messias\AppData\Roaming\svrupg.exe [2767872 2016-04-09] (TODO: ) [Arquivo não assinado]
R2 Hylbuejab; C:\Users\Messias\AppData\Roaming\Yfeqj\Yfeqj.exe [174440 2016-04-09] ()
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel(R) Corporation)
R2 Jhnuc; C:\Users\Messias\AppData\Roaming\CuiiAxek\Gorjev.exe [125776 2016-04-09] ()
R2 Kabqa; C:\Users\Messias\AppData\Roaming\SeejBudseje\Semud.exe [125800 2016-04-09] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 mfjp; c:\windows\mfjp.exe [408576 2016-04-09] () [Arquivo não assinado]
R2 Mievkaojys; C:\Users\Messias\AppData\Roaming\Oluungorri\Oluungorri.exe [174440 2016-04-09] ()
R2 Paowlauhpu; C:\Users\Messias\AppData\Roaming\Iaguwletfu\Iaguwletfu.exe [174416 2016-04-09] ()
R2 prhduct; C:\Users\Messias\AppData\Local\Doublebase.exe [28160 2016-04-09] () [Arquivo não assinado]
R2 ProntSpooler; C:\Users\Messias\AppData\Local\Apps\2.0\abril.exe [111616 2016-03-21] () [Arquivo não assinado]
R2 rijufoze; C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\hnsa892E.tmp [138240 2016-04-09] () [Arquivo não assinado]
R2 rocufyky; C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\jnsf63D1.tmp [389632 2016-04-09] () [Arquivo não assinado]
S4 Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe [1202688 2016-04-09] () [Arquivo não assinado]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S4 sulpnar; C:\ProgramData\\sulpnar\\sulpnar.exe [692736 2016-04-09] () [Arquivo não assinado]
R2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [153552 2015-12-09] ()
R2 upaate; C:\Users\Messias\AppData\Local\Anottrans.exe [28160 2016-04-09] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WinSvces; C:\Program Files (x86)\WinSvces\WinSvces\WinSvces.exe [314384 2016-04-09] ()
R2 XBox; C:\Users\Messias\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)
R2 suhequmizbt; C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C\knsl3F5B.tmpfs [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [82752 2016-04-09] (Cherimoya Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-15] (REALiX(tm))
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2015-11-15] ()
R1 {86802a16-8572-49cb-a26a-69ecc1c09906}Gw64; C:\Windows\System32\drivers\{86802a16-8572-49cb-a26a-69ecc1c09906}Gw64.sys [48464 2016-04-09] (StdLib)
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-09 19:51 - 2016-04-09 19:51 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-09 19:51 - 2016-04-09 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-09 19:50 - 2016-04-09 19:50 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-09 19:50 - 2016-04-09 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-09 19:49 - 2016-04-09 19:50 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-04-09 19:49 - 2016-04-09 19:50 - 00000000 ____D C:\ProgramData\Skype
2016-04-09 19:49 - 2016-04-09 19:50 - 00000000 ____D C:\Program Files (x86)\Skype
2016-04-09 19:49 - 2016-04-09 19:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-04-09 19:48 - 2016-04-09 19:48 - 00000000 ____D C:\Users\Messias\AppData\Local\7D8928E0-1460231327-11D5-A80C-001FC632711C
2016-04-09 19:42 - 2016-04-09 11:01 - 00000000 ____D C:\Program Files (x86)\SpeedSearchesbnd
2016-04-09 17:56 - 2016-04-09 17:56 - 00000000 ____D C:\Users\Todos os Usuários\Airtostrongs
2016-04-09 17:56 - 2016-04-09 17:56 - 00000000 ____D C:\ProgramData\Airtostrongs
2016-04-09 17:55 - 2016-04-09 17:55 - 02777282 _____ () C:\Program Files\Common Files\tyoxt21d.exe
2016-04-09 17:55 - 2002-01-01 00:03 - 00000000 ____D C:\Users\Todos os Usuários\Airtostrong
2016-04-09 17:55 - 2002-01-01 00:03 - 00000000 ____D C:\ProgramData\Airtostrong
2016-04-09 17:53 - 2016-04-09 17:53 - 00003396 _____ C:\Windows\System32\Tasks\u1tthsbx
2016-04-09 17:53 - 2016-04-09 17:53 - 00000000 ____D C:\Program Files\Common Files\a3aiocvn
2016-04-09 17:22 - 2016-04-09 17:23 - 00030422 _____ C:\Users\Messias\Downloads\FRST.txt
2016-04-09 17:20 - 2016-04-09 17:22 - 00000000 ____D C:\FRST
2016-04-09 17:20 - 2016-04-09 17:20 - 02374144 _____ (Farbar) C:\Users\Messias\Downloads\FRST64.exe
2016-04-09 17:20 - 2016-04-09 17:20 - 02374144 _____ (Farbar) C:\Users\Messias\Downloads\FRST64 (1).exe
2016-04-09 17:17 - 2016-04-09 17:17 - 00001161 _____ C:\Users\Public\Desktop\JFileManager.lnk
2016-04-09 17:17 - 2016-04-09 17:17 - 00000000 ____D C:\Users\Messias\AppData\Local\JFileManager
2016-04-09 17:17 - 2016-04-09 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2016-04-09 17:17 - 2016-04-09 17:17 - 00000000 ____D C:\Program Files (x86)\JFileManager
2016-04-09 17:03 - 2016-04-09 17:03 - 00000000 ____D C:\Windows\system32\pou
2016-04-09 17:03 - 2016-04-09 17:03 - 00000000 ____D C:\Windows\system32\mab
2016-04-09 16:57 - 2016-04-09 16:57 - 00064846 _____ C:\Users\Messias\Downloads\cc_20160409_165727.reg
2016-04-09 15:35 - 2016-04-09 15:35 - 00000000 ____D C:\Windows\system32\oagy
2016-04-09 15:35 - 2016-04-09 15:35 - 00000000 ____D C:\Windows\system32\nuev
2016-04-09 15:27 - 2016-04-09 17:18 - 00000000 ____D C:\Program Files (x86)\SunnyDayApps
2016-04-09 14:46 - 2016-04-09 17:05 - 00000524 _____ C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job
2016-04-09 14:46 - 2016-04-09 14:46 - 00003626 _____ C:\Windows\System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}
2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Baidu
2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\ProgramData\baidu
2016-04-09 14:46 - 2016-04-09 14:46 - 00000000 ____D C:\Program Files (x86)\Baidu
2016-04-09 14:11 - 2016-04-09 14:11 - 00000000 ____D C:\Windows\system32\jeg
2016-04-09 14:11 - 2016-04-09 14:11 - 00000000 ____D C:\Windows\system32\fyr
2016-04-09 13:55 - 2016-04-09 01:10 - 00000000 ____D C:\Program Files\BitTorrent
2016-04-09 13:54 - 2016-04-09 13:54 - 00041472 _____ C:\Users\Messias\AppData\Local\Doublebase.dat
2016-04-09 13:54 - 2016-04-09 13:54 - 00028160 _____ C:\Users\Messias\AppData\Local\Doublebase.exe
2016-04-09 13:54 - 2016-04-09 13:54 - 00000187 _____ C:\Users\Messias\AppData\Local\Doublebase.exe.config
2016-04-09 13:53 - 2016-04-09 13:53 - 01626416 _____ C:\Users\Messias\AppData\Roaming\HomeNix.tst
2016-04-09 13:53 - 2016-04-09 13:53 - 00189654 _____ () C:\Users\Messias\AppData\Roaming\VilaOveron.bin
2016-04-09 13:53 - 2016-04-09 13:53 - 00072699 _____ C:\Users\Messias\AppData\Roaming\Trust-Trax.tst
2016-04-09 13:53 - 2016-04-09 13:53 - 00003182 _____ C:\Windows\System32\Tasks\{1AF509E0-2AAE-4BCB-BE93-77B0CBBC8057}
2016-04-09 13:53 - 2016-04-09 13:52 - 01134592 _____ C:\Users\Messias\AppData\Roaming\HomeNix.exe
2016-04-09 13:52 - 2016-04-09 13:52 - 01134592 _____ C:\Users\Messias\AppData\Roaming\Trust-Trax.exe
2016-04-09 13:52 - 2016-04-09 13:52 - 00848437 _____ C:\Users\Messias\AppData\Roaming\Treetough.bin
2016-04-09 13:48 - 2016-04-09 13:48 - 00003338 _____ C:\Windows\System32\Tasks\Dyjtiu
2016-04-09 13:48 - 2016-04-09 13:48 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Yfeqj
2016-04-09 13:48 - 2016-04-09 13:48 - 00000000 ____D C:\Users\Messias\AppData\Roaming\SeejBudseje
2016-04-09 13:37 - 2016-04-09 13:37 - 00000000 ____D C:\Users\Todos os Usuários\77e4e1f1-61a5-1
2016-04-09 13:37 - 2016-04-09 13:37 - 00000000 ____D C:\ProgramData\77e4e1f1-61a5-1
2016-04-09 13:20 - 2016-04-09 13:11 - 00028160 _____ C:\Users\Messias\AppData\Local\Anottrans.exe
2016-04-09 13:20 - 2016-04-09 13:11 - 00000187 _____ C:\Users\Messias\AppData\Local\Anottrans.exe.config
2016-04-09 13:20 - 2016-04-09 13:10 - 00041472 _____ C:\Users\Messias\AppData\Local\Anottrans.dat
2016-04-09 13:09 - 2016-04-09 16:53 - 00000000 ____D C:\Users\Todos os Usuários\Ronzap
2016-04-09 13:09 - 2016-04-09 16:53 - 00000000 ____D C:\ProgramData\Ronzap
2016-04-09 13:09 - 2016-04-09 13:53 - 06504960 _____ C:\Users\Messias\AppData\Roaming\agent.dat
2016-04-09 13:09 - 2016-04-09 13:53 - 00126464 _____ C:\Users\Messias\AppData\Roaming\noah.dat
2016-04-09 13:09 - 2016-04-09 13:53 - 00065424 _____ C:\Users\Messias\AppData\Roaming\Config.xml
2016-04-09 13:09 - 2016-04-09 13:53 - 00018432 _____ C:\Users\Messias\AppData\Roaming\Main.dat
2016-04-09 13:09 - 2016-04-09 13:09 - 01626416 _____ C:\Users\Messias\AppData\Roaming\TrioHold.tst
2016-04-09 13:09 - 2016-04-09 13:09 - 00189654 _____ () C:\Users\Messias\AppData\Roaming\K-Remfix.bin
2016-04-09 13:09 - 2016-04-09 13:09 - 00002397 _____ C:\Windows\SysWOW64\findit.xml
2016-04-09 13:09 - 2016-04-09 13:09 - 00000000 ____D C:\Users\Todos os Usuários\Ronzaps
2016-04-09 13:09 - 2016-04-09 13:09 - 00000000 ____D C:\ProgramData\Ronzaps
2016-04-09 13:08 - 2016-04-09 13:53 - 00126464 _____ C:\Users\Messias\AppData\Roaming\lobby.dat
2016-04-09 13:08 - 2016-04-09 13:53 - 00054272 _____ C:\Users\Messias\AppData\Roaming\ApplicationHosting.dat
2016-04-09 13:08 - 2016-04-09 13:53 - 00005568 _____ C:\Users\Messias\AppData\Roaming\md.xml
2016-04-09 13:08 - 2016-04-09 13:08 - 00072699 _____ C:\Users\Messias\AppData\Roaming\Statjoytex.tst
2016-04-09 13:08 - 2016-04-09 13:08 - 00003342 _____ C:\Windows\System32\Tasks\Eoanajr
2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\Users\Todos os Usuários\CloudPrinter
2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Iaguwletfu
2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\Users\Messias\AppData\Roaming\CuiiAxek
2016-04-09 13:08 - 2016-04-09 13:08 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-04-09 13:08 - 2016-04-09 13:06 - 01202688 _____ C:\Users\Messias\AppData\Roaming\TrioHold.exe
2016-04-09 13:08 - 2016-04-09 13:06 - 01202688 _____ C:\Users\Messias\AppData\Roaming\Statjoytex.exe
2016-04-09 13:07 - 2016-04-09 13:07 - 00848437 _____ C:\Users\Messias\AppData\Roaming\Blackdox.bin
2016-04-09 13:06 - 2016-04-09 13:52 - 00200994 _____ C:\Users\Messias\AppData\Roaming\inst.lat
2016-04-09 13:06 - 2016-04-09 13:52 - 00127488 _____ C:\Users\Messias\AppData\Roaming\Installer.dat
2016-04-09 13:06 - 2016-04-09 13:52 - 00016992 _____ C:\Users\Messias\AppData\Roaming\InstallationConfiguration.xml
2016-04-09 12:49 - 2016-04-09 13:48 - 00082752 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\Users\Todos os Usuários\ec752064-4221-0
2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\Users\Todos os Usuários\ec752064-2875-1
2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\ProgramData\ec752064-4221-0
2016-04-09 12:48 - 2016-04-09 12:48 - 00000000 ____D C:\ProgramData\ec752064-2875-1
2016-04-09 12:46 - 2016-04-09 12:46 - 00000000 ____D C:\Users\Messias\Mozilla
2016-04-09 12:45 - 2016-04-09 12:45 - 00000042 _____ C:\Users\Messias\AppData\Roaming\WB.CFG
2016-04-09 12:40 - 2016-04-09 13:49 - 00000000 ____D C:\Users\Messias\AppData\Local\PriceFountain
2016-04-09 12:40 - 2016-04-09 12:40 - 00003616 _____ C:\Windows\System32\Tasks\PFExe
2016-04-09 12:40 - 2016-04-09 12:40 - 00000000 ____D C:\Users\Messias\AppData\Roaming\PriceFountain
2016-04-09 12:39 - 2016-04-09 13:41 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-04-09 12:39 - 2016-04-09 12:39 - 00000000 ____D C:\Users\Messias\AppData\Roaming\MCorp
2016-04-09 12:36 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-04-09 12:36 - 2016-04-09 12:37 - 00000000 ____D C:\ProgramData\Uniblue
2016-04-09 12:06 - 2016-04-09 12:06 - 00016815 _____ C:\Users\Todos os Usuários\webad.xml
2016-04-09 12:06 - 2016-04-09 12:06 - 00016815 _____ C:\ProgramData\webad.xml
2016-04-09 12:05 - 2016-04-09 12:05 - 00000000 ____D C:\Windows\system32\teg
2016-04-09 12:04 - 2016-04-09 12:04 - 02777282 _____ () C:\Program Files\Common Files\zhre3jfr.exe
2016-04-09 12:02 - 2016-04-09 12:02 - 00003396 _____ C:\Windows\System32\Tasks\cgo1xy4j
2016-04-09 12:02 - 2016-04-09 12:02 - 00000000 ____D C:\Program Files\Common Files\azsmrte3
2016-04-09 11:59 - 2016-04-09 11:59 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2016-04-09 11:59 - 2016-04-09 11:54 - 00002752 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-09 11:58 - 2016-04-09 17:02 - 00000000 ____D C:\Program Files (x86)\7D8928E0-1460213914-11D5-A80C-001FC632711C
2016-04-09 11:58 - 2016-04-09 13:50 - 00000000 ____D C:\Users\Messias\AppData\Local\Opera Software
2016-04-09 11:57 - 2016-04-09 13:50 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Opera Software
2016-04-09 11:55 - 2016-04-09 13:57 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-04-09 11:51 - 2016-04-09 13:55 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-09 11:51 - 2016-04-09 11:51 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-04-09 11:50 - 2016-04-09 11:50 - 00003082 _____ C:\Windows\System32\Tasks\CheckMeUp Update
2016-04-09 11:49 - 2016-04-09 11:49 - 00002487 _____ C:\Windows\patsearch.bin
2016-04-09 11:49 - 2016-04-09 11:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2016-04-09 11:48 - 2016-04-09 11:48 - 00000000 ____D C:\Program Files (x86)\osTip
2016-04-09 11:48 - 2016-04-09 11:32 - 00073452 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-04-09 11:48 - 2016-04-09 11:32 - 00073452 _____ C:\ProgramData\YSIns.exe
2016-04-09 11:48 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Messias\AppData\Roaming\delCalendarReg.exe
2016-04-09 11:48 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-04-09 11:48 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\Users\Messias\AppData\Roaming\XBox
2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\Users\Messias\AppData\Roaming\LightGate
2016-04-09 11:47 - 2016-04-09 11:47 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-09 11:47 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-04-09 11:47 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-04-09 11:47 - 2015-12-10 15:43 - 00600312 _____ C:\Users\Messias\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-04-09 11:47 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-04-09 11:47 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-04-09 11:46 - 2016-04-09 17:17 - 00000000 ____D C:\Users\Messias\AppData\Local\Setup Wizard
2016-04-09 11:46 - 2016-04-09 11:46 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2016-04-09 11:46 - 2016-04-09 11:46 - 00000000 ____D C:\Users\Messias\AppData\Local\csdi_monetize_220160408
2016-04-09 11:46 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Messias\AppData\Roaming\HomePage.exe
2016-04-09 11:45 - 2016-04-09 17:09 - 02767872 _____ (TODO: ) C:\Users\Messias\AppData\Roaming\svrupg.exe
2016-04-09 11:45 - 2016-04-09 17:08 - 00016815 _____ C:\Users\Messias\AppData\Roaming\webad.xml
2016-04-09 11:45 - 2016-04-09 12:48 - 00003728 _____ C:\Windows\System32\Tasks\DNS Monitoring
2016-04-09 11:45 - 2016-04-01 14:51 - 01917952 _____ C:\Users\Todos os Usuários\msiql.exe
2016-04-09 11:45 - 2016-04-01 14:51 - 01917952 _____ C:\Users\Messias\AppData\Roaming\msiql.exe
2016-04-09 11:45 - 2016-04-01 14:51 - 01917952 _____ C:\ProgramData\msiql.exe
2016-04-09 11:44 - 2016-04-09 17:05 - 00003092 _____ C:\Windows\System32\Tasks\osTip
2016-04-09 11:44 - 2016-04-09 13:48 - 00000000 ____D C:\Users\Messias\AppData\Local\Tempfolder
2016-04-09 11:44 - 2016-04-09 11:56 - 00000000 ____D C:\Program Files\Fefvopsi
2016-04-09 11:44 - 2016-04-09 11:49 - 00002968 _____ C:\Windows\System32\Tasks\Pritc
2016-04-09 11:44 - 2016-04-09 11:48 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-09 11:44 - 2016-04-09 11:48 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-09 11:44 - 2016-04-09 11:44 - 00022176 _____ C:\Windows\System32\Tasks\DNSWILLISTON
2016-04-09 11:44 - 2016-04-09 11:44 - 00003342 _____ C:\Windows\System32\Tasks\Nilumuqn
2016-04-09 11:44 - 2016-04-09 11:44 - 00003026 _____ C:\Windows\System32\Tasks\ttwifi
2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Oluungorri
2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\LocalLow\Company
2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\Users\Messias\AppData\Local\csdi_monetize_120160408
2016-04-09 11:44 - 2016-04-09 11:44 - 00000000 ____D C:\uninst
2016-04-09 11:44 - 2016-03-31 11:32 - 01747456 _____ C:\Users\Todos os Usuários\service.exe
2016-04-09 11:44 - 2016-03-31 11:32 - 01747456 _____ C:\Users\Messias\AppData\Roaming\service.exe
2016-04-09 11:44 - 2016-03-31 11:32 - 01747456 _____ C:\ProgramData\service.exe
2016-04-09 11:43 - 2016-04-09 17:10 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-04-09 11:43 - 2016-04-09 17:10 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-04-09 11:43 - 2016-04-09 13:51 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-09 11:43 - 2016-04-09 11:43 - 00003448 _____ C:\Windows\System32\Tasks\MessiasIncitingRachetsV2
2016-04-09 11:43 - 2016-04-09 11:43 - 00002970 _____ C:\Windows\System32\Tasks\svchost
2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 ____D C:\Users\Messias\AppData\Roaming\PriceFountainUpdateVer
2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 ____D C:\Users\Messias\AppData\Local\Setup807008
2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 ____D C:\Users\Messias\AppData\Local\IncitingRachets
2016-04-09 11:43 - 2016-04-09 11:43 - 00000000 _____ C:\Windows\SysWOW64\track
2016-04-09 11:42 - 2016-04-09 19:42 - 00000000 ____D C:\Program Files (x86)\badu
2016-04-09 11:42 - 2016-04-09 11:48 - 00000000 ____D C:\FFOutput
2016-04-09 11:42 - 2016-04-09 11:42 - 00023092 _____ C:\Windows\System32\Tasks\{050A0847-0A7F-7D79-0C11-7908790E110C}
2016-04-09 11:42 - 2016-04-09 11:42 - 00001067 _____ C:\Users\Messias\Desktop\Format Factory.lnk
2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Users\Todos os Usuários\77e4e1f1-1ac7-1
2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Users\Todos os Usuários\77e4e1f1-10c7-0
2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\ProgramData\77e4e1f1-1ac7-1
2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\ProgramData\77e4e1f1-10c7-0
2016-04-09 11:42 - 2016-04-09 11:42 - 00000000 ____D C:\Program Files\Windows Screen Manager
2016-04-09 11:42 - 2016-04-09 01:32 - 00000000 ____D C:\Program Files\NewExt
2016-04-09 11:42 - 2016-04-09 01:13 - 00000000 ____D C:\Program Files (x86)\Hostify
2016-04-09 11:41 - 2016-04-09 11:42 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-04-09 11:41 - 2016-04-09 03:55 - 00048464 _____ (StdLib) C:\Windows\system32\Drivers\{86802a16-8572-49cb-a26a-69ecc1c09906}Gw64.sys
2016-04-09 11:39 - 2016-04-09 13:41 - 00000000 ____D C:\Program Files (x86)\Steel Cut
2016-04-09 11:37 - 2016-04-09 19:42 - 00015148 _____ C:\Windows\System32\Tasks\WinTsks
2016-04-09 11:37 - 2016-04-09 13:37 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support
2016-04-09 11:37 - 2016-04-09 11:38 - 00000000 ____D C:\Program Files (x86)\DailyPCClean
2016-04-09 11:37 - 2016-04-09 11:37 - 00000000 ____D C:\Users\Messias\Documents\DailyPCClean
2016-04-09 11:37 - 2016-04-09 01:09 - 00000000 ____D C:\Users\Messias\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-09 11:36 - 2016-04-09 11:51 - 48396699 _____ (Free Time) C:\Users\Messias\Downloads\formatfactory-3-6-0-0-multi-win.exe.part
2016-04-09 11:36 - 2016-04-09 11:36 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-09 11:36 - 2016-04-09 11:36 - 00000000 ____D C:\Program Files (x86)\WinTsks
2016-04-09 11:36 - 2016-04-09 11:36 - 00000000 ____D C:\Program Files (x86)\WinSvces
2016-04-09 11:33 - 2016-04-09 11:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-09 11:31 - 2016-04-09 11:31 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-04-09 11:18 - 2016-04-09 11:18 - 00003344 _____ C:\Windows\System32\Tasks\Format Factory
2016-04-09 11:17 - 2016-04-09 11:18 - 04508993 _____ (FF, Inc ) C:\Users\Messias\Downloads\fast-video-converter-3.8.0.4(1).exe
2016-04-09 11:17 - 2016-04-09 11:17 - 04508993 _____ (FF, Inc ) C:\Users\Messias\Downloads\fast-video-converter-3.8.0.4.exe
2016-04-09 11:08 - 2016-04-09 11:08 - 00000000 ___HD C:\Users\Messias\AppData\Roaming\GoldenGate
2016-04-09 11:08 - 2016-04-09 11:08 - 00000000 ___HD C:\Users\Messias\AppData\Roaming\Booking_helper
2016-04-09 11:07 - 2016-04-09 14:22 - 00000000 ____D C:\Users\Messias\AppData\Roaming\WarThunder
2016-04-09 11:07 - 2016-04-09 11:07 - 05892175 _____ (MediaDownloader ) C:\Users\Messias\Downloads\MediaDownloader.exe
2016-04-09 11:07 - 2016-04-09 11:07 - 00003992 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2016-04-09 11:01 - 2016-04-09 11:01 - 00262144 ____N C:\Windows\Minidump\040916-18049-01.dmp
2016-04-09 02:03 - 2016-04-09 02:03 - 00003242 _____ C:\Windows\System32\Tasks\uydate
2016-04-09 01:39 - 2016-04-09 01:39 - 31523896 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 24207296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 23000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 17559240 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 15302712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 12911160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-04-09 01:39 - 2016-04-09 01:39 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 04252608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 03996216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 02825016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 01908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434195.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 01557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434195.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 00952256 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 00915392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 00911928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-04-09 01:39 - 2016-04-09 01:39 - 00878648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-04-09 01:16 - 2016-04-09 19:39 - 00000000 ____D C:\Program Files (x86)\SunnyDay21
2016-04-09 01:16 - 2016-04-09 17:08 - 00000000 ____D C:\Users\Messias\AppData\Local\SunnyDay21
2016-04-09 01:13 - 2016-04-09 01:13 - 00631808 _____ C:\Windows\fjp.dat
2016-04-09 01:13 - 2016-04-09 01:13 - 00417792 _____ C:\Windows\fjp.exe
2016-04-09 01:13 - 2016-04-09 01:13 - 00408576 _____ C:\Windows\mfjp.exe
2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\Users\Todos os Usuários\sulpnars
2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RinoReader
2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\ProgramData\sulpnars
2016-04-09 01:13 - 2016-04-09 01:13 - 00000000 ____D C:\Program Files (x86)\RinoReader
2016-04-09 01:12 - 2016-04-09 16:53 - 00000000 ____D C:\Users\Todos os Usuários\sulpnar
2016-04-09 01:12 - 2016-04-09 16:53 - 00000000 ____D C:\ProgramData\sulpnar
2016-04-09 01:11 - 2016-04-09 17:07 - 00001223 _____ C:\Users\Usuário Padrão\Desktop\Get Random Viral.lnk
2016-04-09 01:11 - 2016-04-09 17:07 - 00001223 _____ C:\Users\Default\Desktop\Get Random Viral.lnk
2016-04-09 01:11 - 2016-04-09 17:07 - 00001223 _____ C:\Users\Default User\Desktop\Get Random Viral.lnk
2016-04-09 01:11 - 2016-04-09 17:07 - 00001175 _____ C:\Users\Usuário Padrão\Desktop\Google Search.lnk
2016-04-09 01:11 - 2016-04-09 17:07 - 00001175 _____ C:\Users\Default\Desktop\Google Search.lnk
2016-04-09 01:11 - 2016-04-09 17:07 - 00001175 _____ C:\Users\Default User\Desktop\Google Search.lnk
2016-04-09 01:08 - 2016-04-09 01:08 - 00242240 _____ C:\Users\Messias\Downloads\Firefox Setup Stub 45.0.1 (1).exe
2016-04-09 01:08 - 2016-04-09 01:08 - 00013862 _____ C:\Users\Messias\Desktop\firefox - Atalho.lnk
2016-04-09 01:08 - 2016-04-09 01:08 - 00000000 ____D C:\Windows\pss
2016-04-09 01:05 - 2016-04-09 01:05 - 00000000 ____D C:\Users\Todos os Usuários\ec752064-23c3-1
2016-04-09 01:05 - 2016-04-09 01:05 - 00000000 ____D C:\ProgramData\ec752064-23c3-1
2016-04-09 01:04 - 2016-04-09 19:22 - 00000000 ____D C:\Program Files\CCleaner
2016-04-09 01:04 - 2016-04-09 01:04 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-09 01:04 - 2016-04-09 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-09 01:02 - 2016-04-09 01:03 - 06868672 _____ (Piriform Ltd) C:\Users\Messias\Downloads\ccsetup516.exe
2016-04-08 21:59 - 2016-04-08 21:59 - 00445861 _____ C:\Users\Messias\Desktop\♫_Best_of_No_Copyright_Music_01_NCS_Gaming_Mix_Best_of_2015_HOT.webm
2016-04-08 21:53 - 2016-04-08 21:57 - 82153647 _____ C:\Users\Messias\Desktop\♫_Best_of_No_Copyright_Music_01_NCS_Gaming_Mix_Best_of_2015_HOT_130k.m4a
2016-04-06 11:48 - 2016-04-06 11:48 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-04-06 08:22 - 2016-04-06 08:22 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-04-05 19:01 - 2016-04-05 19:01 - 00000000 ____D C:\Users\Messias\AppData\Local\CEF
2016-04-05 19:00 - 2016-04-05 19:00 - 00000000 ____D C:\Program Files\Intel
2016-04-05 18:58 - 2016-04-05 18:58 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-05 18:58 - 2016-04-05 18:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-05 18:57 - 2016-04-09 13:41 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-04-05 18:57 - 2016-04-07 08:12 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-05 18:46 - 2016-04-05 18:46 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Macromedia
2016-04-05 18:46 - 2016-04-05 18:46 - 00000000 ____D C:\Users\Messias\AppData\Local\Macromedia
2016-04-05 18:45 - 2016-04-09 13:39 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-04-05 18:45 - 2016-04-09 13:39 - 00000000 ____D C:\ProgramData\McAfee
2016-04-05 18:45 - 2016-04-05 18:45 - 00000000 ____D C:\Users\Todos os Usuários\McAfee Security Scan
2016-04-05 18:45 - 2016-04-05 18:45 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-04-05 18:45 - 2016-04-05 18:45 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2016-04-05 18:44 - 2016-04-09 16:54 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-05 18:44 - 2016-04-07 21:54 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 18:44 - 2016-04-07 21:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 18:44 - 2016-04-07 21:54 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-05 18:44 - 2016-04-05 18:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-04-05 18:44 - 2016-04-05 18:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-04-05 18:43 - 2016-04-05 18:45 - 00000000 ____D C:\Users\Messias\AppData\Local\Adobe
2016-04-05 18:38 - 2016-04-09 16:48 - 00000000 ____D C:\Users\Messias\AppData\Roaming\WeatherTool
2016-04-05 18:38 - 2016-04-09 14:46 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-04-05 18:38 - 2016-04-05 18:38 - 00026541 _____ C:\Users\Messias\Downloads\leethax.xpi
2016-04-05 18:38 - 2016-04-05 18:38 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-04-05 18:37 - 2016-04-05 18:37 - 00001085 _____ C:\Users\Messias\Desktop\Cheat Engine.lnk
2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\Users\Messias\Documents\My Cheat Tables
2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\Users\Messias\AppData\Roaming\OpenCandy
2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5
2016-04-05 18:37 - 2016-04-05 18:37 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2016-04-05 18:36 - 2016-04-09 01:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-05 18:36 - 2016-04-05 18:45 - 00000000 ____D C:\Users\Messias\AppData\Local\Mozilla
2016-04-05 18:36 - 2016-04-05 18:37 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Mozilla
2016-04-05 18:36 - 2016-04-05 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-05 18:33 - 2016-04-05 18:37 - 10842040 _____ (Cheat Engine ) C:\Users\Messias\Downloads\CheatEngine65.exe
2016-04-05 18:33 - 2016-04-05 18:33 - 00242240 _____ C:\Users\Messias\Downloads\Firefox Setup Stub 45.0.1.exe
2016-04-05 13:09 - 2016-04-09 01:14 - 00002056 _____ C:\Users\Messias\Desktop\Google Chrome.lnk
2016-03-23 16:26 - 2016-03-25 14:47 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Audacity
2016-03-23 16:26 - 2016-03-23 16:26 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-03-23 16:26 - 2016-03-23 16:26 - 00001007 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-03-23 16:26 - 2016-03-23 16:26 - 00000000 ____D C:\Users\Messias\AppData\Local\Audacity
2016-03-23 16:25 - 2016-03-23 16:26 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-03-23 16:23 - 2016-03-23 16:24 - 26496761 _____ (Audacity Team ) C:\Users\Messias\Downloads\audacity-win-2.1.2.exe
2016-03-22 18:19 - 2016-03-22 18:19 - 00240064 _____ C:\Users\Messias\Desktop\Pré-atendimento eleitoral - Título Net — Tribunal Superior Eleitoral.pdf
2016-03-21 23:28 - 2016-03-21 23:28 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2016-03-21 23:22 - 2016-03-21 23:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Messias\Documents\samsung
2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Samsung
2016-03-21 23:18 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Messias\AppData\Local\Samsung
2016-03-21 23:16 - 2016-01-08 05:51 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-03-21 23:16 - 2016-01-08 05:51 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-03-21 23:16 - 2016-01-08 05:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2016-03-21 23:16 - 2016-01-08 05:51 - 00120416 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-03-21 23:08 - 2016-03-21 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-03-21 23:08 - 2016-03-21 23:08 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-03-21 23:08 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2016-03-21 23:08 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2016-03-21 23:07 - 2016-03-21 23:16 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2016-03-21 23:07 - 2016-03-21 23:16 - 00000000 ____D C:\ProgramData\Samsung
2016-03-21 23:07 - 2016-03-21 23:16 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-03-21 23:05 - 2016-03-21 23:05 - 00000000 ____D C:\Users\Messias\AppData\Local\Downloaded Installations
2016-03-21 23:01 - 2016-03-21 23:04 - 79061256 _____ (Samsung Electronics Co., Ltd.) C:\Users\Messias\Downloads\KiesSetup.exe
2016-03-10 21:38 - 2016-02-09 03:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-10 21:38 - 2016-02-09 03:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-10 21:38 - 2016-02-08 18:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-10 21:38 - 2016-02-08 17:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-10 21:38 - 2016-02-08 17:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-10 21:38 - 2016-02-08 17:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-10 21:38 - 2016-02-08 17:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-10 21:38 - 2016-02-08 17:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-10 21:38 - 2016-02-08 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-10 21:38 - 2016-02-08 17:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-10 21:38 - 2016-02-08 17:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-10 21:38 - 2016-02-08 17:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-10 21:38 - 2016-02-08 17:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-10 21:38 - 2016-02-08 17:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-10 21:38 - 2016-02-08 17:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-10 21:38 - 2016-02-08 17:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-10 21:38 - 2016-02-08 17:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-10 21:38 - 2016-02-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-10 21:38 - 2016-02-08 17:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-10 21:38 - 2016-02-08 17:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-10 21:38 - 2016-02-08 17:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-10 21:38 - 2016-02-08 17:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-10 21:38 - 2016-02-08 17:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-10 21:38 - 2016-02-08 17:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-10 21:38 - 2016-02-08 17:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-10 21:38 - 2016-02-08 17:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-10 21:38 - 2016-02-08 17:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-10 21:38 - 2016-02-08 17:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-10 21:38 - 2016-02-08 17:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-10 21:38 - 2016-02-08 17:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-10 21:38 - 2016-02-08 16:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-10 21:38 - 2016-02-08 16:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-10 21:38 - 2016-02-08 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-10 21:38 - 2016-02-08 15:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-10 21:38 - 2016-02-08 15:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-10 21:38 - 2016-02-08 15:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-10 21:38 - 2016-02-08 15:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-10 21:38 - 2016-02-08 15:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-10 21:38 - 2016-02-08 15:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-10 21:38 - 2016-02-08 15:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-10 21:38 - 2016-02-08 15:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-10 21:38 - 2016-02-08 15:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-10 21:38 - 2016-02-08 15:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-10 21:38 - 2016-02-08 15:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-10 21:38 - 2016-02-08 15:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-10 21:38 - 2016-02-08 15:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-10 21:38 - 2016-02-08 15:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-10 21:38 - 2016-02-08 15:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-10 21:38 - 2016-02-08 15:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-10 21:38 - 2016-02-08 15:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-10 21:38 - 2016-02-08 15:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-10 21:38 - 2016-02-08 14:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-10 21:38 - 2016-02-08 14:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-10 21:38 - 2016-02-08 14:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-10 21:38 - 2016-02-08 14:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-10 21:38 - 2016-02-08 14:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-10 21:38 - 2016-02-08 14:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-10 21:38 - 2016-02-08 14:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-10 21:38 - 2016-02-08 14:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-10 21:38 - 2016-02-08 14:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-10 21:38 - 2016-02-08 14:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-10 21:38 - 2016-02-08 14:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-10 21:38 - 2016-02-08 14:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-10 21:38 - 2016-02-08 14:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-10 21:38 - 2016-02-08 14:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-10 21:38 - 2016-02-08 13:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-10 20:34 - 2016-02-12 15:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-10 20:34 - 2016-02-12 15:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-10 20:34 - 2016-02-12 15:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-10 20:34 - 2016-02-12 15:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-10 20:34 - 2016-02-12 15:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-10 20:34 - 2016-02-12 15:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-10 20:34 - 2016-02-12 15:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-10 20:34 - 2016-02-12 15:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-10 20:34 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-10 20:34 - 2016-02-12 15:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-10 20:34 - 2016-02-12 15:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-10 20:34 - 2016-02-12 15:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-10 20:34 - 2016-02-12 15:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-10 20:34 - 2016-02-12 15:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-10 20:34 - 2016-02-12 15:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-10 20:34 - 2016-02-12 15:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-10 20:34 - 2016-02-04 14:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-10 20:34 - 2016-02-03 15:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-10 20:34 - 2016-02-03 15:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-10 20:34 - 2016-02-03 15:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-10 20:34 - 2016-02-03 15:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-10 20:34 - 2016-02-03 15:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-10 20:34 - 2016-01-11 16:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-10 20:34 - 2015-11-19 11:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-10 20:34 - 2015-11-19 11:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-10 20:29 - 2016-02-11 15:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-10 20:29 - 2016-02-11 15:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-10 20:29 - 2016-02-11 15:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-10 20:29 - 2016-02-11 15:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-10 20:29 - 2016-02-11 15:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-10 20:29 - 2016-02-11 15:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-10 20:29 - 2016-02-11 15:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-10 20:29 - 2016-02-11 15:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-10 20:29 - 2016-02-11 15:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-10 20:29 - 2016-02-11 15:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-10 20:29 - 2016-02-11 15:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-10 20:29 - 2016-02-11 15:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-10 20:29 - 2016-02-11 15:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-10 20:29 - 2016-02-11 15:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-10 20:29 - 2016-02-11 15:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-10 20:29 - 2016-02-11 15:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-10 20:29 - 2016-02-11 15:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-10 20:29 - 2016-02-11 15:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-10 20:29 - 2016-02-11 15:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-10 20:29 - 2016-02-11 15:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-10 20:29 - 2016-02-11 15:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-10 20:29 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-10 20:29 - 2016-02-11 15:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-10 20:29 - 2016-02-11 15:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-10 20:29 - 2016-02-11 15:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-10 20:29 - 2016-02-11 15:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-10 20:29 - 2016-02-11 15:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-10 20:29 - 2016-02-11 15:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-10 20:29 - 2016-02-11 15:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-10 20:29 - 2016-02-11 15:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-10 20:29 - 2016-02-11 15:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-10 20:29 - 2016-02-11 15:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-10 20:29 - 2016-02-11 15:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-10 20:29 - 2016-02-11 15:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 14:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-10 20:29 - 2016-02-11 14:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-10 20:29 - 2016-02-11 14:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-10 20:29 - 2016-02-11 14:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-10 20:29 - 2016-02-11 14:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-10 20:29 - 2016-02-11 14:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-10 20:29 - 2016-02-11 14:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-10 20:29 - 2016-02-11 14:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-10 20:29 - 2016-02-11 14:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-10 20:29 - 2016-02-11 14:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-10 20:29 - 2016-02-11 14:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-10 20:29 - 2016-02-11 14:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-10 20:29 - 2016-02-11 14:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-10 20:29 - 2016-02-11 14:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-10 20:29 - 2016-02-11 14:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-10 20:29 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-10 20:28 - 2016-02-09 06:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-10 20:28 - 2016-02-09 06:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-10 20:28 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-10 20:28 - 2016-02-09 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-10 20:28 - 2016-02-09 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-10 20:28 - 2016-02-09 06:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-10 20:28 - 2016-02-09 06:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-10 20:28 - 2016-02-09 06:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-10 20:28 - 2016-02-09 06:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-10 20:28 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-10 20:28 - 2016-02-09 06:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-10 20:28 - 2016-02-05 15:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-10 20:28 - 2016-02-05 15:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-10 20:28 - 2016-02-05 15:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-10 20:28 - 2016-02-05 15:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-10 20:28 - 2016-02-05 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-10 20:28 - 2016-02-05 15:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-10 20:28 - 2016-02-05 15:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-10 20:28 - 2016-02-05 14:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-10 20:28 - 2016-02-05 14:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-10 20:28 - 2016-02-05 14:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-10 20:28 - 2016-02-04 22:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-10 20:28 - 2016-02-04 15:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-10 20:23 - 2016-02-19 16:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-10 20:23 - 2016-02-19 15:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-10 20:23 - 2016-02-19 11:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-10 20:23 - 2016-02-11 11:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-10 20:23 - 2016-02-05 11:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-10 20:23 - 2016-02-05 11:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-10 20:23 - 2016-02-05 11:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-09 19:29 - 2015-12-20 22:27 - 00000000 ____D C:\Users\Messias\AppData\Roaming\PhotoScape
2016-04-09 19:29 - 2015-12-05 07:03 - 00000000 ____D C:\Users\Messias\AppData\Roaming\uTorrent
2016-04-09 19:25 - 2015-11-15 17:49 - 00000000 ____D C:\Windows\Panther
2016-04-09 17:56 - 2015-11-15 11:57 - 00001401 _____ C:\Users\Messias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-09 17:20 - 2015-11-15 12:03 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-09 17:14 - 2009-07-14 01:45 - 00019520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-09 17:14 - 2009-07-14 01:45 - 00019520 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-09 17:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-09 17:11 - 2009-07-29 12:49 - 00705474 _____ C:\Windows\system32\prfh0416.dat
2016-04-09 17:11 - 2009-07-29 12:49 - 00147314 _____ C:\Windows\system32\prfc0416.dat
2016-04-09 17:11 - 2009-07-14 02:13 - 01634498 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-09 17:11 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-04-09 17:08 - 2015-11-15 12:15 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-04-09 17:08 - 2015-11-15 12:15 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Messias)
2016-04-09 17:07 - 2002-01-01 00:03 - 00001223 _____ C:\Users\Public\Desktop\Get Random Viral.lnk
2016-04-09 17:07 - 2002-01-01 00:03 - 00001223 _____ C:\Users\Messias\Desktop\Get Random Viral.lnk
2016-04-09 17:07 - 2002-01-01 00:03 - 00001175 _____ C:\Users\Public\Desktop\Google Search.lnk
2016-04-09 17:07 - 2002-01-01 00:03 - 00001175 _____ C:\Users\Messias\Desktop\Google Search.lnk
2016-04-09 17:05 - 2015-11-15 12:03 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-09 17:05 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-09 12:53 - 2015-11-15 12:02 - 00000000 ____D C:\Users\Messias\AppData\Local\Apps\2.0
2016-04-09 12:46 - 2015-11-15 11:56 - 00000000 ____D C:\Users\Messias
2016-04-09 12:36 - 2009-07-13 23:34 - 00000505 _____ C:\Windows\win.ini
2016-04-09 11:50 - 2015-11-15 13:30 - 00001437 ____R C:\Users\Messias\Desktop\Internet Explorer.lnk
2016-04-09 11:43 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-04-09 11:43 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-04-09 11:01 - 2015-11-17 18:47 - 00000000 ____D C:\Windows\Minidump
2016-04-09 02:05 - 2002-01-01 00:05 - 00000000 ____D C:\Users\Messias\AppData\Roaming\Skype
2016-04-09 01:44 - 2016-03-09 07:18 - 00002150 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-04-09 01:43 - 2015-11-15 13:28 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-04-09 01:43 - 2015-11-15 13:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-09 01:41 - 2015-11-15 13:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-09 01:39 - 2015-11-15 13:22 - 18634264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-04-09 01:39 - 2015-11-15 13:22 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-04-09 01:39 - 2015-11-15 13:22 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-04-09 01:39 - 2015-11-15 13:22 - 03210784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-04-09 01:39 - 2015-11-15 13:22 - 00026157 _____ C:\Windows\system32\nvinfo.pb
2016-04-09 01:29 - 2015-11-15 12:15 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-04-09 01:29 - 2015-11-15 12:15 - 00000000 ____D C:\ProgramData\ProductData
2016-04-09 01:14 - 2015-11-15 12:18 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-05 22:20 - 2015-11-24 16:21 - 01598884 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-23 22:25 - 2015-11-25 00:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-23 22:25 - 2015-11-25 00:21 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-13 08:46 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-11 17:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-03-11 06:21 - 2009-07-14 01:45 - 00267448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 22:59 - 2015-11-16 02:57 - 00000000 ____D C:\Windows\system32\appraiser

==================== Arquivos na raiz de alguns diretórios =======

2016-04-09 17:55 - 2016-04-09 17:55 - 2777282 _____ () C:\Program Files\Common Files\tyoxt21d.exe
2016-04-09 12:04 - 2016-04-09 12:04 - 2777282 _____ () C:\Program Files\Common Files\zhre3jfr.exe
2016-04-09 13:09 - 2016-04-09 13:53 - 6504960 _____ () C:\Users\Messias\AppData\Roaming\agent.dat
2016-04-09 13:08 - 2016-04-09 13:53 - 0054272 _____ () C:\Users\Messias\AppData\Roaming\ApplicationHosting.dat
2016-04-09 13:07 - 2016-04-09 13:07 - 0848437 _____ () C:\Users\Messias\AppData\Roaming\Blackdox.bin
2016-04-09 11:51 - 2016-04-09 11:51 - 0001251 _____ () C:\Users\Messias\AppData\Roaming\Bubble Dock.boostrap.log
2016-04-09 11:53 - 2016-04-09 11:53 - 0000117 _____ () C:\Users\Messias\AppData\Roaming\Bubble Dock.installation.log
2016-04-09 13:09 - 2016-04-09 13:53 - 0065424 _____ () C:\Users\Messias\AppData\Roaming\Config.xml
2016-04-09 11:48 - 2016-02-24 06:18 - 1085440 _____ () C:\Users\Messias\AppData\Roaming\delCalendarReg.exe
2016-04-09 13:53 - 2016-04-09 13:52 - 1134592 _____ () C:\Users\Messias\AppData\Roaming\HomeNix.exe
2016-04-09 13:53 - 2016-04-09 13:53 - 1626416 _____ () C:\Users\Messias\AppData\Roaming\HomeNix.tst
2016-04-09 11:46 - 2015-11-25 15:31 - 1100288 _____ () C:\Users\Messias\AppData\Roaming\HomePage.exe
2016-04-09 13:06 - 2016-04-09 13:52 - 0200994 _____ () C:\Users\Messias\AppData\Roaming\inst.lat
2016-04-09 13:06 - 2016-04-09 13:52 - 0016992 _____ () C:\Users\Messias\AppData\Roaming\InstallationConfiguration.xml
2016-04-09 13:06 - 2016-04-09 13:52 - 0127488 _____ () C:\Users\Messias\AppData\Roaming\Installer.dat
2016-04-09 13:09 - 2016-04-09 13:09 - 0189654 _____ () C:\Users\Messias\AppData\Roaming\K-Remfix.bin
2016-04-09 13:08 - 2016-04-09 13:53 - 0126464 _____ () C:\Users\Messias\AppData\Roaming\lobby.dat
2016-04-09 13:09 - 2016-04-09 13:53 - 0018432 _____ () C:\Users\Messias\AppData\Roaming\Main.dat
2016-04-09 13:08 - 2016-04-09 13:53 - 0005568 _____ () C:\Users\Messias\AppData\Roaming\md.xml
2016-04-09 11:45 - 2016-04-01 14:51 - 1917952 _____ () C:\Users\Messias\AppData\Roaming\msiql.exe
2016-04-09 13:09 - 2016-04-09 13:53 - 0126464 _____ () C:\Users\Messias\AppData\Roaming\noah.dat
2016-04-09 11:44 - 2016-03-31 11:32 - 1747456 _____ () C:\Users\Messias\AppData\Roaming\service.exe
2016-04-09 13:08 - 2016-04-09 13:06 - 1202688 _____ () C:\Users\Messias\AppData\Roaming\Statjoytex.exe
2016-04-09 13:08 - 2016-04-09 13:08 - 0072699 _____ () C:\Users\Messias\AppData\Roaming\Statjoytex.tst
2016-04-09 11:45 - 2016-04-09 17:09 - 2767872 _____ (TODO: ) C:\Users\Messias\AppData\Roaming\svrupg.exe
2016-04-09 13:52 - 2016-04-09 13:52 - 0848437 _____ () C:\Users\Messias\AppData\Roaming\Treetough.bin
2016-04-09 13:08 - 2016-04-09 13:06 - 1202688 _____ () C:\Users\Messias\AppData\Roaming\TrioHold.exe
2016-04-09 13:09 - 2016-04-09 13:09 - 1626416 _____ () C:\Users\Messias\AppData\Roaming\TrioHold.tst
2016-04-09 13:52 - 2016-04-09 13:52 - 1134592 _____ () C:\Users\Messias\AppData\Roaming\Trust-Trax.exe
2016-04-09 13:53 - 2016-04-09 13:53 - 0072699 _____ () C:\Users\Messias\AppData\Roaming\Trust-Trax.tst
2016-04-09 13:55 - 2016-04-09 13:55 - 0001150 _____ () C:\Users\Messias\AppData\Roaming\uninstall_temp.ico
2016-04-09 13:53 - 2016-04-09 13:53 - 0189654 _____ () C:\Users\Messias\AppData\Roaming\VilaOveron.bin
2016-04-09 12:45 - 2016-04-09 12:45 - 0000042 _____ () C:\Users\Messias\AppData\Roaming\WB.CFG
2016-04-09 11:45 - 2016-04-09 17:08 - 0016815 _____ () C:\Users\Messias\AppData\Roaming\webad.xml
2016-04-09 11:51 - 2016-04-09 11:51 - 0000097 _____ () C:\Users\Messias\AppData\Roaming\WindApp.boostrap.log
2016-04-09 11:47 - 2015-12-10 15:43 - 0600312 _____ () C:\Users\Messias\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-04-09 13:20 - 2016-04-09 13:10 - 0041472 _____ () C:\Users\Messias\AppData\Local\Anottrans.dat
2016-04-09 13:20 - 2016-04-09 13:11 - 0028160 _____ () C:\Users\Messias\AppData\Local\Anottrans.exe
2016-04-09 13:20 - 2016-04-09 13:11 - 0000187 _____ () C:\Users\Messias\AppData\Local\Anottrans.exe.config
2016-04-09 13:54 - 2016-04-09 13:54 - 0041472 _____ () C:\Users\Messias\AppData\Local\Doublebase.dat
2016-04-09 13:54 - 2016-04-09 13:54 - 0028160 _____ () C:\Users\Messias\AppData\Local\Doublebase.exe
2016-04-09 13:54 - 2016-04-09 13:54 - 0000187 _____ () C:\Users\Messias\AppData\Local\Doublebase.exe.config
2016-04-09 11:47 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2015-11-15 13:25 - 2015-11-15 13:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-04-09 11:48 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-04-09 11:47 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-04-09 11:45 - 2016-04-01 14:51 - 1917952 _____ () C:\ProgramData\msiql.exe
2016-04-09 11:44 - 2016-03-31 11:32 - 1747456 _____ () C:\ProgramData\service.exe
2016-04-09 12:06 - 2016-04-09 12:06 - 0016815 _____ () C:\ProgramData\webad.xml
2016-04-09 11:48 - 2016-04-09 11:32 - 0073452 _____ () C:\ProgramData\YSIns.exe

Arquivos para serem movidos ou deletados:
====================
C:\Users\Messias\AppData\Local\Temp\is-2V1Q0.tmp\print.exe
C:\Users\Messias\AppData\Local\Temp\R7BEVR99F\R7BEVR99F.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YSIns.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YSIns.exe

Alguns arquivos em TEMP:
====================
C:\Users\Messias\AppData\Local\Temp\115E.tmp.exe
C:\Users\Messias\AppData\Local\Temp\1324.tmp.exe
C:\Users\Messias\AppData\Local\Temp\13FF.tmp.exe
C:\Users\Messias\AppData\Local\Temp\1H7LLZRFK3.exe
C:\Users\Messias\AppData\Local\Temp\23333.exe
C:\Users\Messias\AppData\Local\Temp\3B8C.tmp.exe
C:\Users\Messias\AppData\Local\Temp\697.tmp.exe
C:\Users\Messias\AppData\Local\Temp\699B.tmp.exe
C:\Users\Messias\AppData\Local\Temp\6A76.tmp.exe
C:\Users\Messias\AppData\Local\Temp\7KXFGY6VL0.exe
C:\Users\Messias\AppData\Local\Temp\8HMR0E6LHB.exe
C:\Users\Messias\AppData\Local\Temp\92CD.tmp.exe
C:\Users\Messias\AppData\Local\Temp\94492374-D784-9438-D90A-88FF9BFD79E8.exe
C:\Users\Messias\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.dll
C:\Users\Messias\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.exe
C:\Users\Messias\AppData\Local\Temp\ACD3.tmp.exe
C:\Users\Messias\AppData\Local\Temp\AHYCEKZSCR.exe
C:\Users\Messias\AppData\Local\Temp\B0006BDF98.exe
C:\Users\Messias\AppData\Local\Temp\BingSvc.exe
C:\Users\Messias\AppData\Local\Temp\BPIFBAY76M.exe
C:\Users\Messias\AppData\Local\Temp\Browser_V5.6.11466.7_r_4728_(Build1603281525).exe
C:\Users\Messias\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Messias\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Messias\AppData\Local\Temp\cedcb032-3830-4cf1-bf0f-2a794757da62.dll
C:\Users\Messias\AppData\Local\Temp\de08cec8-1bd2-4480-a287-49a9cc4237b5.dll
C:\Users\Messias\AppData\Local\Temp\DO3EOS122J.exe
C:\Users\Messias\AppData\Local\Temp\fsd93D6.exe
C:\Users\Messias\AppData\Local\Temp\FWI5HR5J2L.exe
C:\Users\Messias\AppData\Local\Temp\G0DDNVRCSS.exe
C:\Users\Messias\AppData\Local\Temp\HF8HZHE5C2.exe
C:\Users\Messias\AppData\Local\Temp\LNNAG19APJ.exe
C:\Users\Messias\AppData\Local\Temp\LocustsMescals.dll
C:\Users\Messias\AppData\Local\Temp\mdu_7eurp.exe
C:\Users\Messias\AppData\Local\Temp\nsd7D2C.exe
C:\Users\Messias\AppData\Local\Temp\nsj5734.exe
C:\Users\Messias\AppData\Local\Temp\PGAK1H7OSX.exe
C:\Users\Messias\AppData\Local\Temp\PriceFountainUpdateVer.exe
C:\Users\Messias\AppData\Local\Temp\QMNB180DWQ.exe
C:\Users\Messias\AppData\Local\Temp\SDG4NRH5Y8.exe
C:\Users\Messias\AppData\Local\Temp\TOEBBPML3N.exe
C:\Users\Messias\AppData\Local\Temp\WS8V0BA4JN.exe
C:\Users\Messias\AppData\Local\Temp\XG6B9P0KI1.exe
C:\Users\Messias\AppData\Local\Temp\YZ63W2PLYC.exe
C:\Users\Messias\AppData\Local\Temp\ZEDAIMJLFM.exe

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll
[2015-11-24 12:32] - [2015-11-24 12:32] - 0357888 ____A (Microsoft Corporation) 8B8D593F6C5238B2946032AAE5ABCAF9

C:\Windows\SysWOW64\dnsapi.dll
[2015-11-24 12:32] - [2015-11-24 12:32] - 0270336 ____A (Microsoft Corporation) 7EEAFF6FD4FCB1D6E95BDA9DE135C21F

C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2016-04-09 02:57

==================== Fim de FRST.txt ============================

Signaler le contenu de ce document