Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 18-02-2017 01
Executado por alvinho (administrador) em WILKISONS (19-02-2017 17:02:11)
Executando a partir de C:\Users\alvinho\Downloads
Perfis Carregados: alvinho (Perfis Disponíveis: alvinho)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: "C:\Program Files (x86)\Bossseed\Application\chrome.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
(BitTorrent Inc.) C:\Users\alvinho\AppData\Roaming\uTorrent\updates\3.4.9_43295.exe
(BitTorrent Inc.) C:\Users\alvinho\AppData\Roaming\uTorrent\updates\updates\3.4.9_43295\utorrentie.exe
(BitTorrent Inc.) C:\Users\alvinho\AppData\Roaming\uTorrent\updates\updates\3.4.9_43295\utorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [syshost32] => C:\Users\alvinho\AppData\Local\{0134B95C-8F56-8445-B5B1-4A1D958F6B2B}\syshost.exe <===== ATENÇÃO
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [{5E2ABBEA-EABB-4C06-BD20-AD7597940007}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\mCxX').LMDI)));
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [Client Server Runtime Process] => C:\Users\alvinho\AppData\Roaming\csrss.exe [106612 2017-02-06] ()
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [Host-process Windows (Rundll32.exe)] => C:\Users\alvinho\AppData\Roaming\csrss.exe [106612 2017-02-06] ()
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [Service Host Process for Windows] => C:\Users\alvinho\AppData\Roaming\svchost.exe [106612 2017-02-06] ()
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [Host-process Windows (Rundll3.exe)] => C:\Users\alvinho\AppData\Roaming\svchost.exe [106612 2017-02-06] ()
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4019312 2017-02-13] (Tonec Inc.)
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\msrhbpez.exe <===== ATENÇÃO
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\MountPoints2: {20400548-dd0b-11e6-aff6-3c4a92cefea9} - D:\LGAutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-04-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Nenhum Arquivo
GroupPolicy: Restrição <======= ATENÇÃO
GroupPolicyScripts: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 172.16.11.130
Tcpip\..\Interfaces\{4FD94BAA-D54C-49DB-AB01-091A121127D9}: [DhcpNameServer] 208.67.222.222 172.16.11.130

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131313974536716674&GUID=46E3A024-A001-4196-B5E7-74368B5BEADC
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131313974536716674&GUID=46E3A024-A001-4196-B5E7-74368B5BEADC
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131313974539368678&GUID=46E3A024-A001-4196-B5E7-74368B5BEADC
SearchScopes: HKLM -> DefaultScope {FDC320A9-B4B2-491E-B140-815C11613CB6} URL =
SearchScopes: HKLM-x32 -> DefaultScope valor está ausente
SearchScopes: HKU\S-1-5-21-1550655238-1700085979-1174968902-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1550655238-1700085979-1174968902-1000 -> {FDC320A9-B4B2-491E-B140-815C11613CB6} URL = hxxp://search.yahoo.com/search?p={searchTerms}

FireFox:
========
FF DefaultProfile: 9wm885u1.default
FF ProfilePath: C:\Users\alvinho\AppData\Roaming\Mozilla\Firefox\Profiles\9wm885u1.default [2017-02-19]
FF HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-1550655238-1700085979-1174968902-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\alvinho\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\alvinho\AppData\Roaming\IDM\idmmzcc5 [2017-02-19] [não assinado]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-1550655238-1700085979-1174968902-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\alvinho\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)

Chrome:
=======
CHR StartupUrls: Default -> "search.mpc.am/?geo=br"
CHR Profile: C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default [2017-02-19]
CHR Extension: (Google Apresentações) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-05]
CHR Extension: (Google Docs) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-05]
CHR Extension: (Google Drive) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-05]
CHR Extension: (YouTube) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-05]
CHR Extension: (Documentos Google off-line) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-05]
CHR Extension: (Gmail) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-05]
CHR Extension: (Chrome Media Router) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR Profile: C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-12]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-22]
CHR Profile: C:\Users\alvinho\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-12]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2017-02-04] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2017-02-04] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 PerotainghernerrySystem; C:\Program Files (x86)\Kazushsicty\strlg.dll [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-02-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-02-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2017-02-04] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-10-30] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2017-02-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-02-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-02-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2017-02-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2017-02-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2017-02-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2017-02-04] (AVAST Software)
S1 DelDetectFlt; C:\Windows\System32\drivers\DelDetectFlt.sys [23760 2016-08-06] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-10-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-10-27] (Disc Soft Ltd)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Intel Corporation)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-09-12] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1027984 2016-09-12] (AO Kaspersky Lab)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
S3 54198431744DFF84F9DBB47F12F2F5A0; \??\C:\Users\alvinho\AppData\Local\Temp\{C647CB99-601D-489C-956C-595F1E6A257A}\54198431744DFF84F9DBB47F12F2F5A0.sys [X] <==== ATENÇÃO
S3 avchv; system32\DRIVERS\avchv.sys [X]
S2 memudrv; \??\C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-02-19 16:55 - 2017-02-19 16:56 - 00022192 _____ C:\Users\alvinho\Downloads\Addition.txt
2017-02-19 16:53 - 2017-02-19 17:02 - 00014468 _____ C:\Users\alvinho\Downloads\FRST.txt
2017-02-19 16:52 - 2017-02-19 17:02 - 00000000 ____D C:\FRST
2017-02-19 16:51 - 2017-02-19 16:52 - 02422784 _____ (Farbar) C:\Users\alvinho\Downloads\FRST64.exe
2017-02-19 16:49 - 2017-02-19 16:50 - 01764352 _____ (Farbar) C:\Users\alvinho\Downloads\FRST.exe
2017-02-19 16:48 - 2017-02-19 16:48 - 00002913 _____ C:\Users\alvinho\Downloads\FSS.txt
2017-02-19 16:46 - 2017-02-19 16:47 - 00899584 _____ (Farbar) C:\Users\alvinho\Downloads\FSS.exe
2017-02-19 16:33 - 2017-02-19 16:33 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2017-02-19 16:31 - 2017-02-19 16:31 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\Motorola
2017-02-19 16:15 - 2017-02-19 16:29 - 34236544 _____ (Motorola Mobility) C:\Users\alvinho\Downloads\MotorolaDeviceManager_2.5.4.exe
2017-02-19 00:52 - 2017-02-19 00:55 - 06936408 _____ (Tonec Inc.) C:\Users\alvinho\Downloads\idman627build5.exe
2017-02-19 00:37 - 2011-06-04 02:37 - 00000000 ____D C:\Users\alvinho\Desktop\A Gata Comeu Internacional (by Tiago)
2017-02-19 00:27 - 2017-02-19 00:36 - 119587128 _____ C:\Users\alvinho\Desktop\A Gata Comeu Internacional (by Tiago).rar
2017-02-19 00:24 - 2017-02-19 00:56 - 00001013 _____ C:\Users\alvinho\Desktop\Internet Download Manager.lnk
2017-02-19 00:21 - 2016-09-22 12:57 - 00000000 ____D C:\Users\alvinho\Desktop\Internet Download Manager 6.26.Build.3 + Ativador
2017-02-19 00:15 - 2017-02-19 00:51 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\IDM
2017-02-19 00:15 - 2017-02-19 00:47 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-19 00:15 - 2017-02-19 00:37 - 00000000 ____D C:\Users\alvinho\Downloads\Compressed
2017-02-19 00:15 - 2017-02-19 00:15 - 00000000 ____D C:\Users\alvinho\Downloads\Video
2017-02-19 00:15 - 2017-02-19 00:15 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-19 00:15 - 2017-02-19 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-19 00:14 - 2017-02-19 00:14 - 08180934 _____ C:\Users\alvinho\Desktop\Internet Download Manager 6.26.Build.3 + Ativador.rar
2017-02-17 00:33 - 2017-02-18 00:54 - 00276315 _____ C:\Users\alvinho\Downloads\Donkey Kong Country (U) (V1.2) [!].zst
2017-02-17 00:29 - 2017-02-17 00:29 - 00002048 _____ C:\Users\alvinho\Downloads\Donkey Kong Country 2-Diddys Kong Quest(U)1.1[!].srm
2017-02-16 08:29 - 2017-02-16 08:29 - 00003424 ____N C:\bootsqm.dat
2017-02-14 23:00 - 2017-02-14 23:00 - 00856724 _____ C:\Users\alvinho\Downloads\ZOTAC-WinUSB-Maker-v1-1.zip
2017-02-14 22:42 - 2017-02-14 22:43 - 00949880 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\alvinho\Downloads\rufus-2.12.exe
2017-02-14 20:34 - 2017-02-14 20:34 - 00015049 _____ C:\Users\alvinho\Downloads\documentos-fies-217552-10-2 (1).pdf
2017-02-14 20:33 - 2017-02-14 20:33 - 00015049 _____ C:\Users\alvinho\Downloads\documentos-fies-217552-10-2.pdf
2017-02-13 14:14 - 2016-10-17 12:35 - 00223464 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2017-02-12 16:37 - 2017-02-12 16:37 - 00285728 _____ C:\Windows\Minidump\021217-58328-01.dmp
2017-02-12 15:28 - 2017-02-12 15:28 - 00067160 _____ C:\Users\alvinho\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-12 15:27 - 2017-02-12 15:27 - 00287240 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-12 15:27 - 2017-02-12 15:27 - 00278016 _____ C:\Windows\Minidump\021217-64771-01.dmp
2017-02-12 14:49 - 2017-02-18 00:54 - 00002048 _____ C:\Users\alvinho\Downloads\Donkey Kong Country (U) (V1.2) [!].srm
2017-02-12 14:25 - 2017-02-12 14:28 - 01851316 _____ C:\Users\alvinho\Downloads\snes9x-1.54.1-x64.zip
2017-02-12 13:37 - 2017-02-12 14:28 - 00001908 _____ C:\Windows\diagwrn.xml
2017-02-12 13:37 - 2017-02-12 14:28 - 00001908 _____ C:\Windows\diagerr.xml
2017-02-12 13:37 - 2017-02-12 13:37 - 00000000 ___HD C:\$WINDOWS.~BT
2017-02-12 13:32 - 2017-02-12 13:32 - 00001051 _____ C:\Users\alvinho\Desktop\WinRAR.lnk
2017-02-12 13:30 - 2017-02-12 13:31 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-12 13:30 - 2017-02-12 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-12 13:30 - 2017-02-12 13:31 - 00000000 ____D C:\Program Files\WinRAR
2017-02-12 13:21 - 2017-02-12 15:07 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\obs-studio
2017-02-12 13:20 - 2017-02-14 00:01 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2017-02-12 13:20 - 2017-02-12 13:20 - 00000362 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2017-02-12 13:20 - 2017-02-12 13:20 - 00000000 ____D C:\Users\alvinho\AppData\Local\DriverToolkit
2017-02-10 11:11 - 2017-02-10 11:11 - 00278016 _____ C:\Windows\Minidump\021017-46893-01.dmp
2017-02-10 11:03 - 2017-02-10 11:03 - 00278016 _____ C:\Windows\Minidump\021017-56425-01.dmp
2017-02-09 11:49 - 2017-02-09 11:49 - 00278016 _____ C:\Windows\Minidump\020917-50653-01.dmp
2017-02-09 11:45 - 2017-02-09 11:45 - 00278016 _____ C:\Windows\Minidump\020917-52525-01.dmp
2017-02-09 11:42 - 2017-02-09 11:42 - 00278016 _____ C:\Windows\Minidump\020917-53882-01.dmp
2017-02-09 11:39 - 2017-02-09 11:39 - 00278016 _____ C:\Windows\Minidump\020917-50325-01.dmp
2017-02-09 11:37 - 2017-02-09 11:37 - 00278016 _____ C:\Windows\Minidump\020917-52307-01.dmp
2017-02-09 11:32 - 2017-02-09 11:32 - 00278016 _____ C:\Windows\Minidump\020917-51854-01.dmp
2017-02-09 11:29 - 2017-02-09 11:29 - 00278016 _____ C:\Windows\Minidump\020917-49733-01.dmp
2017-02-09 11:27 - 2017-02-09 11:27 - 00278016 _____ C:\Windows\Minidump\020917-50497-01.dmp
2017-02-09 11:24 - 2017-02-09 11:24 - 00278016 _____ C:\Windows\Minidump\020917-55785-01.dmp
2017-02-07 00:46 - 2017-02-07 00:46 - 03101913 _____ (LIGHTNING UK!) C:\Users\alvinho\Downloads\SetupImgBurn_2.5.8.0.exe
2017-02-07 00:41 - 2017-02-07 00:41 - 00000000 ___HD C:\$Windows.~WS
2017-02-07 00:40 - 2017-02-07 00:41 - 18446672 _____ (Microsoft Corporation) C:\Users\alvinho\Downloads\MediaCreationTool.exe
2017-02-06 13:03 - 2017-02-06 13:03 - 00106612 __RSH () C:\Users\alvinho\AppData\Roaming\svchost.exe
2017-02-06 13:03 - 2017-02-06 13:03 - 00106612 __RSH () C:\Users\alvinho\AppData\Roaming\rundll32.exe
2017-02-06 13:03 - 2017-02-06 13:03 - 00106612 __RSH () C:\Users\alvinho\AppData\Roaming\rundll3.exe
2017-02-06 13:03 - 2017-02-06 13:03 - 00106612 __RSH () C:\Users\alvinho\AppData\Roaming\csrss.exe
2017-02-06 11:56 - 2017-02-06 11:57 - 02449376 _____ (Megaify Software ) C:\Users\alvinho\Downloads\DriverToolkitInstaller.exe
2017-02-05 20:22 - 2017-02-05 20:22 - 00000120 _____ C:\Windows\wininit.ini
2017-02-05 17:20 - 2017-02-05 17:20 - 00000234 _____ C:\Windows\Tasks\At4.job
2017-02-05 17:17 - 2017-02-05 17:17 - 00000234 _____ C:\Windows\Tasks\At3.job
2017-02-05 01:34 - 2017-02-05 01:34 - 02729024 _____ (DLL-Files.com Client ) C:\Users\alvinho\Downloads\clientsetup_d-0.exe
2017-02-05 00:43 - 2017-02-12 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-02-04 19:08 - 2017-02-04 19:08 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-04 19:08 - 2017-02-04 19:08 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-02-04 18:47 - 2017-02-04 18:47 - 00000745 _____ C:\Users\alvinho\Desktop\PointBlank.lnk
2017-02-04 18:47 - 2017-02-04 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PointBlank
2017-02-04 18:41 - 2017-02-04 18:41 - 00000000 ____D C:\ongame
2017-02-04 18:33 - 2016-09-12 22:03 - 01027984 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-02-04 18:33 - 2016-09-12 22:03 - 00305496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-02-04 18:33 - 2016-06-26 14:10 - 00189264 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-02-04 18:14 - 2017-02-19 13:50 - 00000000 ____D C:\Users\alvinho\AppData\LocalLow\uTorrent
2017-02-01 00:29 - 2017-02-01 00:29 - 00276847 _____ C:\Users\alvinho\Desktop\h9WGKTh704JktWM2.mp4
2017-01-31 11:22 - 2017-01-31 11:22 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab Setup Files
2017-01-31 11:22 - 2017-01-31 11:22 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-01-24 14:53 - 2017-01-23 04:39 - 11528192 _____ C:\Users\alvinho\Desktop\dragonboy144.exe
2017-01-23 04:39 - 2017-02-19 00:27 - 00000000 ____D C:\Users\alvinho\Desktop\dragonboy144_Data
2017-01-21 13:59 - 2017-01-21 13:59 - 00000000 ____D C:\Program Files (x86)\ScreenShot
2017-01-21 13:58 - 2017-01-22 12:12 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\ScreenShot
2017-01-21 13:40 - 2017-02-19 00:52 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\DMCache
2017-01-21 13:40 - 2017-01-21 13:40 - 00000000 ____D C:\Users\Todos os Usuários\IDM
2017-01-21 13:40 - 2017-01-21 13:40 - 00000000 ____D C:\ProgramData\IDM
2017-01-20 09:42 - 2017-01-20 09:42 - 00003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1483582181

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-02-19 17:02 - 2016-07-20 09:23 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\uTorrent
2017-02-19 16:32 - 2016-12-11 18:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-19 16:19 - 2016-12-31 20:28 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-19 16:10 - 2016-12-25 17:50 - 00000000 ____D C:\Users\alvinho\Desktop\aa
2017-02-19 14:12 - 2016-08-28 23:00 - 00000392 _____ C:\Windows\Tasks\update-S-1-5-21-1550655238-1700085979-1174968902-1000.job
2017-02-19 12:39 - 2009-07-14 01:45 - 00014544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-19 12:39 - 2009-07-14 01:45 - 00014544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-19 12:31 - 2017-01-14 12:13 - 00000000 ____D C:\Users\alvinho\AppData\Local\CrashDumps
2017-02-19 12:30 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-18 22:25 - 2016-12-31 20:41 - 00021252 _____ C:\Users\alvinho\Desktop\zsnesw.cfg
2017-02-18 22:25 - 2016-12-31 20:41 - 00003806 _____ C:\Users\alvinho\Desktop\zinput.cfg
2017-02-18 22:24 - 2016-12-31 20:42 - 00000257 _____ C:\Users\alvinho\Desktop\rominfo.txt
2017-02-18 22:24 - 2016-12-25 17:50 - 00002480 _____ C:\Users\alvinho\Desktop\zmovie.cfg
2017-02-18 20:47 - 2009-07-29 13:08 - 00831722 _____ C:\Windows\system32\prfh0416.dat
2017-02-18 20:47 - 2009-07-29 13:08 - 00267802 _____ C:\Windows\system32\prfc0416.dat
2017-02-18 20:47 - 2009-07-14 02:13 - 02148114 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-18 20:41 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-18 17:08 - 2017-01-04 23:01 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-17 00:26 - 2016-11-17 17:07 - 00276315 _____ C:\Users\alvinho\Downloads\Super Mario World (U) [!].zst
2017-02-17 00:26 - 2016-11-06 23:44 - 00002048 _____ C:\Users\alvinho\Downloads\Super Mario World (U) [!].srm
2017-02-17 00:22 - 2016-11-17 16:59 - 00002048 _____ C:\Users\alvinho\Downloads\Super Mario World (U) [!] (1).srm
2017-02-14 23:05 - 2016-10-29 13:24 - 00000514 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-02-14 23:05 - 2016-10-29 13:24 - 00000514 __RSH C:\ProgramData\ntuser.pol
2017-02-14 22:53 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-02-14 22:34 - 2016-09-29 00:39 - 00000000 ____D C:\Users\alvinho\Downloads\AHS
2017-02-13 10:17 - 2016-07-30 22:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-12 16:37 - 2016-12-25 14:51 - 2177375202 _____ C:\Windows\MEMORY.DMP
2017-02-12 16:37 - 2016-07-15 15:07 - 00000000 ____D C:\Windows\Minidump
2017-02-12 15:22 - 2016-07-30 22:16 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-12 15:20 - 2016-04-10 11:04 - 00000000 ____D C:\Users\alvinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-02-12 15:20 - 2016-04-10 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-02-12 15:08 - 2016-04-09 12:34 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-02-12 13:37 - 2016-02-26 19:48 - 00000000 ____D C:\Windows\Panther
2017-02-12 13:12 - 2016-04-10 10:58 - 00000000 ____D C:\Program Files (x86)\Image-Line
2017-02-09 11:45 - 2009-07-14 01:45 - 00015360 _____ C:\Windows\system32\umstartup.etl
2017-02-05 17:39 - 2016-08-06 16:36 - 00000000 ____D C:\AdwCleaner
2017-02-04 19:09 - 2016-10-01 22:18 - 00000034 _____ C:\Windows\AvastEmUpdate.ini
2017-02-04 19:09 - 2016-10-01 22:18 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-04 19:08 - 2016-10-30 13:00 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-04 19:08 - 2016-10-01 22:18 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-04 19:07 - 2016-10-30 12:44 - 00536312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-02-04 18:52 - 2017-01-01 22:35 - 00000000 ____D C:\Users\alvinho\Downloads\CD DJ NILDO DANTAS FLASH 2016MMM
2017-01-31 18:42 - 2016-07-28 14:53 - 00000000 ____D C:\Users\alvinho\Documents\Bandicam

==================== Arquivos na raiz de alguns diretórios =======

2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\bittorrent
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files\ByteFence
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\Caster
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\contentprotector
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\Free FLV Player
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files\IObit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\newext
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\Sound+
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\SpaceSoundPro
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files\UBar
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files\winzipper
2016-08-11 12:12 - 2016-08-11 12:12 - 0000000 __RSH () C:\Program Files (x86)\001a0aed-b535-41f9-b730-4f3fc18547ac
2016-08-10 15:28 - 2016-08-10 15:28 - 0000000 __RSH () C:\Program Files (x86)\04ad2202-2a55-4ccc-8c15-8c0b57dc5385
2016-08-11 09:43 - 2016-08-11 09:43 - 0000000 __RSH () C:\Program Files (x86)\04f3d8df-81d5-4285-831c-9a349683c1c3
2016-08-08 18:28 - 2016-08-08 18:28 - 0000000 __RSH () C:\Program Files (x86)\06578a86-e2e2-40d2-ad77-2f2fee00ea7c
2016-08-07 19:28 - 2016-08-07 19:28 - 0000000 __RSH () C:\Program Files (x86)\07380cf7-22d8-4133-b80d-fb0a10c8235d
2016-08-08 20:28 - 2016-08-08 20:28 - 0000000 __RSH () C:\Program Files (x86)\0b25d97d-c770-4274-a490-eef762bd3b5a
2016-08-10 00:28 - 2016-08-10 00:28 - 0000000 __RSH () C:\Program Files (x86)\0de27568-1490-4cd7-8572-e4f662dfc07e
2016-08-10 23:28 - 2016-08-10 23:28 - 0000000 __RSH () C:\Program Files (x86)\0df5f4a9-4368-46c7-991a-ecb45ec328c9
2016-08-11 08:33 - 2016-08-11 08:33 - 0000000 __RSH () C:\Program Files (x86)\0e541f2f-69c8-4790-986e-7be082b369c5
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\1 Media Player
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\1013f810-0ab7-4506-a514-71a11ef1aa3d
2016-08-06 19:28 - 2016-08-06 19:28 - 0000000 __RSH () C:\Program Files (x86)\14f44cb5-c0a8-4c65-a645-35a753af077f
2016-08-10 19:28 - 2016-08-10 19:28 - 0000000 __RSH () C:\Program Files (x86)\1762352f-e9e4-432a-a171-48482318fd89
2016-08-09 20:28 - 2016-08-09 20:28 - 0000000 __RSH () C:\Program Files (x86)\18c4af39-b237-412f-9bdb-dacc3b7b084b
2016-08-11 11:40 - 2016-08-11 11:40 - 0000000 __RSH () C:\Program Files (x86)\229fca08-1797-48d9-b768-05d0253e96e7
2016-08-09 15:28 - 2016-08-09 15:28 - 0000000 __RSH () C:\Program Files (x86)\24214913-bf05-4a18-b604-65fef222a23d
2016-08-08 11:28 - 2016-08-08 11:28 - 0000000 __RSH () C:\Program Files (x86)\26f45921-bc81-4571-8ce6-b4e3bc9452ea
2016-08-11 21:28 - 2016-08-11 21:28 - 0000000 __RSH () C:\Program Files (x86)\27a5eade-d2c2-4246-b568-6d437c2039eb
2016-08-10 12:28 - 2016-08-10 12:28 - 0000000 __RSH () C:\Program Files (x86)\2e24dcdb-680d-413e-a3ad-16ac825d95ab
2016-08-09 16:28 - 2016-08-09 16:28 - 0000000 __RSH () C:\Program Files (x86)\2ee1f897-2cb8-40ec-82eb-32c09e2381e5
2016-08-11 16:28 - 2016-08-11 16:28 - 0000000 __RSH () C:\Program Files (x86)\347a420d-2814-4930-a793-cc8698b346e5
2016-08-07 00:28 - 2016-08-07 00:28 - 0000000 __RSH () C:\Program Files (x86)\3496560a-9976-40cf-a69f-c57e1f7be519
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\360
2016-08-08 17:28 - 2016-08-08 17:28 - 0000000 __RSH () C:\Program Files (x86)\3b15b492-fc53-4ae3-9fb7-9d23280e8c49
2016-08-10 13:28 - 2016-08-10 13:28 - 0000000 __RSH () C:\Program Files (x86)\404987d7-1112-4728-bf34-19bf337f9e54
2016-08-08 10:48 - 2016-08-08 10:48 - 0000000 __RSH () C:\Program Files (x86)\407a192a-71f7-491c-9cac-dac8d409ef34
2016-08-06 16:51 - 2016-08-06 16:51 - 0000000 __RSH () C:\Program Files (x86)\467432d1-abb6-44cc-b413-5555f8e208c2
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\48 dresses
2016-08-06 21:28 - 2016-08-06 21:28 - 0000000 __RSH () C:\Program Files (x86)\4a9c0cd4-eaa5-43b4-887f-8dc7627bde0d
2016-08-10 22:42 - 2016-08-10 22:42 - 0000000 __RSH () C:\Program Files (x86)\4acc615b-df11-460e-85d1-f3875d6d8b11
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\4f97eaf8-c4e3-44c6-af7f-76093e56b915
2016-08-09 21:28 - 2016-08-09 21:28 - 0000000 __RSH () C:\Program Files (x86)\52375842-ee9f-47b4-9712-b7a698feee55
2016-08-07 15:28 - 2016-08-07 15:28 - 0000000 __RSH () C:\Program Files (x86)\5677f487-9c9e-4051-b4a2-d56ec889f122
2016-08-09 12:28 - 2016-08-09 12:28 - 0000000 __RSH () C:\Program Files (x86)\5fa19f9f-661f-4d7c-8a60-b7ce6c363386
2016-08-06 22:28 - 2016-08-06 22:28 - 0000000 __RSH () C:\Program Files (x86)\6238304c-06b1-4790-aa7b-f8a4f7b535f7
2016-08-11 15:28 - 2016-08-11 15:28 - 0000000 __RSH () C:\Program Files (x86)\62c686ae-e7f8-43dd-8285-a1d0bbefdf5c
2016-08-07 12:28 - 2016-08-07 12:28 - 0000000 __RSH () C:\Program Files (x86)\6a36979b-78cb-4f6f-b3d3-d23d5746f09f
2016-08-06 17:30 - 2016-08-06 17:30 - 0000000 __RSH () C:\Program Files (x86)\6b30cd07-4e87-47f9-bda9-3eb491169913
2016-08-07 20:28 - 2016-08-07 20:28 - 0000000 __RSH () C:\Program Files (x86)\6eaf351b-d646-4317-895b-12f8a1e5b240
2016-08-07 14:28 - 2016-08-07 14:28 - 0000000 __RSH () C:\Program Files (x86)\6ec1892b-b278-4b73-8e1b-4793d544f67d
2016-08-08 19:28 - 2016-08-08 19:28 - 0000000 __RSH () C:\Program Files (x86)\6ec25fa9-d576-42e0-80db-acc4c949c52e
2016-08-09 17:28 - 2016-08-09 17:28 - 0000000 __RSH () C:\Program Files (x86)\715dce6f-5026-4767-825d-1b5750319f9b
2016-08-10 10:25 - 2016-08-10 10:25 - 0000000 __RSH () C:\Program Files (x86)\726bed65-1d79-4212-9541-10e36e08af48
2016-08-11 17:28 - 2016-08-11 17:28 - 0000000 __RSH () C:\Program Files (x86)\72fc9e5b-9c5b-4b9f-a1d9-27bd0b5237a3
2016-08-06 23:28 - 2016-08-06 23:28 - 0000000 __RSH () C:\Program Files (x86)\73a099e9-7fa0-41c8-883a-c0fa3b58c443
2016-08-11 20:28 - 2016-08-11 20:28 - 0000000 __RSH () C:\Program Files (x86)\73b425c6-32ab-44d5-b936-e97977aa7e97
2016-08-11 11:50 - 2016-08-11 11:50 - 0000000 __RSH () C:\Program Files (x86)\75877740-de3e-446b-a849-5a2c6ee2b094
2016-08-10 17:28 - 2016-08-10 17:28 - 0000000 __RSH () C:\Program Files (x86)\76af951e-71b6-4f16-8013-b751212c1de0
2016-08-10 22:32 - 2016-08-10 22:32 - 0000000 __RSH () C:\Program Files (x86)\76e42604-6cfd-4749-96db-8e787d17a5aa
2016-08-12 00:28 - 2016-08-12 00:28 - 0000000 __RSH () C:\Program Files (x86)\77a0864b-b726-4751-8bdd-a7689c9a8d6e
2016-08-10 14:28 - 2016-08-10 14:28 - 0000000 __RSH () C:\Program Files (x86)\785e236b-7afe-4097-b263-fde6ee40efda
2016-08-07 16:28 - 2016-08-07 16:28 - 0000000 __RSH () C:\Program Files (x86)\793e9165-e0a4-4ea1-b038-741cde14c6eb
2016-08-10 21:28 - 2016-08-10 21:28 - 0000000 __RSH () C:\Program Files (x86)\7addb49d-6190-44b7-922b-56476cfad393
2016-08-07 18:28 - 2016-08-07 18:28 - 0000000 __RSH () C:\Program Files (x86)\7bee4d98-cf1b-4bf2-8804-9200b1a0136c
2016-08-07 12:18 - 2016-08-07 12:18 - 0000000 __RSH () C:\Program Files (x86)\8b3a934b-a2a4-4009-94e5-c37762f4e6f3
2016-08-09 23:28 - 2016-08-09 23:28 - 0000000 __RSH () C:\Program Files (x86)\8cd48fa7-4005-40da-99dd-3c026ad2e804
2016-08-07 02:28 - 2016-08-07 02:28 - 0000000 __RSH () C:\Program Files (x86)\91d34943-521e-457f-b771-380669cbf1bf
2016-08-06 17:54 - 2016-08-06 17:54 - 0000000 __RSH () C:\Program Files (x86)\9646b34e-3d3f-4c34-82e2-2bb7525130bd
2016-08-11 19:28 - 2016-08-11 19:28 - 0000000 __RSH () C:\Program Files (x86)\994e5c96-ab65-409f-890e-43d366176660
2016-08-08 14:28 - 2016-08-08 14:28 - 0000000 __RSH () C:\Program Files (x86)\9ab95efb-a907-488e-983f-bc0eab62fd92
2016-08-10 10:15 - 2016-08-10 10:15 - 0000000 __RSH () C:\Program Files (x86)\9c652ac8-1029-4619-8d3b-f5eb00cc9de0
2016-08-07 01:28 - 2016-08-07 01:28 - 0000000 __RSH () C:\Program Files (x86)\9dd3b4e8-eb58-4a25-8b83-f2b94f4dd518
2016-08-08 12:28 - 2016-08-08 12:28 - 0000000 __RSH () C:\Program Files (x86)\9fc04c3a-fb7e-4c08-b4b5-6e05825ec67f
2016-08-09 19:28 - 2016-08-09 19:28 - 0000000 __RSH () C:\Program Files (x86)\a0989689-67d9-483f-a6f4-3d7e5752ee51
2016-08-08 13:28 - 2016-08-08 13:28 - 0000000 __RSH () C:\Program Files (x86)\a6f80203-35da-42ea-8ca1-2443832c7af3
2016-08-08 23:28 - 2016-08-08 23:28 - 0000000 __RSH () C:\Program Files (x86)\abad9101-8823-45fb-9d7d-a098ee11eea6
2016-08-09 13:28 - 2016-08-09 13:28 - 0000000 __RSH () C:\Program Files (x86)\ac840202-255d-45c3-86fa-76fc7533cfb2
2016-08-09 10:28 - 2016-08-09 10:28 - 0000000 __RSH () C:\Program Files (x86)\ac980850-2b05-47e2-a586-a26317d8d669
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Ad Muncher
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Adblock for Youtube
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\AdBlocker
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Adguard
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ADSKIP
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\advPlugin
2016-08-07 23:28 - 2016-08-07 23:28 - 0000000 __RSH () C:\Program Files (x86)\af2aa1bf-b57c-4637-8cd1-34bf9c3c1459
2016-08-08 21:28 - 2016-08-08 21:28 - 0000000 __RSH () C:\Program Files (x86)\af308ce2-6d45-4ac6-bfc7-97aea500dd83
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Aktiv Download Manager
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Anisatain
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\AnvSoft Web FLV Player Free
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Any Angle
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\AnyProtectEx
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\AnySend
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Application Assistance
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Atapacult
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\AudioVideoKit
2016-08-11 14:28 - 2016-08-11 14:28 - 0000000 __RSH () C:\Program Files (x86)\b3ac8d22-2ca6-4ded-abd7-f6701972c189
2016-08-11 12:28 - 2016-08-11 12:28 - 0000000 __RSH () C:\Program Files (x86)\b4dcf672-ac23-48fe-a741-5a6572e06761
2016-08-10 11:28 - 2016-08-10 11:28 - 0000000 __RSH () C:\Program Files (x86)\b58171f3-fe5a-41a2-ae38-3584cd5b8ecd
2016-08-07 17:28 - 2016-08-07 17:28 - 0000000 __RSH () C:\Program Files (x86)\b65f7111-93be-4b61-b9cb-3e8dcfad2f67
2016-08-10 16:28 - 2016-08-10 16:28 - 0000000 __RSH () C:\Program Files (x86)\b9e5c5e3-9643-4789-8961-7e19bcc36fe5
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ba3du
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\badu
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\BaiduEx
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\baidus.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Baisvik
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\BB10 PlayBook App Manager
2016-08-07 13:28 - 2016-08-07 13:28 - 0000000 __RSH () C:\Program Files (x86)\bba4117f-2f0c-4f40-bd03-16c1c2f04327
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\BBerry
2016-08-11 13:28 - 2016-08-11 13:28 - 0000000 __RSH () C:\Program Files (x86)\bcf17203-9a09-4b2e-b091-e18c34d49b91
2016-08-08 00:28 - 2016-08-08 00:28 - 0000000 __RSH () C:\Program Files (x86)\bcf4c8c5-b4c1-4a67-819c-5a90b0741b36
2016-08-09 22:28 - 2016-08-09 22:28 - 0000000 __RSH () C:\Program Files (x86)\be44da40-8615-4d83-a8b1-25fff6ebab02
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\BonusBerry
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Booking.com
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Box Green
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\browse pulse
2016-08-09 00:28 - 2016-08-09 00:28 - 0000000 __RSH () C:\Program Files (x86)\c07d0867-13d7-4c90-9fca-486e170b1cfc
2016-08-09 18:28 - 2016-08-09 18:28 - 0000000 __RSH () C:\Program Files (x86)\c2983de3-7676-480d-a87d-81dc3b5fcf22
2016-08-09 14:28 - 2016-08-09 14:28 - 0000000 __RSH () C:\Program Files (x86)\c657f8e3-d2fc-4103-9d83-fdee15bbbf03
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Caster
2016-08-06 20:28 - 2016-08-06 20:28 - 0000000 __RSH () C:\Program Files (x86)\cd2aa7a7-6edf-4baf-87ac-4e3acc69d546
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Cegush
2016-08-08 22:28 - 2016-08-08 22:28 - 0000000 __RSH () C:\Program Files (x86)\cf4346f9-0be0-4cc9-9fae-6ae95770b7ff
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Checked List
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Chedot
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ChicaLogic
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Cideyguvay
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Clcegh
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\clean2pc
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\CleanBrowser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Clip2net
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\cmcm
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Dots
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\comoboss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\compfix
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ContentProtector
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Cool getWeather
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Coupon Time
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\CouponsPlus
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\COVERT Pro
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Crazy Score
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Crossbrowse
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Csrss Updater
2016-08-11 08:43 - 2016-08-11 08:43 - 0000000 __RSH () C:\Program Files (x86)\d269f752-70ee-40e5-936b-b31934139908
2016-08-10 10:28 - 2016-08-10 10:28 - 0000000 __RSH () C:\Program Files (x86)\d2fa6236-7fb5-4e95-b284-aff218ceabd0
2016-08-11 23:28 - 2016-08-11 23:28 - 0000000 __RSH () C:\Program Files (x86)\d57fbf0c-36f0-4c8f-bc1d-288fb1de4b96
2016-08-07 22:28 - 2016-08-07 22:28 - 0000000 __RSH () C:\Program Files (x86)\dc70c94e-1ffc-4b1f-956b-71959a7c31bc
2016-08-10 20:28 - 2016-08-10 20:28 - 0000000 __RSH () C:\Program Files (x86)\dd93a7ef-364f-49fb-bc1c-eff813425d87
2016-08-11 18:28 - 2016-08-11 18:28 - 0000000 __RSH () C:\Program Files (x86)\dd9d1abf-158b-4898-8d19-04290c5e50fa
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Defsoft
2016-08-10 18:28 - 2016-08-10 18:28 - 0000000 __RSH () C:\Program Files (x86)\dfded742-c9ee-423f-b777-751306d5dbc0
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Dig Deep
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Digital More
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\dlsecuretb
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\DNS Unlocker
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\DolkaRuIePlugin
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Dolphin Deals
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\DoubleOptMedia
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\DriverPack Notifier
2016-08-08 16:28 - 2016-08-08 16:28 - 0000000 __RSH () C:\Program Files (x86)\e02e641e-d535-4797-87cd-2b9508cfcce7
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\EasyHotspot
2016-08-09 11:28 - 2016-08-09 11:28 - 0000000 __RSH () C:\Program Files (x86)\eb333e55-f723-458a-9e2e-0a35424716a4
2016-08-08 15:28 - 2016-08-08 15:28 - 0000000 __RSH () C:\Program Files (x86)\ec6acd75-b681-43aa-b9d6-a5d6e62e1885
2016-08-11 22:28 - 2016-08-11 22:28 - 0000000 __RSH () C:\Program Files (x86)\ec7e448c-5730-49ed-ae55-6960170aa2e4
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Edu App
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\EngineRunner
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\EoxstraCouppon
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ExsutraCouepoNN
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ExtensionSimple Blocker
2016-08-07 03:28 - 2016-08-07 03:28 - 0000000 __RSH () C:\Program Files (x86)\f5dd27b1-3263-4038-8447-837ef8ef3386
2016-08-07 21:28 - 2016-08-07 21:28 - 0000000 __RSH () C:\Program Files (x86)\f77935e6-a509-4f66-a479-69ef0bd71548
2016-08-07 12:28 - 2016-08-07 12:28 - 0000000 __RSH () C:\Program Files (x86)\f8eaf238-1275-4fb7-a48e-fb4e1a21143d
2016-08-06 18:28 - 2016-08-06 18:28 - 0000000 __RSH () C:\Program Files (x86)\fafcfdce-56f8-4e13-a6f4-5abff5f4a7e5
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\FastoPlayer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\FB Color Changer
2016-08-09 10:10 - 2016-08-09 10:10 - 0000000 __RSH () C:\Program Files (x86)\fcf4b909-cb5e-4161-b1e7-3c9dad5cbcc0
2016-08-11 09:53 - 2016-08-11 09:53 - 0000000 __RSH () C:\Program Files (x86)\fe39675b-eb37-4421-8209-ccc9f59597d6
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Fedaryqeule
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\filter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Free VPN
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Fresh Outlook
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Funshion Online
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\FusionPlayer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Games-desktop
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\GamesRS
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\GameXPServic
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\GameXPService
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Ge-Force
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\GetGo Software
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Ghostery Storage Server
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Glass Bottle
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\globalUpdate
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Hack this page
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Hamster Soft
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HDef
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HDefsoft
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HelloSign for Gmail
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\High Stairs
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HomePageDefender
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HomeTab
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\host
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Hostify
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HP Defender
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\HpDef
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\iCloud Bookmarks
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\IconRunner
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\igs
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\IncludeFunc
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\IObit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\IQIYI Video
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\iWebar
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Jejochclipasp
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Jungle Net
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\kbasesrv
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\kingsoft
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Kinoroom Browser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Lavasoft
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\LibraryGeneration
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\LightEngine
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\LighterSystem
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\LiveReader
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\LiveUpdateWPP
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\LiveWPPUpdate
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Local Weather Beta
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Lorckphsary
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\maintenance software
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Max Computer Cleaner
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Max Deal
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Max Driver Updater
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MaxComputerCleaner
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Media Player Z
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Media Saver
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MediaPlayAir
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Microsoft Data
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MiniLite
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MiPony
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MixVideoPlayer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MobilePCStarterKit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Mobogenie3
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Momentum
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MoshouInput
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MovieDea
2016-08-12 08:46 - 2016-08-12 08:46 - 0000000 __RSH () C:\Program Files (x86)\MPC Cleaner
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MPC-HC
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\mpck
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\mpck_en_005030263
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Muftion
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MusicVK
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Musix Search
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MusixLib
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\MyPC Backup
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\mystarttb
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\netfilter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\newext
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Nimeckreelule
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\NosClient
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Note-up
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Object Browser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Obnovi Soft
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\On Stage
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\OneSystemCare
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\onlysearch
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\osTip
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PathMaxx
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PC Speed Up
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PC-Mechanic
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PCfix
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PCPitstop
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PennyBee
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Pine Tree
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Poper Blocker
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Popi TV
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PragmaEdit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Preghpluaph
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PreiceLeSs
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PremierOpinion
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PricceeLess
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PricceLess
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PricELeeSas
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PriceLEoss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PriceLEss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PrIceLesss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PrIceLiEsus
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PriceLLeess
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PriceLoesss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PriiceLesss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PriicueLEss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Primary Color
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ProcessFoobar
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\PRoiceLesss
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Proxy SwitchyOmega
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Pwtyfemuk
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\qksee
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\QQBrowser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Quick Weather Updates
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\RapidMediaConverter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ReactorKeeper
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ReactorSubs
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\RelayDouble
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\RelevantKnowledge
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Rozenaock
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Sale Charger
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Sale Clipper
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SavePass 1.1
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\sbqh
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Score Escape
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Search Extensions
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SearchProtect
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SearchSnacks
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SensePlus
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Senses
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SFK
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Shamotawoph
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Sharp Angle
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Shop and Save Up
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Shop Master
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Shop til Drop
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ShopperPro
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Sm23mS
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Smileys We Love Toolbar for IE
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\snipsmart
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Sonix
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Sorawardanagck
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\spart
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SpeedSearchesbnd
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SrpnFiles
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Staflecluwuent
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Stealthy
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Steel Cut
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\StrengthPlus
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Summer Sports
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\sun king
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\sunnyday
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SunnyDay21
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SunnyDay3
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SunnyDayApps
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Super Optimizer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SuperBrowser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SupTab
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\surf slide
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Swift Record
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\SystClean
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\System Optimizer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\SystemDefend
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\TampaEdit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Techgil
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Thacationqkk
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ThinkProtect
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ThinkupWP
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Thquse
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\TNT2
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\tooldev342
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Tor Browser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Torrent Search
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\ttwifi
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\TuneUp Utilities
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\TurboWire
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Twilight Tech
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Uniblue
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Unlimited Free VPN betternet
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\UPCleaner
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Video Downloader professional
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Video Saver
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Video Saver 2
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\VideoBox
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Visual Protect Service
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\VK Downloader
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\VK OK AdBlock
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\VKSmile
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\VuuPC
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WajaNetEn
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WeatherChickn
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Web Amplified
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WebBars
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WebProtector
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WebProtectorPlus
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Wifisrv
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Wincy
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WindeskWinsearch
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Winsere
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WinSvces
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WinTaske
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WinTsks
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\WinZipper
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\win_en_77
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Wohegh
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Wooden Seal
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\x-rates
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\XTab
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\XTRM Group
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Yeaplayer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\YouTube Accelerator
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\youtubeadblocker
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\YTAHelper
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\YTDownloader
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\zaxar
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Zepashchcacult
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Program Files (x86)\ZetaGames
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Zona
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Аудио и видео скачивание
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Files\Baidu
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Files\Duo-Ing
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Files\Over-Ex
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Files\PlusStatsing
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Files\Tintough
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Program Files (x86)\Common Files\TopLinks
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\AdBlockerator
2010-08-28 17:43 - 2010-08-28 17:43 - 0096256 ____N (Google, inc) C:\Users\alvinho\AppData\Roaming\AdbWinApi.dll
2010-08-28 17:43 - 2010-08-28 17:43 - 0060928 ____N (Google, inc) C:\Users\alvinho\AppData\Roaming\AdbWinUsbApi.dll
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Advancedpccare.com
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\AppHelper
2016-09-06 13:54 - 2016-09-06 13:54 - 0054272 _____ () C:\Users\alvinho\AppData\Roaming\ApplicationHosting.dat
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Appverifier
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ArchiveLeader
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ASPackage
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\bafhhmlkbcigapgkfdgfikhkkaihpjjn
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\BetterViewer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Booking_helper
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Calculator
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\CenterPicture
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\CentralPicture
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\checkers
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\CloudPrinter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ConditionalRedirect
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\costmin
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\CoupSeek
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\cpuminer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\csdimedia
2017-02-06 13:03 - 2017-02-06 13:03 - 0106612 __RSH () C:\Users\alvinho\AppData\Roaming\csrss.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\daemon.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\DailyWiki
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\DigitalSites
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\do-search
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Doubleing
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\DriverPack Notifier
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\drpsu
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\EasyFileOpener
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\eCyber
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\EmailNotifier
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\et
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\FastLinkChrome
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\FastVKOpen
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\FlvPlayer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\FreeVPN
2016-09-06 13:54 - 2016-09-06 13:54 - 2279413 _____ () C:\Users\alvinho\AppData\Roaming\Freshhome.bin
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Gameo
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\GbUpdSrv
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Genieo
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\GetGo Software
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\GoldenGate
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\gplyra
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Homepager
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ImageCenter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ImageCropResize
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\InstallChecker
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\instatime
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\IObit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\IQIYI Video
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\istartpageing
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\istartsurf
2016-08-06 15:25 - 2016-08-06 15:24 - 0678912 _____ () C:\Users\alvinho\AppData\Roaming\Kandox.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Lamzap
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\LoadLeader
2016-09-06 13:54 - 2016-09-06 13:54 - 0126464 _____ () C:\Users\alvinho\AppData\Roaming\lobby.dat
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\luckysearches
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Mactowebise
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\MailUpdate
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Micron
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\MoshouInput
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\mspop.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\MyDesktop
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\mysites123
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Neiron
2017-01-01 21:57 - 2017-01-01 22:15 - 0033143 _____ () C:\Users\alvinho\AppData\Roaming\net.telestream.wirecast.xml
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ntsvc
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\NUIns
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\omniboxes
2016-09-06 13:54 - 2016-09-06 13:48 - 0705536 _____ () C:\Users\alvinho\AppData\Roaming\Ontotrax.exe
2016-09-06 13:54 - 2016-09-06 13:54 - 0072706 _____ () C:\Users\alvinho\AppData\Roaming\Ontotrax.tst
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\OpenCandy
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\OpenKP
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\OpLinks
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\oursurfing
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\PCFix
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\PennyBee
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\pptassist
2016-12-13 14:45 - 2016-12-13 18:54 - 0000132 _____ () C:\Users\alvinho\AppData\Roaming\Preferências do formato PNG do Adobe CS5
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\PriceFountain
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\PriceFountainUpdateVer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\PushControl
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\qksee
2016-09-06 13:54 - 2016-09-06 13:54 - 0848565 _____ () C:\Users\alvinho\AppData\Roaming\Quoteit.bin
2017-02-06 13:03 - 2017-02-06 13:03 - 0106612 __RSH () C:\Users\alvinho\AppData\Roaming\rundll3.exe
2017-02-06 13:03 - 2017-02-06 13:03 - 0106612 __RSH () C:\Users\alvinho\AppData\Roaming\rundll32.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Schedule
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ScreenChromeShot
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\SetMyHomePage
2016-08-06 15:26 - 2016-08-06 15:26 - 7616340 _____ () C:\Users\alvinho\AppData\Roaming\setup.apk
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ShopperPro
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\SimplyTech
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\SmartSearch
2016-08-06 15:25 - 2016-08-06 15:24 - 0678912 _____ () C:\Users\alvinho\AppData\Roaming\SolZoofind.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\sparta111
2016-09-06 13:54 - 2016-09-06 13:48 - 0705536 _____ () C:\Users\alvinho\AppData\Roaming\Strong-Flex.exe
2016-09-06 13:54 - 2016-09-06 13:54 - 1905098 _____ () C:\Users\alvinho\AppData\Roaming\Strong-Flex.tst
2017-02-06 13:03 - 2017-02-06 13:03 - 0106612 __RSH () C:\Users\alvinho\AppData\Roaming\svchost.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\svshost
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TextEditor
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TheismsLimb
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TimeTasks
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TomorrowGames
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Torrent_Search_PED
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TrailerWatch
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TSearch
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\TSv
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\UltimateSpeedTester
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Uncheckit
2016-09-06 13:55 - 2016-09-06 13:55 - 0032038 _____ () C:\Users\alvinho\AppData\Roaming\uninstall_temp.ico
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\UPUpdata
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\VK OK AdBlock
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\VKDJ
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\VKMusic
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\vkPro
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\VooUpdate
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\VOPackage
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WADHostAgent
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WeatherChickn
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\webssearches
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WinDiagnosis
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WindowsMangerProtect
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WindowsProtectManger
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WindowsUpdater
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WinZiper
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\WiseManager
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\x11
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\yoursearching
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\YSearcher
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\YTAHelper
2016-08-06 15:17 - 2016-06-30 04:59 - 5267952 _____ () C:\Users\alvinho\AppData\Roaming\ziptool_wc-9025_setup.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Zona
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\ZU_WarThunder
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Microsoft\Video
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Roaming\Microsoft\Vision
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\AdsBlokator
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\allskidkimos
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Apps
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ArchaizeDrupe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\AuthoritiesThreefold
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\avabvyxvdy
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\AVKModules
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\BiggishBlanch
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Birds
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Birds365
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Blacount
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\CalibrationWorthless
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ComDev
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\CongasNecessariness
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ContradictivePrudes
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ConvertAd
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\crossbrowse
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\CrutchBubbled
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\DailyWiki
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\DemotionDactylus
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\DesktopMessenger
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\DigitalisFossilize
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\DistributeeAngers
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\DwellsSeismometric
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\extension
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\extensions
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\filesystemdriver
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\FlaggingsPlatesful
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\fupdate
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\FusionPlayer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Gameo
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\GamesBot
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\GetGo
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\GMon Updater
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\GobbledegookReconfigure
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\GoodGame Empire
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\HasheeshesDiadic
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Host Service
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\hostinstaller
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\hotskidki
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\HourNews
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\HttpFilter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\igs
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ImaginersGlares
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\InstallManager
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\InstaTime
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\InterplayIntelligent
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\IntroversionForerunners
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\IObit installer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ipro
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ipro2
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\itorrent
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\JamboreesAwol
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\JoysUncleaned
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\kometa
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\LobotomizeOverrank
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\macasoft
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\MasterpiecesSlitting
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Media Get LLC
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\mediaget
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\mediaget2
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\MEGAsync
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\MinimsPunkin
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Mojorojo
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\nethost
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\OmeletsBefool
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PegboardUpwelling
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PhoenixBrowserUpdater
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PowerMonitor
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PPTAssist
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PreachierOffhanded
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\prestrm
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PriceFountain
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PriceMeter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ProfitSaver
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\promoskiki
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\PushControl
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Ruspromocode
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SaveYouTime
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\screentk
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ScriptWriter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SearchGo
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SHAREit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SmartWeb
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Sparta
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SunnyDay21
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SunnyDay3
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SuperBrowser
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\svshost
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SysassistByHotWheel
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SysHlp
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\syslog
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\sysnet
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SystemDir
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\SystemMonitor2016
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\TangentiallyMowers
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\tuto_monetize_120160517
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\UmmyVideoDownloader
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Up Top
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\UpdateAdmin
2017-01-29 18:12 - 2017-01-29 18:12 - 0000003 _____ () C:\Users\alvinho\AppData\Local\updater.log
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\valuablecoupons
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\vsemposkidki
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\WebExtend
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\wincheck
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Win_update
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\win_updatez
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\YaNews
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ZetaGamesNews
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\ZetaGamesViewer
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\Users\alvinho\AppData\Local\Аудио и видео скачивание
2016-08-06 16:29 - 2016-08-06 16:29 - 0000000 __RSH () C:\ProgramData\3a102768-b60d-4837-a368-ea9fa8581a50
2016-08-06 16:29 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\Cloudprinter
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\dchp
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\Doubleing
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\emailnotifier
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\ProgramData\IObit
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\KRB Updater Utility
2016-07-30 22:15 - 2016-04-14 12:11 - 68068352 ___SH () C:\ProgramData\msrhbpez.exe
2016-07-30 22:15 - 2016-04-14 12:11 - 100839296 ___SH () C:\ProgramData\msttx.exe
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\RenewalService
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\Ronzap
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\Smilebar
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\Statdex
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\SwinpS
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\Torrent_Search_PED
2016-08-06 15:25 - 2016-08-06 15:25 - 0000000 __RSH () C:\ProgramData\UBar
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\viaair
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\VideoFetcher
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\VkontakteDJ
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\VKSaver
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\xifs
2016-08-06 15:28 - 2016-08-06 15:28 - 0000000 __RSH () C:\ProgramData\xwinpx

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\msrhbpez.exe
C:\ProgramData\msttx.exe
C:\Users\Todos os Usuários\msrhbpez.exe
C:\Users\Todos os Usuários\msttx.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Alguns arquivos em TEMP:
====================
2017-02-04 21:23 - 2017-02-04 21:23 - 0000512 _____ () C:\Users\alvinho\AppData\Local\Temp\287c499808bcff52a39d16f78044882a.dll
2017-02-04 21:24 - 2017-02-17 17:07 - 0000056 _____ () C:\Users\alvinho\AppData\Local\Temp\7f3d54756139e82cf3ffa532a2f813fb.dll
2017-02-05 12:28 - 2012-06-06 02:03 - 0805376 _____ (Microsoft Corporation) C:\Users\alvinho\AppData\Local\Temp\cdo1649735267.dll
2017-02-14 21:45 - 2012-06-06 02:03 - 0805376 _____ (Microsoft Corporation) C:\Users\alvinho\AppData\Local\Temp\cdo2352890204.dll
2017-02-14 21:45 - 2012-06-06 02:03 - 0805376 _____ (Microsoft Corporation) C:\Users\alvinho\AppData\Local\Temp\cdo2409353455.dll
2017-02-15 11:27 - 2012-06-06 02:03 - 0805376 _____ (Microsoft Corporation) C:\Users\alvinho\AppData\Local\Temp\cdo2766247312.dll
2017-02-14 22:40 - 2017-02-14 22:41 - 1877216 _____ (Web stub ) C:\Users\alvinho\AppData\Local\Temp\ICReinstall_Baixaki_winusb-maker_VmgdFo.exe
2017-01-21 13:58 - 2017-01-21 13:58 - 0996568 _____ ( ) C:\Users\alvinho\AppData\Local\Temp\ICReinstall_re4hd_br-v1.00[].exe

Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\CRMSvc.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-02-12 16:33

==================== Fim de FRST.txt ============================