Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:10-01-2015 01 Executado por Marcio (administrador) em MARCIO-PC (16-01-2016 22:06:37) Executando a partir de C:\Users\Marcio\Downloads Perfis Carregados: Marcio (Perfis Disponíveis: Marcio & DefaultAppPool) Platform: Windows 10 Pro (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Microsoft Corporation) C:\WINDOWS\System32\runonce.exe (Savre) C:\Program Files\Sound+\idscservice.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe () C:\Program Files (x86)\Garena Plus\ggdllhost.exe () C:\Program Files (x86)\Garena Plus\ggdllhost.exe (Intel Corporation) C:\WINDOWS\System32\igfxtray.exe (Intel Corporation) C:\WINDOWS\System32\hkcmd.exe (Intel Corporation) C:\WINDOWS\System32\igfxpers.exe (Pixart Imaging Inc) C:\WINDOWS\System32\TiltWheelMouse.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Akamai Technologies, Inc.) C:\Users\Marcio\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Marcio\AppData\Local\Akamai\netsession_win.exe () C:\Users\Marcio\AppData\Roaming\msiql.exe () C:\ProgramData\WindowsMsg\osmsg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3738336 2015-10-27] (ELAN Microelectronics Corp.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-24] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2015-12-12] (Pixart Imaging Inc) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2016-01-08] (Realtek Semiconductor) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [MTview] => C:\Program Files (x86)\MTV20151125\MTView.exe -mini HKLM-x32\...\Run: [LightGate] => C:\Users\Marcio\AppData\Local\Temp\LightGate.exe <===== ATENÇÃO HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKLM\...\RunOnce: [IDSCPRODUCT] => C:\Program Files\Sound+\idscservice.exe [120832 2016-01-14] (Savre) HKLM-x32\...\RunOnce: [PriceFountain] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\WINDOWS\system32\config\SYSTEM~1\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat" HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [10008512 2015-11-24] () HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7045912 2014-11-13] (Piriform Ltd) HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marcio\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd) HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [CrashService] => "C:\Users\Marcio\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [-] => C:\Users\Marcio\AppData\Roaming\msiql.exe [2412032 2016-01-14] () HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [lsas] => C:\Program Files (x86)\t_201601142216\201601142216\lsas.exe -mini HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [Yeaplayer] => C:\Program Files (x86)\Yeaplayer\Yeaplayermd.exe /autostart HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\E65602AFF61208B55B30B58739BDA171.dll Start /RUNNING HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [Pritc] => C:\WINDOWS\Temp\00001993\casrss.exe [2980352 2016-01-16] (VLOME) <===== ATENÇÃO HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1905664 2016-01-16] () HKU\S-1-5-21-3906656628-415594203-1951508915-1001\...\MountPoints2: {4b3a3a2b-b100-11e5-8d81-f46d04ab88ac} - "F:\Launch.exe" HKU\S-1-5-18\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot HKU\S-1-5-18\...\RunOnce: [PriceFountain] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\WINDOWS\system32\config\SYSTEM~1\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat" Startup: C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-01-15] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8bdb8c19-8aa4-4017-93de-85bee677a1e2}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b7197392-10ba-4335-8ef3-d2effeebe266}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=62275d583dac74dc1d4012b88782cade HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=62275d583dac74dc1d4012b88782cade SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3906656628-415594203-1951508915-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3906656628-415594203-1951508915-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3906656628-415594203-1951508915-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-10-01] ( Garena) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) Chrome: ======= CHR HomePage: Profile 1 -> search.mpc.am CHR StartupUrls: Profile 1 -> "search.mpc.am" CHR Profile: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Apresentações) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-15] CHR Extension: (Google Docs) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15] CHR Extension: (Google Drive) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15] CHR Extension: (YouTube) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15] CHR Extension: (Google Search) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15] CHR Extension: (Planilhas do Google) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-15] CHR Extension: (Documentos Google off-line) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-15] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-15] CHR Extension: (Gmail) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-10-27] (ELAN Microelectronics Corp.) S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-01-14] (TODO: ) [Arquivo não assinado] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-04-24] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc) R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado] R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315664 2016-01-08] (Realtek Semiconductor) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-10-28] (Razer Inc.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3196768 2015-09-25] (Samsung Electronics CO., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) S2 GoogleChromeUpService; C:\ProgramData\service.exe /s GoogleChromeUpService /uid:51479 /local:br [X] S2 wucotusy; não ImagePath S2 zutuzuni; não ImagePath ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 bsitf; C:\Program Files (x86)\ASUS\WinFlash\bsitf64.sys [13440 2010-01-05] (ASUSTek Computer Inc.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-12-13] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [46392 2015-12-13] (Disc Soft Ltd) S3 GGSAFERDriver; C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [27744 2015-12-20] () R3 gkernel; C:\Users\Marcio\AppData\Local\Temp\gkernel.sys [31512 2016-01-16] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-16] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-01-15] (DotC United Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-11-08] (SlimWare Utilities, Inc.) S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-20] (Microsoft Corporation) [Arquivo não assinado] R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-12-12] () S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 X6va031; \??\C:\WINDOWS\SysWOW64\Drivers\X6va031 [25816 2015-11-08] () S3 X6va061; \??\C:\WINDOWS\SysWOW64\Drivers\X6va061 [21184 2015-12-31] () S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-22] (Wellbia.com Co., Ltd.) S3 xspirit; C:\WINDOWS\xspirit.sys [19176 2015-11-20] () U3 idsvc; não ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; não ImagePath ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-01-16 22:06 - 2016-01-16 22:07 - 00019023 _____ C:\Users\Marcio\Downloads\FRST.txt 2016-01-16 22:05 - 2016-01-16 22:06 - 00000000 ____D C:\FRST 2016-01-16 22:05 - 2016-01-16 22:05 - 02370560 _____ (Farbar) C:\Users\Marcio\Downloads\FRST64.exe 2016-01-16 21:09 - 2016-01-16 21:09 - 00016148 _____ C:\WINDOWS\system32\MARCIO-PC_Marcio_HistoryPrediction.bin 2016-01-16 20:06 - 2016-01-16 21:09 - 00000000 ____D C:\Users\Marcio\AppData\Local\CrashDumps 2016-01-16 19:48 - 2016-01-16 20:04 - 00000000 ____D C:\Users\Todos os Usuários\Norton 2016-01-16 19:48 - 2016-01-16 20:04 - 00000000 ____D C:\ProgramData\Norton 2016-01-16 19:47 - 2016-01-16 19:47 - 00000000 ____D C:\Users\Todos os Usuários\NortonInstaller 2016-01-16 19:47 - 2016-01-16 19:47 - 00000000 ____D C:\ProgramData\NortonInstaller 2016-01-16 19:46 - 2016-01-16 19:46 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence 2016-01-16 19:46 - 2016-01-16 19:46 - 00000000 ____D C:\ProgramData\ByteFence 2016-01-16 19:39 - 2016-01-16 20:11 - 00000000 ____D C:\Users\Marcio\AppData\Local\BrowserHelper 2016-01-16 19:37 - 2016-01-16 19:37 - 00003238 _____ C:\WINDOWS\System32\Tasks\{65A4EB63-286F-4195-8F92-FBFB1F7C021E} 2016-01-16 19:35 - 2016-01-16 20:16 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg 2016-01-16 19:35 - 2016-01-16 20:16 - 00000000 ____D C:\ProgramData\WindowsMsg 2016-01-15 22:28 - 2016-01-16 17:45 - 00000322 _____ C:\Users\Marcio\AppData\Roaming\xcgui_debug.txt 2016-01-15 22:22 - 2016-01-15 22:22 - 00000000 ____D C:\$WINDOWS.~LS 2016-01-15 22:21 - 2016-01-15 22:21 - 00000000 ____D C:\$WINDOWS.~BT 2016-01-15 22:00 - 2016-01-15 22:10 - 00000000 ____D C:\Users\Todos os Usuários\TEMP 2016-01-15 22:00 - 2016-01-15 22:10 - 00000000 ____D C:\ProgramData\TEMP 2016-01-15 21:58 - 2016-01-15 21:58 - 05646860 _____ (Swearware) C:\Users\Marcio\Downloads\ComboFix.exe 2016-01-15 21:55 - 2016-01-15 21:59 - 23975456 _____ (PC Tools ) C:\Users\Marcio\Downloads\sdstart.exe 2016-01-15 21:25 - 2016-01-15 21:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-01-15 20:25 - 2016-01-16 21:11 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-15 20:25 - 2016-01-15 21:16 - 00001165 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-01-15 20:25 - 2016-01-15 20:25 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes 2016-01-15 20:25 - 2016-01-15 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-01-15 20:25 - 2016-01-15 20:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-15 20:25 - 2016-01-15 20:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-01-15 20:25 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-15 20:25 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-15 20:25 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-15 20:23 - 2016-01-15 20:24 - 22908888 _____ (Malwarebytes ) C:\Users\Marcio\Downloads\mbam-setup-org-2.2.0.1024.exe 2016-01-15 10:58 - 2016-01-15 10:58 - 00003514 _____ C:\WINDOWS\System32\Tasks\Uumdigeu 2016-01-15 10:52 - 2016-01-16 19:46 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner 2016-01-15 10:52 - 2016-01-15 10:52 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys 2016-01-15 10:50 - 2016-01-15 10:50 - 00000000 ____D C:\Users\Marcio\AppData\Local\PeerDistRepub 2016-01-15 10:44 - 2016-01-15 10:44 - 00000000 ____D C:\Users\Marcio\AppData\Local\NetworkTiles 2016-01-15 10:29 - 2016-01-15 10:10 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2016-01-15 10:25 - 2016-01-15 10:25 - 00000000 ____D C:\zoek_backup 2016-01-15 10:09 - 2016-01-15 10:10 - 01309184 _____ C:\Users\Marcio\Downloads\zoek.exe 2016-01-15 09:48 - 2016-01-15 09:48 - 05094240 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-15 09:46 - 2016-01-15 22:16 - 00000000 ____D C:\Users\Marcio\AppData\Local\ElevatedDiagnostics 2016-01-15 09:32 - 2016-01-15 09:32 - 00003326 _____ C:\WINDOWS\System32\Tasks\{0E3CF564-B6FA-49DD-8E55-0ADBDC94A107} 2016-01-15 09:05 - 2016-01-16 21:10 - 00003608 _____ C:\WINDOWS\System32\Tasks\Garena+ Plugin Host Service 2016-01-14 23:37 - 2016-01-14 23:37 - 00003334 _____ C:\WINDOWS\System32\Tasks\{E1F7F0A5-253E-4658-BFB9-19DD8DE6B4EA} 2016-01-14 23:00 - 2016-01-14 23:00 - 00003330 _____ C:\WINDOWS\System32\Tasks\{5650ECF4-34A2-4B5C-96F0-983F75C5EB1B} 2016-01-14 22:51 - 2016-01-14 22:51 - 00003250 _____ C:\WINDOWS\System32\Tasks\{1B094A35-6227-41B1-BC90-24BA5499CA4A} 2016-01-14 22:38 - 2016-01-14 22:38 - 00000000 ____D C:\Users\Todos os Usuários\8b795688-3fd7-0 2016-01-14 22:38 - 2016-01-14 22:38 - 00000000 ____D C:\ProgramData\8b795688-3fd7-0 2016-01-14 22:37 - 2016-01-15 21:15 - 00002208 _____ C:\Users\Marcio\Desktop\chrome.lnk 2016-01-14 22:36 - 2016-01-14 22:36 - 00023192 _____ C:\WINDOWS\System32\Tasks\{0A0D0847-0D0C-040D-0D11-7E050504117E} 2016-01-14 22:35 - 2016-01-14 22:35 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\TENCENT 2016-01-14 22:22 - 2016-01-14 22:22 - 00631808 _____ C:\WINDOWS\oac.dat 2016-01-14 22:21 - 2016-01-14 23:00 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2016-01-14 22:21 - 2016-01-14 22:21 - 00000000 ____D C:\Program Files\Common Files\Tencent 2016-01-14 22:19 - 2016-01-14 22:24 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Tencent 2016-01-14 22:18 - 2016-01-14 22:18 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\LightGate 2016-01-14 22:17 - 2016-01-14 22:17 - 01763184 _____ C:\Users\Marcio\AppData\Roaming\a1dae3f1e483.exe 2016-01-14 22:17 - 2016-01-14 22:17 - 00621568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Marcio\AppData\Roaming\libeay32.dll 2016-01-14 22:17 - 2016-01-14 22:17 - 00162304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Marcio\AppData\Roaming\ssleay32.dll 2016-01-14 22:17 - 2016-01-14 22:17 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update 2016-01-14 22:17 - 2016-01-14 22:17 - 00000000 ____D C:\Users\Marcio\AppData\Local\Yeaplayer 2016-01-14 22:17 - 2016-01-14 22:17 - 00000000 ____D C:\ProgramData\Windows Update 2016-01-14 22:17 - 2015-12-10 07:39 - 01015808 _____ (d) C:\Users\Marcio\AppData\Roaming\download.exe 2016-01-14 22:17 - 2015-11-30 14:45 - 02496403 _____ ( ) C:\Users\Marcio\AppData\Roaming\yeaplayer_51479.exe 2016-01-14 22:16 - 2016-01-16 21:10 - 00006413 _____ C:\Users\Marcio\AppData\Roaming\webad.xml 2016-01-14 22:16 - 2016-01-14 22:44 - 02786816 _____ (TODO: ) C:\Users\Marcio\AppData\Roaming\svrupg.exe 2016-01-14 22:16 - 2016-01-14 22:14 - 00000976 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak 2016-01-14 22:16 - 2016-01-14 06:46 - 02412032 _____ C:\Users\Marcio\AppData\Roaming\msiql.exe 2016-01-14 22:16 - 2016-01-11 14:49 - 01734656 _____ C:\Users\Todos os Usuários\search 2016-01-14 22:16 - 2016-01-11 14:49 - 01734656 _____ C:\ProgramData\search 2016-01-14 22:15 - 2016-01-14 22:15 - 00003036 _____ C:\WINDOWS\System32\Tasks\svchost 2016-01-14 22:12 - 2016-01-15 21:14 - 00000000 ____D C:\Program Files\Sound+ 2016-01-14 21:31 - 2016-01-14 21:31 - 00000000 ____D C:\Users\Marcio\Desktop\adb 2016-01-14 20:19 - 2016-01-14 20:19 - 02219125 _____ ( ) C:\Users\Marcio\Downloads\minimal_adb_fastboot_v1.1.3_setup.exe 2016-01-14 20:15 - 2016-01-14 20:15 - 00550179 _____ C:\Users\Marcio\Downloads\mfastboot-v2 (1).zip 2016-01-14 20:13 - 2016-01-14 20:21 - 00000000 ____D C:\Users\Marcio\Desktop\kitkat 2016-01-14 12:23 - 2016-01-14 21:44 - 00000000 ____D C:\Users\Marcio\Downloads\Re-bloqueio moto G 2016-01-14 12:22 - 2016-01-14 12:22 - 499971981 _____ C:\Users\Marcio\Downloads\Re-bloqueio moto G.rar 2016-01-14 12:20 - 2016-01-14 12:20 - 00550179 _____ C:\Users\Marcio\Downloads\mfastboot-v2.zip 2016-01-14 12:08 - 2016-01-14 12:08 - 00000599 _____ C:\Users\Marcio\Downloads\Flash (1).bat 2016-01-14 12:06 - 2016-01-14 12:20 - 509577709 _____ C:\Users\Marcio\Downloads\RETAIL-BR-DS_4.4.4_KXB21.14-L1.40_38_cid12_CFC_1FF_SVC.xml.zip 2016-01-14 08:04 - 2013-11-04 19:10 - 00000000 ____D C:\Users\Marcio\Downloads\Six Guns Hack iOS&Android (2013) 2016-01-13 21:26 - 2016-01-15 21:15 - 00001537 _____ C:\Users\Marcio\Desktop\Six-Guns.lnk 2016-01-13 21:22 - 2016-01-13 21:23 - 00009406 _____ C:\Users\Marcio\Downloads\HACK SIX GUNS TODO CGAMER.7z 2016-01-13 20:19 - 2016-01-13 20:29 - 00000000 ____D C:\Program Files (x86)\GUN 2016-01-13 20:18 - 2016-01-13 20:18 - 00000132 _____ C:\Users\Marcio\AppData\Roaming\Preferências do Formato PNG CC da Adobe 2016-01-13 19:58 - 2016-01-13 20:22 - 00556781 _____ (GameVicio) C:\Users\Marcio\Downloads\gun Tradução PT.exe 2016-01-13 19:57 - 2016-01-13 20:19 - 00000000 ____D C:\Users\Marcio\Downloads\[PC] GUN [RIP] [dopeman] 2016-01-13 09:51 - 2016-01-13 09:51 - 124272708 _____ C:\Users\Marcio\Downloads\Wesley Safadao - Ao Vivo em Jurere - CD de Verao 2016.rar 2016-01-13 07:04 - 2016-01-05 00:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 07:04 - 2016-01-05 00:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2016-01-13 07:04 - 2016-01-05 00:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 07:04 - 2016-01-05 00:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2016-01-13 07:04 - 2016-01-05 00:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 07:04 - 2016-01-05 00:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2016-01-13 07:04 - 2016-01-05 00:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2016-01-13 07:04 - 2016-01-05 00:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2016-01-13 07:04 - 2016-01-05 00:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2016-01-13 07:04 - 2016-01-04 23:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-01-13 07:04 - 2016-01-04 23:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 07:04 - 2016-01-04 23:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 07:04 - 2016-01-04 23:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 07:04 - 2016-01-04 23:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 07:04 - 2016-01-04 23:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2016-01-13 07:04 - 2016-01-04 23:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2016-01-13 07:04 - 2016-01-04 23:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2016-01-13 07:04 - 2016-01-04 23:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 07:04 - 2016-01-04 23:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2016-01-13 07:04 - 2016-01-04 23:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2016-01-13 07:04 - 2016-01-04 23:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 07:04 - 2016-01-04 23:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 07:04 - 2016-01-04 23:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2016-01-13 07:04 - 2016-01-04 23:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2016-01-13 07:04 - 2016-01-04 23:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 07:04 - 2016-01-04 23:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 07:04 - 2016-01-04 23:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2016-01-13 07:04 - 2016-01-04 23:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 07:04 - 2016-01-04 23:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2016-01-13 07:04 - 2016-01-04 23:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2016-01-13 07:04 - 2016-01-04 23:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2016-01-13 07:04 - 2016-01-04 23:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2016-01-13 07:04 - 2016-01-04 23:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-01-13 07:04 - 2016-01-04 23:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 07:04 - 2016-01-04 23:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-13 07:04 - 2016-01-04 23:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2016-01-13 07:04 - 2016-01-04 23:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 07:04 - 2016-01-04 23:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 07:04 - 2016-01-04 23:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll 2016-01-13 07:04 - 2016-01-04 23:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2016-01-13 07:04 - 2016-01-04 23:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2016-01-13 07:04 - 2016-01-04 23:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2016-01-13 07:04 - 2016-01-04 23:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 07:04 - 2016-01-04 23:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 07:04 - 2016-01-04 23:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 07:04 - 2016-01-04 23:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 07:04 - 2016-01-04 23:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 07:04 - 2016-01-04 23:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 07:04 - 2016-01-04 23:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-01-13 07:04 - 2016-01-04 23:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 07:04 - 2016-01-04 22:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 07:04 - 2016-01-04 22:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 07:04 - 2016-01-04 22:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 07:04 - 2016-01-04 22:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 07:04 - 2016-01-04 22:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 07:04 - 2016-01-04 22:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 07:04 - 2016-01-04 22:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 07:04 - 2016-01-04 22:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2016-01-13 07:04 - 2016-01-04 22:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2016-01-13 07:04 - 2016-01-04 22:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2016-01-13 07:04 - 2016-01-04 22:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 07:04 - 2016-01-04 22:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 07:04 - 2016-01-04 22:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-13 07:04 - 2016-01-04 22:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2016-01-13 07:04 - 2016-01-04 22:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll 2016-01-13 07:04 - 2016-01-04 22:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 07:04 - 2016-01-04 22:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 07:04 - 2016-01-04 22:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 07:04 - 2016-01-04 22:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 07:04 - 2016-01-04 22:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 07:04 - 2016-01-04 22:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-01-13 07:04 - 2016-01-04 22:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 07:04 - 2016-01-04 22:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 07:04 - 2016-01-04 22:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-13 07:04 - 2016-01-04 22:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 07:04 - 2016-01-04 22:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 07:04 - 2016-01-04 22:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2016-01-13 07:04 - 2016-01-04 22:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2016-01-13 07:04 - 2016-01-04 22:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2016-01-11 19:34 - 2016-01-11 19:35 - 00899414 _____ C:\Users\Marcio\Downloads\SetupDVDDecrypter_3.5.4.0.exe 2016-01-11 15:21 - 2016-01-15 21:16 - 00001340 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare 3.lnk 2016-01-11 15:21 - 2016-01-11 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare 3 2016-01-11 14:28 - 2016-01-11 14:28 - 00000000 ____D C:\Users\Marcio\AppData\Local\TeknoGods 2016-01-11 14:21 - 2016-01-11 14:22 - 21083411 _____ C:\Users\Marcio\Downloads\client_2.7.3.7.rar 2016-01-10 21:15 - 2016-01-10 21:15 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-01-10 21:15 - 2016-01-10 21:15 - 00000000 ____D C:\Users\Public\Documents\Guid 2016-01-10 21:12 - 2016-01-10 21:12 - 03546167 _____ (GameVicio Brasil®) C:\Users\Marcio\Downloads\codmw3_br.exe 2016-01-10 21:11 - 2016-01-11 16:42 - 08388608 _____ C:\Users\Marcio\Downloads\codmw3_br.vhdx 2016-01-10 19:09 - 2016-01-10 19:09 - 00003781 _____ C:\Users\Marcio\Downloads\code_pre_gfx.ff 2016-01-10 19:01 - 2016-01-10 19:03 - 04765687 _____ C:\Users\Marcio\Downloads\Nueva carpeta (2).rar 2016-01-10 17:10 - 2016-01-10 17:10 - 09489976 _____ C:\Users\Marcio\Downloads\Tradução.rar 2016-01-10 17:01 - 2016-01-10 17:02 - 17371100 _____ C:\Users\Marcio\Downloads\Crack CoD MW3-By Cordero de DEUS.rar 2016-01-10 16:23 - 2016-01-11 14:31 - 00000000 ____D C:\Program Files (x86)\Black_Box 2016-01-10 14:37 - 2016-01-10 14:37 - 00000000 ____D C:\Users\Marcio\Documents\NFS Undercover 2016-01-10 14:33 - 2016-01-10 14:33 - 00002163 _____ C:\Users\Public\Desktop\Need for Speed™ Undercover.lnk 2016-01-10 14:33 - 2016-01-10 14:33 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Leadertech 2016-01-10 14:28 - 2016-01-10 14:30 - 09776199 _____ C:\Users\Marcio\Downloads\CraftLandiaMG.zip 2016-01-10 14:26 - 2016-01-10 14:26 - 00000000 ____D C:\Program Files (x86)\EA Games 2016-01-10 02:00 - 2016-01-10 02:02 - 66591701 _____ C:\Users\Marcio\Downloads\kodi-15.2-Isengard.exe 2016-01-10 01:36 - 2016-01-10 01:36 - 01075674 _____ C:\Users\Marcio\Downloads\como acelerar os downloads do utorrent 3.3.1.rar 2016-01-10 01:31 - 2016-01-10 01:31 - 00026175 _____ C:\Users\Marcio\Downloads\[kickass.so]god.of.war.1.2.pc.ghost.by.sonuyos.tomek1166.torrent 2016-01-10 01:23 - 2016-01-10 01:23 - 00014012 _____ C:\Users\Marcio\Downloads\CODMW3-ByStiff.torrent 2016-01-10 01:20 - 2016-01-16 19:29 - 00000000 ____D C:\Users\Marcio\Downloads\Grand Theft Auto V-CorePack 2016-01-10 01:00 - 2016-01-15 21:15 - 00000907 _____ C:\Users\Marcio\Desktop\CCleaner.lnk 2016-01-09 23:31 - 2016-01-10 01:01 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\uTorrent 2016-01-09 22:43 - 2016-01-15 21:15 - 00000916 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-01-09 22:28 - 2016-01-16 21:09 - 00000000 ____D C:\WINDOWS\pss 2016-01-09 22:09 - 2016-01-09 22:10 - 05125898 _____ C:\Users\Marcio\Downloads\CCleaner 5.0 + SERIAL.rar 2016-01-09 22:08 - 2016-01-09 22:08 - 00000201 _____ C:\Users\Marcio\Downloads\Ccleaner SERIAL SEPARADO.rar 2016-01-09 21:51 - 2016-01-09 21:51 - 00101923 _____ C:\Users\Marcio\Downloads\Bully Scholarship Edition.rar 2016-01-09 21:35 - 2016-01-09 21:52 - 00000000 ____D C:\Users\Marcio\Documents\Bully Scholarship Edition 2016-01-09 20:05 - 2016-01-15 21:15 - 00001366 _____ C:\Users\Marcio\Desktop\Bully. Scholarship Edition.lnk 2016-01-09 20:05 - 2016-01-09 20:05 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Bully. Scholarship Edition 2016-01-09 19:12 - 2016-01-15 21:15 - 00001409 _____ C:\Users\Marcio\Desktop\WinRAR - Atalho.lnk 2016-01-09 19:10 - 2016-01-09 19:12 - 00000000 ____D C:\Program Files\WinRAR 2016-01-09 19:10 - 2016-01-09 19:10 - 06822227 _____ C:\Users\Marcio\Downloads\Winrar 5.21 + key (64 e 32 Bits).zip 2016-01-09 19:06 - 2016-01-09 21:34 - 00736123 _____ (GameVicio Brasil®) C:\Users\Marcio\Downloads\bully_br[www.gamevicio.com.br].exe 2016-01-09 19:03 - 2016-01-09 19:03 - 00001746 _____ C:\Users\Marcio\Downloads\ó.lnk 2016-01-09 19:01 - 2016-01-09 19:45 - 2307790848 _____ C:\Users\Marcio\Downloads\Bully. Scholarship Edition [R.G. Механики].iso 2016-01-09 12:56 - 2016-01-15 21:15 - 00001257 _____ C:\Users\Marcio\Desktop\Deadpool.lnk 2016-01-09 12:56 - 2016-01-09 12:56 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Deadpool 2016-01-09 12:47 - 2016-01-09 12:56 - 00885895 _____ (Tribo Gamer Brasil®) C:\Users\Marcio\Downloads\DPO BR By StiffDownHD.exe 2016-01-08 11:29 - 2016-01-08 11:29 - 31085611 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2016-01-08 11:29 - 2016-01-08 11:29 - 04585744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2016-01-08 11:29 - 2016-01-08 11:29 - 03309288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 03269968 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 03019064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 02955024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 02720016 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2016-01-08 11:29 - 2016-01-08 11:29 - 01768208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 01403120 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 01351712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00889920 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00659888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00399488 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00355520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00333312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00333312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00225528 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00205664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00168960 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00120744 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00098000 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00085120 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00032416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2016-01-08 11:29 - 2016-01-08 11:29 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL 2016-01-08 11:28 - 2016-01-08 11:28 - 01624768 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2016-01-08 11:28 - 2016-01-08 11:28 - 00588656 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2016-01-08 11:28 - 2016-01-08 11:28 - 00131048 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2016-01-08 11:28 - 2016-01-08 11:28 - 00128528 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2016-01-07 22:21 - 2011-07-29 13:52 - 02097152 ____R C:\Users\Marcio\Downloads\K42FAS.502 2016-01-07 22:13 - 2011-10-14 17:01 - 02097152 ____R C:\Users\Marcio\Downloads\K42FAS.503 2016-01-07 22:11 - 2016-01-07 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility 2016-01-07 22:09 - 2016-01-07 22:09 - 00362764 _____ C:\Users\Marcio\Downloads\WinFlash_WIN7_32_64_z2303.zip 2016-01-07 21:36 - 2016-01-14 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Drivers Update Utility 2016-01-07 21:36 - 2016-01-07 21:36 - 00000000 ____D C:\Users\Marcio\AppData\Local\ASUS Drivers Update Utility 2016-01-07 21:35 - 2016-01-07 21:35 - 03466081 _____ C:\Users\Marcio\Downloads\asus-drivers-update-utility.zip 2016-01-07 21:18 - 2010-04-13 15:34 - 02097152 ____R C:\Users\Marcio\Downloads\K42FAS.407 2016-01-07 21:15 - 2016-01-07 21:15 - 00961704 _____ C:\Users\Marcio\Downloads\K42FAS503.zip 2016-01-07 21:15 - 2016-01-07 21:15 - 00957174 _____ C:\Users\Marcio\Downloads\K42FAS415.zip 2016-01-07 21:15 - 2016-01-07 21:15 - 00957153 _____ C:\Users\Marcio\Downloads\K42FAS409.zip 2016-01-07 21:15 - 2016-01-07 21:15 - 00957110 _____ C:\Users\Marcio\Downloads\K42FAS407.zip 2016-01-07 21:14 - 2016-01-07 21:14 - 00961739 _____ C:\Users\Marcio\Downloads\K42FAS502.zip 2016-01-07 21:14 - 2016-01-07 21:14 - 00960256 _____ C:\Users\Marcio\Downloads\K42FAS500.zip 2016-01-07 21:14 - 2016-01-07 21:14 - 00960142 _____ C:\Users\Marcio\Downloads\K42FAS421.zip 2016-01-07 21:14 - 2016-01-07 21:14 - 00957184 _____ C:\Users\Marcio\Downloads\K42FAS416.zip 2016-01-07 21:13 - 2016-01-07 21:13 - 00314823 _____ C:\Users\Marcio\Downloads\Cer_CB_K42xxx_M0.zip 2016-01-07 21:13 - 2016-01-07 21:13 - 00269841 _____ C:\Users\Marcio\Downloads\Cer_BSMI_K42F_K42J.zip 2016-01-07 21:01 - 2016-01-07 21:01 - 00909962 _____ C:\Users\Marcio\Downloads\Winflash_Win10_64_VER301.zip 2016-01-07 12:25 - 2016-01-09 07:41 - 00000000 ____D C:\Users\Marcio\Downloads\Payday.The.Heist-RELOADED 2016-01-07 12:24 - 2016-01-07 12:24 - 00019999 _____ C:\Users\Marcio\Downloads\DPO-ByStiff.torrent 2016-01-05 21:09 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL 2016-01-05 21:08 - 2016-01-05 21:08 - 17251392 _____ (DsNET Corp ) C:\Users\Marcio\Downloads\aTube_Catcher_ATU3_9000.exe 2016-01-05 20:23 - 2016-01-15 21:15 - 00001901 _____ C:\Users\Marcio\Desktop\SporeApp - Atalho.lnk 2016-01-05 20:23 - 2016-01-15 21:15 - 00001740 _____ C:\Users\Marcio\Desktop\Rocket League Chaos Run.lnk 2016-01-05 20:23 - 2016-01-15 21:15 - 00001238 _____ C:\Users\Marcio\Desktop\GTA.lnk 2016-01-05 20:23 - 2016-01-15 21:15 - 00001218 _____ C:\Users\Marcio\Desktop\LEFT 4 DEAD 2.lnk 2016-01-05 20:23 - 2016-01-15 21:15 - 00001072 _____ C:\Users\Marcio\Desktop\Counter-Strike 1.6.lnk 2016-01-05 20:23 - 2016-01-15 21:15 - 00000745 _____ C:\Users\Marcio\Desktop\PointBlank.lnk 2016-01-05 20:23 - 2016-01-15 21:15 - 00000643 _____ C:\Users\Marcio\Desktop\Cabal Nexus.lnk 2016-01-05 06:54 - 2016-01-05 06:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-01-04 21:44 - 2016-01-05 20:31 - 00000000 ____D C:\Users\Todos os Usuários\RELOADED 2016-01-04 21:44 - 2016-01-05 20:31 - 00000000 ____D C:\ProgramData\RELOADED 2016-01-04 21:44 - 2016-01-04 21:44 - 00000000 ____D C:\Users\Marcio\AppData\Local\PAYDAY 2016-01-04 21:41 - 2016-01-04 21:41 - 00053248 _____ C:\WINDOWS\system32\PhysXLoader.dll 2016-01-04 21:23 - 2016-01-15 21:15 - 00001715 _____ C:\Users\Marcio\Desktop\PayDay.lnk 2016-01-04 21:08 - 2016-01-05 20:46 - 00000000 ____D C:\Program Files (x86)\Payday The Heist 2016-01-04 12:55 - 2016-01-15 21:15 - 00001830 _____ C:\Users\Marcio\Desktop\polybridge - Atalho.lnk 2016-01-04 12:40 - 2016-01-15 21:15 - 00001300 _____ C:\Users\Marcio\Desktop\Sniper Elite.lnk 2016-01-04 12:40 - 2016-01-04 12:40 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Sniper Elite 2016-01-04 11:58 - 2016-01-04 11:58 - 00000000 ____D C:\Users\Marcio\AppData\LocalLow\Dry Cactus 2016-01-02 17:02 - 2016-01-02 17:03 - 00001549 _____ C:\Users\Marcio\Downloads\l.lnk 2016-01-02 16:12 - 2016-01-02 16:13 - 00001784 _____ C:\Users\Marcio\Downloads\0.lnk 2016-01-02 15:33 - 2016-01-02 15:33 - 00000000 ____D C:\Users\Todos os Usuários\Ubisoft 2016-01-02 15:33 - 2016-01-02 15:33 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Ubisoft 2016-01-02 15:33 - 2016-01-02 15:33 - 00000000 ____D C:\ProgramData\Ubisoft 2016-01-02 15:30 - 2016-01-15 21:15 - 00001870 _____ C:\Users\Marcio\Desktop\Assassins Creed 2.lnk 2016-01-02 15:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2016-01-02 15:16 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2016-01-02 15:16 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2016-01-02 15:16 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2016-01-02 15:16 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2016-01-02 15:16 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2016-01-02 15:16 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2016-01-02 15:16 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2016-01-02 15:16 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2016-01-02 15:16 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2016-01-02 15:16 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll 2016-01-02 15:15 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2016-01-02 15:09 - 2016-01-02 15:16 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-01-02 12:47 - 2016-01-02 12:47 - 00000000 ____D C:\Users\Marcio\Documents\Square Enix 2016-01-02 12:46 - 2016-01-15 21:15 - 00001581 _____ C:\Users\Marcio\Desktop\Just Cause2.lnk 2016-01-02 12:41 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll 2016-01-02 12:40 - 2016-01-02 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Cause 2 2016-01-02 12:35 - 2016-01-16 20:31 - 00000000 ____D C:\Program Files (x86)\Just Cause 2 2016-01-02 12:34 - 2016-01-02 12:41 - 00000000 __SHD C:\WINDOWS\ei_temp 2016-01-02 11:20 - 2016-01-02 11:22 - 00000000 ____D C:\Users\Marcio\Documents\JustCause 2016-01-02 11:03 - 2016-01-02 11:04 - 00000000 ____D C:\Users\Marcio\Documents\TCNYC 2016-01-02 10:51 - 2016-01-02 10:51 - 00000000 ____D C:\Users\Marcio\AppData\Local\Disc_Soft_Ltd 2016-01-02 10:49 - 2016-01-15 21:15 - 00001473 _____ C:\Users\Marcio\Desktop\Play True Crime® New York City.lnk 2016-01-02 10:49 - 2016-01-02 10:49 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aspyr Media, Inc 2016-01-02 10:44 - 2016-01-02 10:44 - 00000000 ____D C:\Program Files (x86)\Aspyr Media, Inc 2016-01-02 00:11 - 2016-01-02 00:11 - 00000000 ____D C:\$SysReset 2015-12-31 19:23 - 2015-12-31 19:23 - 00000000 ____D C:\Users\Marcio\Downloads\Unpark-CPU-App 2015-12-26 17:57 - 2016-01-15 21:15 - 00002142 _____ C:\Users\Marcio\Desktop\Resident Evil 4.lnk 2015-12-26 17:57 - 2016-01-15 21:15 - 00002135 _____ C:\Users\Marcio\Desktop\Resident Evil 4 (mouse support).lnk 2015-12-26 17:50 - 2015-12-26 17:50 - 00000000 ____D C:\Program Files (x86)\Capcom 2015-12-26 14:54 - 2015-12-26 14:54 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2015-12-26 14:41 - 2015-12-26 14:42 - 00001852 _____ C:\Users\Marcio\Downloads\Contig(4).lnk 2015-12-26 11:43 - 2015-12-26 11:45 - 00002133 _____ C:\Users\Marcio\Downloads\Contig (3).lnk 2015-12-26 11:19 - 2015-12-26 11:20 - 00001707 _____ C:\Users\Marcio\Downloads\Contig (2).lnk 2015-12-25 15:24 - 2015-12-25 19:47 - 00001757 _____ C:\Users\Marcio\Downloads\Contig.lnk 2015-12-25 15:23 - 2015-12-25 15:23 - 00198184 _____ (Sysinternals) C:\Users\Marcio\Downloads\Contig.exe 2015-12-25 11:40 - 2016-01-02 00:23 - 00000000 ____D C:\Users\Public\Documents\Softwrap 2015-12-25 11:40 - 2015-12-25 11:40 - 00000000 _____ C:\Users\Public\Documents\Global.sw2 2015-12-20 15:54 - 2015-12-27 13:59 - 00000000 ____D C:\Users\Marcio\Documents\Prototype 2015-12-20 15:21 - 2016-01-09 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2015-12-20 14:57 - 2011-12-12 15:28 - 00000219 _____ C:\WINDOWS\system.ini 2015-12-20 14:49 - 2016-01-09 19:58 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics 2015-12-20 11:33 - 2015-12-31 12:49 - 00021184 _____ C:\WINDOWS\SysWOW64\Drivers\X6va061 2015-12-20 09:37 - 2016-01-15 21:15 - 00001154 _____ C:\Users\Marcio\Desktop\Cheat Engine.lnk 2015-12-20 09:37 - 2016-01-02 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1 2015-12-20 09:37 - 2015-12-20 09:37 - 00000000 ____D C:\Users\Marcio\Documents\My Cheat Tables 2015-12-20 09:37 - 2015-12-20 09:37 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.1 2015-12-20 07:41 - 2016-01-13 20:29 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio 2015-12-20 07:41 - 2016-01-13 20:29 - 00000000 ____D C:\Program Files (x86)\GameVicio 2015-12-19 22:18 - 2015-12-20 14:49 - 381028352 _____ C:\Users\Marcio\Downloads\Prototype.iso ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-01-16 22:05 - 2015-07-10 06:47 - 00000000 ____D C:\WINDOWS 2016-01-16 21:48 - 2015-10-18 00:37 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-16 21:09 - 2015-10-18 00:37 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-16 21:09 - 2015-10-17 20:49 - 00000660 _____ C:\WINDOWS\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job 2016-01-16 21:09 - 2015-09-05 10:42 - 00000000 ____D C:\temp 2016-01-16 21:09 - 2015-07-30 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-16 21:08 - 2015-07-10 06:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-16 20:02 - 2015-07-30 19:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-01-16 20:02 - 2015-07-10 06:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-16 19:39 - 2015-11-02 01:25 - 00000000 ____D C:\Program Files\CCleaner 2016-01-16 19:33 - 2015-12-12 21:34 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\uTorrent 2016-01-16 17:06 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-16 16:33 - 2015-07-30 19:42 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-15 22:36 - 2015-11-08 09:32 - 00002560 _____ C:\WINDOWS\diagwrn.xml 2016-01-15 22:36 - 2015-11-08 09:32 - 00001908 _____ C:\WINDOWS\diagerr.xml 2016-01-15 22:33 - 2015-11-21 17:44 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FEDB4DB1-4AA1-4424-8364-EC9C6DDA7D8B} 2016-01-15 21:16 - 2015-12-12 21:37 - 00001852 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-01-15 21:16 - 2015-11-15 07:38 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk 2016-01-15 21:16 - 2015-11-15 07:33 - 00001465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2016-01-15 21:16 - 2015-11-15 07:33 - 00001459 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2016-01-15 21:16 - 2015-11-08 10:24 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-15 21:16 - 2015-11-04 10:11 - 00001696 _____ C:\Users\Public\Desktop\Recuva.lnk 2016-01-15 21:16 - 2015-11-02 01:25 - 00000901 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-15 21:16 - 2015-11-01 17:19 - 00001246 _____ C:\Users\Public\Desktop\Razer Cortex.lnk 2016-01-15 21:16 - 2015-10-31 21:37 - 00001057 _____ C:\Users\Public\Desktop\Garena+.lnk 2016-01-15 21:16 - 2015-10-17 23:15 - 00000957 _____ C:\Users\Public\Desktop\Steam.lnk 2016-01-15 21:16 - 2015-10-17 20:42 - 00002759 _____ C:\Users\Public\Desktop\CorelDRAW X7.lnk 2016-01-15 21:16 - 2015-10-17 20:08 - 00001253 _____ C:\Users\Public\Desktop\aTube Catcher.lnk 2016-01-15 21:15 - 2015-12-12 21:35 - 00000936 _____ C:\Users\Marcio\Desktop\µTorrent.lnk 2016-01-15 21:15 - 2015-12-12 19:03 - 00001894 _____ C:\Users\Marcio\Desktop\Spotify.lnk 2016-01-15 21:15 - 2015-12-12 19:03 - 00001880 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-01-15 21:15 - 2015-11-15 07:40 - 00001805 _____ C:\Users\Marcio\Desktop\PhotoShop.lnk 2016-01-15 21:15 - 2015-11-08 10:49 - 00002411 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-01-15 21:15 - 2015-11-08 10:47 - 00001047 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk 2016-01-15 21:15 - 2015-10-19 03:29 - 00001091 _____ C:\Users\Marcio\Desktop\Driver Magician.lnk 2016-01-15 21:15 - 2015-10-18 17:44 - 00000673 _____ C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cabal Nexus Online.lnk 2016-01-15 21:15 - 2015-10-17 20:46 - 00001007 _____ C:\Users\Marcio\Desktop\3DP Chip.lnk 2016-01-15 21:15 - 2015-10-17 18:56 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2016-01-15 21:15 - 2015-10-17 18:50 - 00000908 _____ C:\Users\Marcio\Desktop\Downloads.lnk 2016-01-15 11:15 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-01-15 11:15 - 2009-07-14 00:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-01-15 10:50 - 2015-10-31 21:38 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\GarenaPlus 2016-01-15 10:50 - 2015-10-31 21:37 - 00000000 ____D C:\Users\Todos os Usuários\GarenaMessenger 2016-01-15 10:50 - 2015-10-31 21:37 - 00000000 ____D C:\ProgramData\GarenaMessenger 2016-01-15 10:44 - 2015-10-18 00:56 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab 2016-01-15 10:44 - 2015-10-18 00:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-01-15 10:44 - 2015-07-30 19:40 - 00000000 ____D C:\WINDOWS\INF 2016-01-15 10:44 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default.migrated 2016-01-15 10:30 - 2015-11-05 15:37 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-01-15 10:30 - 2015-11-05 15:37 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-01-15 10:25 - 2015-11-08 10:18 - 00000000 ____D C:\Users\Marcio 2016-01-15 09:58 - 2015-11-08 17:02 - 00000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot 2016-01-15 09:36 - 2015-09-10 02:48 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-01-15 00:30 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-14 20:14 - 2015-11-08 10:17 - 02086850 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-14 20:14 - 2015-09-10 02:04 - 00884906 _____ C:\WINDOWS\system32\prfh0416.dat 2016-01-14 20:14 - 2015-09-10 02:04 - 00191910 _____ C:\WINDOWS\system32\prfc0416.dat 2016-01-14 11:58 - 2015-10-31 21:37 - 00000000 ____D C:\Program Files (x86)\Garena Plus 2016-01-13 21:14 - 2015-11-08 10:42 - 00000000 ____D C:\Users\Marcio\AppData\Local\Packages 2016-01-13 21:00 - 2015-10-25 15:05 - 00000000 ____D C:\Users\Marcio\Desktop\milena 2016-01-13 20:54 - 2015-10-17 20:11 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-01-13 20:54 - 2015-10-17 20:11 - 00000000 ____D C:\ProgramData\Microsoft Help 2016-01-13 20:50 - 2015-07-30 19:25 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-13 20:49 - 2015-10-19 04:53 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 20:42 - 2015-10-19 04:53 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-13 20:42 - 2009-07-13 23:34 - 00000478 _____ C:\WINDOWS\win.ini 2016-01-11 14:31 - 2015-12-13 03:34 - 00000000 ____D C:\WINDOWS\SysWOW64\directx 2016-01-10 21:47 - 2015-10-17 23:15 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-10 19:22 - 2015-10-18 17:24 - 00000000 ___HD C:\WINDOWS\msdownld.tmp 2016-01-09 22:19 - 2015-12-12 21:37 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\DAEMON Tools Lite 2016-01-09 19:10 - 2015-10-17 20:03 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-09 19:10 - 2015-10-17 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-09 12:58 - 2015-12-13 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer 2016-01-09 12:58 - 2015-12-13 14:56 - 00000000 ____D C:\Program Files (x86)\Tribo Gamer 2016-01-09 12:58 - 2015-12-13 14:42 - 00000000 ____D C:\Users\Marcio\AppData\Local\SKIDROW 2016-01-09 12:58 - 2015-12-13 03:35 - 00000000 ____D C:\Users\Marcio\Documents\My Games 2016-01-08 11:29 - 2015-11-08 10:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-01-08 11:29 - 2015-10-17 22:36 - 00003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice 2016-01-07 22:11 - 2015-10-17 22:25 - 00000000 ____D C:\Program Files (x86)\ASUS 2016-01-05 21:09 - 2015-10-17 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2016-01-05 20:21 - 2015-10-17 22:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-01-03 17:02 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\rescache 2016-01-02 22:40 - 2015-07-30 19:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-02 22:40 - 2015-07-30 19:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-02 10:59 - 2015-10-18 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-02 00:16 - 2015-11-09 14:16 - 00000000 ____D C:\Users\DefaultAppPool 2016-01-02 00:16 - 2015-10-19 01:05 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-01-02 00:16 - 2015-10-17 22:12 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA 2016-01-02 00:16 - 2015-09-10 02:22 - 00000000 ____D C:\WINDOWS\ShellNew 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 __RSD C:\WINDOWS\Media 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\spool 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\IME 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\schemas 2016-01-02 00:16 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-01-02 00:16 - 2015-07-30 18:50 - 00000000 ____D C:\WINDOWS\Setup 2016-01-02 00:16 - 2011-02-07 02:08 - 00000000 ____D C:\WINDOWS\system32\SPReview 2016-01-02 00:16 - 2011-02-07 01:10 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2016-01-02 00:15 - 2015-11-15 07:38 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe 2016-01-02 00:15 - 2015-11-15 07:38 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-01-02 00:15 - 2015-11-08 10:42 - 00000000 ____D C:\Users\Marcio\AppData\Local\TileDataLayer 2016-01-02 00:15 - 2015-11-08 09:58 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-01-02 00:15 - 2015-11-04 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2016-01-02 00:15 - 2015-11-02 04:48 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-02 00:15 - 2015-11-01 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager 2016-01-02 00:15 - 2015-10-31 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena 2016-01-02 00:15 - 2015-10-20 23:04 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PointBlank 2016-01-02 00:15 - 2015-10-19 03:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician 2016-01-02 00:15 - 2015-10-18 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 2016-01-02 00:15 - 2015-10-18 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Games 2016-01-02 00:15 - 2015-10-17 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-02 00:15 - 2015-10-17 22:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-01-02 00:15 - 2015-10-17 20:46 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DP Chip 2016-01-02 00:15 - 2015-10-17 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 2016-01-02 00:15 - 2015-10-17 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2016-01-02 00:15 - 2015-10-17 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-01-02 00:15 - 2015-07-30 19:42 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-01-02 00:15 - 2015-07-30 19:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-01-02 00:15 - 2015-07-30 19:42 - 00000000 ____D C:\Users\Todos os Usuários\USOPrivate 2016-01-02 00:15 - 2015-07-30 19:42 - 00000000 ____D C:\ProgramData\USOPrivate 2016-01-02 00:15 - 2015-07-30 19:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-01-02 00:15 - 2011-02-05 12:15 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-01-01 16:36 - 2015-10-18 17:53 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 2016-01-01 15:30 - 2015-12-12 19:03 - 00000000 ____D C:\Users\Marcio\AppData\Local\Spotify 2016-01-01 15:30 - 2015-12-12 19:00 - 00000000 ____D C:\Users\Marcio\AppData\Roaming\Spotify 2015-12-26 21:41 - 2015-10-24 18:24 - 00000000 ____D C:\Program Files (x86)\Left 4 Dead 2 2015-12-25 03:55 - 2015-11-08 10:49 - 00000000 ___RD C:\Users\Marcio\OneDrive 2015-12-25 03:38 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\Registration 2015-12-25 03:36 - 2015-11-08 10:31 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-12-25 03:36 - 2015-11-01 01:22 - 00002584 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Update 2015-12-25 03:36 - 2015-11-01 01:22 - 00002392 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Initial Update 2015-12-25 03:35 - 2015-11-05 16:21 - 00002166 _____ C:\WINDOWS\System32\Tasks\{8C3535FB-30E3-431E-98FE-3C5970869DB6} 2015-12-25 03:35 - 2015-10-19 02:30 - 00002284 _____ C:\WINDOWS\System32\Tasks\{C79FF0C8-9AE3-4E40-BB5B-A908DBD75074} 2015-12-25 03:35 - 2015-10-18 19:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\{08660FA5-E614-4722-83B3-6723975F8DE1} 2015-12-25 03:35 - 2015-10-18 00:37 - 00003608 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-25 03:35 - 2015-10-18 00:37 - 00003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-25 03:35 - 2015-10-17 22:25 - 00002246 _____ C:\WINDOWS\System32\Tasks\ATKOSD2 2015-12-25 03:35 - 2015-10-17 20:49 - 00002794 _____ C:\WINDOWS\System32\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935} 2015-12-25 02:52 - 2015-11-08 10:10 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-21 00:12 - 2015-10-19 03:29 - 00000000 ____D C:\Program Files (x86)\Driver Magician 2015-12-20 06:59 - 2015-12-13 03:30 - 00000000 ____D C:\Program Files (x86)\Psyonix 2015-12-18 23:05 - 2015-10-17 20:11 - 00000000 ____D C:\Users\Marcio\AppData\Local\Microsoft Help ==================== Arquivos na raiz de alguns diretórios ======= 2016-01-14 22:17 - 2016-01-14 22:17 - 1763184 _____ () C:\Users\Marcio\AppData\Roaming\a1dae3f1e483.exe 2016-01-14 22:17 - 2015-12-10 07:39 - 1015808 _____ (d) C:\Users\Marcio\AppData\Roaming\download.exe 2016-01-14 22:17 - 2016-01-14 22:17 - 0621568 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Marcio\AppData\Roaming\libeay32.dll 2016-01-14 22:16 - 2016-01-14 06:46 - 2412032 _____ () C:\Users\Marcio\AppData\Roaming\msiql.exe 2016-01-13 20:18 - 2016-01-13 20:18 - 0000132 _____ () C:\Users\Marcio\AppData\Roaming\Preferências do Formato PNG CC da Adobe 2015-10-31 21:44 - 2015-12-04 23:36 - 0045270 _____ () C:\Users\Marcio\AppData\Roaming\room_v3.dat 2016-01-14 22:17 - 2016-01-14 22:17 - 0162304 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Marcio\AppData\Roaming\ssleay32.dll 2016-01-14 22:16 - 2016-01-14 22:44 - 2786816 _____ (TODO: ) C:\Users\Marcio\AppData\Roaming\svrupg.exe 2016-01-14 22:16 - 2016-01-16 21:10 - 0006413 _____ () C:\Users\Marcio\AppData\Roaming\webad.xml 2016-01-15 22:28 - 2016-01-16 17:45 - 0000322 _____ () C:\Users\Marcio\AppData\Roaming\xcgui_debug.txt 2016-01-14 22:17 - 2015-11-30 14:45 - 2496403 _____ ( ) C:\Users\Marcio\AppData\Roaming\yeaplayer_51479.exe 2016-01-14 22:16 - 2016-01-11 14:49 - 1734656 _____ () C:\ProgramData\search Arquivos para serem movidos ou deletados: ==================== C:\WINDOWS\Temp\00001993\casrss.exe C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job Alguns arquivos em TEMP: ==================== C:\Users\Marcio\AppData\Local\Temp\tu17p84.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-01-15 10:47 ==================== Fim de FRST.txt ============================