Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:24-02-2016 Executado por Alice Mota (administrador) em ALICEMOTA-PC (25-02-2016 09:52:35) Executando a partir de C:\Users\Alice Mota\Desktop Perfis Carregados: Alice Mota (Perfis Disponíveis: Alice Mota & DefaultAppPool) Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\System32\CISVC.EXE (Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Microsoft Corporation) C:\Windows\System32\snmp.exe () C:\Users\Alice Mota\AppData\Local\D3FDCF80-1456392090-11B2-8000-96261AF2B937\qnseF7D8.tmp (Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe () C:\Users\Alice Mota\AppData\Local\dply_en_015020248\updply_en_015020248.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\ProgramData\WindowsMsg\osmsg.exe () C:\ProgramData\msiql.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12205784 2015-04-07] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [986872 2016-01-29] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2350392 2012-10-16] (Synaptics Incorporated) HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) HKLM\...\Run: [dply_en_015020248] => "C:\Program Files\dply_en_015020248\dply_en_015020248.exe" HKLM\...\Run: [mbot_en_037050248] => "C:\Program Files\mbot_en_037050248\mbot_en_037050248.exe" HKLM\...\Run: [mpck_en_005030248] => [X] HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] () HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] () HKLM\...\Run: [MTview] => C:\Program Files\MTV20160128\MTView.exe -mini HKLM\...\RunOnce: [updply_en_015020248.exe] => C:\Users\Alice Mota\AppData\Local\dply_en_015020248\updply_en_015020248.exe [3156144 2016-02-24] () HKLM\...\RunOnce: [upmbot_en_037050248.exe] => C:\Users\Alice Mota\AppData\Local\mbot_en_037050248\upmbot_en_037050248.exe [3155120 2016-02-24] () HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [WindApp] => "C:\Users\Alice Mota\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [Selection Tools] => "C:\Users\Alice Mota\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-09] () HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [msiql] => C:\ProgramData\msiql.exe [2415616 2016-01-26] () HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [Yeaplayer] => C:\Program Files\Yeaplayer\Yeaplayermd.exe /autostart HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\Run: [MediadownloaderDlr] => c:\programdata\mediadownloaderdlr.exe [1589760 2016-02-25] (TZ) HKU\S-1-5-21-2328873562-1806874857-566758227-1000\...\MountPoints2: {71c7f188-d9ab-11e5-8c60-90a4dea47742} - E:\Autorun.exe GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 177.222.229.251 177.222.229.252 Tcpip\..\Interfaces\{557964E6-C6C4-4DCD-A0B9-660F9022BD3D}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{B05DFBCC-652D-4F50-99D3-5F1643D8E71A}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{C8E9302B-9767-4560-AC64-889A99D0DD29}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{C8E9302B-9767-4560-AC64-889A99D0DD29}: [DhcpNameServer] 177.222.229.251 177.222.229.252 Tcpip\..\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: [NameServer] 104.197.191.4 ManualProxies: 0hxxp://stop-block.org/wpad.dat?e164846f46030931ac7f9c2552533be46671879 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/ HKU\S-1-5-21-2328873562-1806874857-566758227-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-2328873562-1806874857-566758227-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie SearchScopes: HKU\S-1-5-21-2328873562-1806874857-566758227-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear FireFox: ======== FF ProfilePath: C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 FF NewTab: hxxp://www.yessearches.com/?ts=AHEpBXApBn0oAE..&v=20160202&uid=DF4072E6B8BD8025DAB9C32D28B41F87&ptid=sqr1&mode=ffseng FF DefaultSearchEngine: yessearches FF SelectedSearchEngine: yessearches FF Homepage: hxxp://www.yessearches.com/?ts=AHEpBXApBn0oAE..&v=20160202&uid=DF4072E6B8BD8025DAB9C32D28B41F87&ptid=sqr1&mode=ffseng FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2328873562-1806874857-566758227-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alice Mota\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-24] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\7yzhv8lk.default\user.js [2016-02-24] FF user.js: detected! => C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js [2016-02-24] FF SearchPlugin: C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\7yzhv8lk.default\searchplugins\yoursearching.xml [2016-02-24] FF SearchPlugin: C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-02-24] FF SearchPlugin: C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\yoursearching.xml [2016-02-24] FF Extension: FirefixTab - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\7yzhv8lk.default\Extensions\deskCutv2@gmail.com [2016-02-24] [não assinado] FF Extension: Oasis Space 1.0.1 - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\7yzhv8lk.default\Extensions\{41113b98-97af-43e5-a55f-61be657e4882}.xpi [2016-02-23] [não assinado] FF Extension: Video DownloadHelper - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\7yzhv8lk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-02-17] FF Extension: GsearchFinder - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-02-02] FF Extension: FirefixTab - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\deskCutv2@gmail.com [2016-02-24] [não assinado] FF Extension: Oasis Space 1.0.1 - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{41113b98-97af-43e5-a55f-61be657e4882}.xpi [2016-02-23] [não assinado] FF Extension: Video DownloadHelper - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-02-17] FF HKLM\...\Firefox\Extensions: [searchpredict@speedbit.com] - => não encontrado (a) FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Alice Mota\AppData\Roaming\Mozilla\Firefox\Profiles\7yzhv8lk.default\extensions\deskCutv2@gmail.com Chrome: ======= CHR dev: Chrome dev build detectado! <======= ATENÇÃO CHR StartupUrls: Default -> "hxxps://www.google.com.br/" CHR Profile: C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Alice Mota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-24] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-02-24] () [Arquivo não assinado] S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-02-24] (TODO: ) [Arquivo não assinado] R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Corporation) R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-13] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2016-01-29] (Microsoft Corporation) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [126464 2010-11-20] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [292816 2016-01-29] (Microsoft Corporation) R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [Arquivo não assinado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2016-01-25] (Microsoft Corporation) R2 zigipyro; C:\Users\Alice Mota\AppData\Local\D3FDCF80-1456392090-11B2-8000-96261AF2B937\qnseF7D8.tmp [158720 2015-12-26] () [Arquivo não assinado] S2 ggbugreport; "C:\Program Files\SearchesToYesbnd\bugreport.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X] S2 ihpmServer; "C:\Program Files\RayDld\ihpmServer.exe" [X] S2 jejomivyzbt; C:\Program Files\D3FDCF80-1456351687-11B2-8000-96261AF2B937\knsf9D0F.tmpfs [X] S2 Update Oasis Space; "C:\Program Files\Oasis Space\updateOasisSpace.exe" [X] S2 Util Oasis Space; "C:\Program Files\Oasis Space\bin\utilOasisSpace.exe" [X] S2 Winsere; "C:\Program Files\Winsere\Winsere\Winsere.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X] S2 wucotusy; C:\Program Files\D3FDCF80-1456351687-11B2-8000-96261AF2B937\hnsq17D2.tmp [X] S2 zutuzuni; C:\Program Files\D3FDCF80-1456351687-11B2-8000-96261AF2B937\jnsvE2EB.tmp [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [49408 2016-02-24] (Cherimoya Ltd) [Arquivo não assinado] R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [42496 2009-09-09] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [253704 2015-11-13] (Microsoft Corporation) S1 MpKsl0d640d57; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C6F6BC4B-3385-4C69-88EF-A23D02E97F8B}\MpKsl0d640d57.sys [39168 2016-02-25] () [Arquivo não assinado] R3 VMC33F; C:\Windows\System32\Drivers\VMC33F.sys [237952 2010-03-04] (Vimicro Corporation) R1 {41113b98-97af-43e5-a55f-61be657e4882}Gw; C:\Windows\System32\drivers\{41113b98-97af-43e5-a55f-61be657e4882}Gw.sys [43112 2016-02-24] (StdLib) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-02-25 09:52 - 2016-02-25 09:53 - 00014610 ____C C:\Users\Alice Mota\Desktop\FRST.txt 2016-02-25 09:51 - 2016-02-25 09:52 - 00000000 ___DC C:\FRST 2016-02-25 09:50 - 2016-02-25 09:51 - 01722368 ____C (Farbar) C:\Users\Alice Mota\Desktop\FRST.exe 2016-02-25 09:43 - 2016-02-25 09:43 - 00000404 ____C C:\Windows\Tasks\SCHEDLGU.TXT 2016-02-25 09:43 - 2016-02-25 09:43 - 00000006 ___HC C:\Windows\Tasks\SA.DAT 2016-02-25 09:37 - 2016-02-25 09:37 - 00000228 ____C C:\Windows\ntbtlog.txt 2016-02-25 09:21 - 2016-02-25 09:22 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\D3FDCF80-1456392090-11B2-8000-96261AF2B937 2016-02-25 09:04 - 2016-02-25 09:04 - 00000161 ____C C:\Users\Todos os Usuários\xcgui_debug.txt 2016-02-25 09:04 - 2016-02-25 09:04 - 00000161 ____C C:\ProgramData\xcgui_debug.txt 2016-02-25 08:47 - 2016-02-25 08:47 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\Yeaplayer 2016-02-25 08:46 - 2016-02-25 15:33 - 01589760 ____C (TZ) C:\Users\Todos os Usuários\MediadownloaderDlr.exe 2016-02-25 08:46 - 2016-02-25 15:33 - 01589760 ____C (TZ) C:\ProgramData\MediadownloaderDlr.exe 2016-02-25 08:45 - 2016-01-28 01:30 - 01054472 ____C C:\Users\Todos os Usuários\MTViewbuildmtview_316.exe 2016-02-25 08:45 - 2016-01-28 01:30 - 01054472 ____C C:\ProgramData\MTViewbuildmtview_316.exe 2016-02-24 21:37 - 2016-02-18 08:13 - 02963253 ____C ( ) C:\Users\Todos os Usuários\yeaplayer_wajam2.exe 2016-02-24 21:37 - 2016-02-18 08:13 - 02963253 ____C ( ) C:\ProgramData\yeaplayer_wajam2.exe 2016-02-24 21:28 - 2016-02-24 21:28 - 00000286 _RSHC C:\Users\Todos os Usuários\ntuser.pol 2016-02-24 21:28 - 2016-02-24 21:28 - 00000286 _RSHC C:\ProgramData\ntuser.pol 2016-02-24 21:26 - 2016-02-24 21:26 - 00000000 ___DC C:\Users\Todos os Usuários\baidu 2016-02-24 21:26 - 2016-02-24 21:26 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\Baidu 2016-02-24 21:26 - 2016-02-24 21:26 - 00000000 ___DC C:\ProgramData\baidu 2016-02-24 21:25 - 2015-11-25 15:31 - 01100288 ____C C:\Users\Todos os Usuários\HomePage.exe 2016-02-24 21:25 - 2015-11-25 15:31 - 01100288 ____C C:\ProgramData\HomePage.exe 2016-02-24 21:24 - 2016-02-24 06:18 - 01085440 ____C C:\Users\Todos os Usuários\delCalendarReg.exe 2016-02-24 21:24 - 2016-02-24 06:18 - 01085440 ____C C:\ProgramData\delCalendarReg.exe 2016-02-24 21:21 - 2016-02-24 21:32 - 00000000 ___DC C:\Users\Todos os Usuários\Windows Update 2016-02-24 21:21 - 2016-02-24 21:32 - 00000000 ___DC C:\ProgramData\Windows Update 2016-02-24 21:21 - 2015-12-10 15:43 - 00600312 ____C C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe 2016-02-24 21:21 - 2015-12-10 15:43 - 00600312 ____C C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe 2016-02-24 21:20 - 2016-02-24 21:30 - 00010365 ____C C:\Users\Todos os Usuários\webad.xml 2016-02-24 21:20 - 2016-02-24 21:30 - 00010365 ____C C:\ProgramData\webad.xml 2016-02-24 21:20 - 2015-12-04 13:14 - 01081344 ____C C:\Users\Todos os Usuários\LightGate.exe 2016-02-24 21:20 - 2015-12-04 13:14 - 01081344 ____C C:\ProgramData\LightGate.exe 2016-02-24 21:19 - 2016-01-26 11:54 - 02415616 ____C C:\Users\Todos os Usuários\msiql.exe 2016-02-24 21:19 - 2016-01-26 11:54 - 02415616 ____C C:\ProgramData\msiql.exe 2016-02-24 21:18 - 2016-02-24 21:18 - 01734656 ____C C:\Users\Todos os Usuários\service.exe 2016-02-24 21:18 - 2016-02-24 21:18 - 01734656 ____C C:\ProgramData\service.exe 2016-02-24 21:15 - 2016-02-24 21:18 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\UPUpdata 2016-02-24 21:14 - 2016-02-24 21:14 - 00000000 ___DC C:\Users\Public\Documents\Guid 2016-02-24 20:57 - 2015-11-20 19:27 - 00017840 ____C () C:\Windows\system32\roboot.exe 2016-02-24 20:55 - 2016-02-25 09:11 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\systweak 2016-02-24 20:49 - 2016-02-25 09:43 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\mbot_en_037050248 2016-02-24 20:49 - 2016-02-24 20:51 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\Tempfolder 2016-02-24 20:49 - 2016-02-24 20:49 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\WiqoYdhham 2016-02-24 20:43 - 2016-02-24 21:33 - 00000000 ___DC C:\Users\Todos os Usuários\WindowsMsg 2016-02-24 20:43 - 2016-02-24 21:33 - 00000000 ___DC C:\ProgramData\WindowsMsg 2016-02-24 20:40 - 2016-02-24 21:00 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-02-24 20:37 - 2016-02-24 20:39 - 00000000 ___DC C:\Users\Public\Documents\dmp 2016-02-24 20:31 - 2016-02-24 19:00 - 00001110 ____C C:\Windows\system32\Drivers\etc\hp.bak 2016-02-24 19:14 - 2016-02-24 19:14 - 00000000 ___DC C:\Users\Alice Mota\AppData\LocalLow\Company 2016-02-24 19:14 - 2016-02-24 19:14 - 00000000 ___DC C:\Users\Alice Mota\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} 2016-02-24 19:12 - 2016-02-24 19:12 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\BoBrowser 2016-02-24 19:12 - 2016-02-24 10:41 - 00043112 ____C (StdLib) C:\Windows\system32\Drivers\{41113b98-97af-43e5-a55f-61be657e4882}Gw.sys 2016-02-24 19:11 - 2016-02-24 21:02 - 00001100 ____C C:\Windows\system32\${LOGFILE} 2016-02-24 19:00 - 2016-02-24 19:00 - 00000000 ___DC C:\Users\Public\Documents\Tools 2016-02-24 18:59 - 2016-02-24 18:59 - 00000000 ___DC C:\Users\Public\Documents\Baidu 2016-02-24 18:57 - 2016-02-25 09:10 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\WTools 2016-02-24 18:55 - 2016-02-25 08:57 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\Store 2016-02-24 18:52 - 2016-02-24 18:52 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\SpringFiles 2016-02-24 18:50 - 2016-02-25 09:46 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\dply_en_015020248 2016-02-24 18:49 - 2016-02-24 21:02 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\Nosibay 2016-02-24 18:43 - 2016-02-24 18:44 - 03883056 ____C (Zurumbia Incorpatated) C:\Users\Alice Mota\Downloads\vorbis_synthesis_idheader_dll_download_downloader.exe 2016-02-24 18:28 - 2016-02-24 19:13 - 00049408 ____C (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys 2016-02-24 18:19 - 2016-02-24 18:19 - 00139207 ____C C:\Users\Alice Mota\Downloads\vorbis.dll.zip 2016-02-24 18:17 - 2016-02-24 18:17 - 00020510 ____C C:\Users\Alice Mota\Downloads\ogg.dll.zip 2016-02-24 18:05 - 2016-02-24 18:27 - 00028952 ____C (Xiph.Org Foundation) C:\Windows\system32\vorbisfile.dll 2016-02-24 14:17 - 2016-02-24 16:29 - 00000000 ___DC C:\Users\Alice Mota\Downloads\[PC][-GTA San Andreas With Online Multiplayer-] 2016-02-24 14:10 - 2016-02-24 14:13 - 00815104 ___HC C:\Users\Alice Mota\AppData\Roaming\base_en.db 2016-02-23 21:35 - 2016-02-23 21:39 - 00000000 ___DC C:\Users\Alice Mota\Desktop\Whatsapp Imagens 2016-02-23 21:34 - 2016-02-23 21:34 - 00000000 ___DC C:\Users\Alice Mota\Desktop\Print 2016-02-23 21:27 - 2016-02-23 21:27 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\HdO Adventure 2016-02-22 18:58 - 2016-02-22 18:58 - 00000000 ___DC C:\Program Files\Microsoft WSE 2016-02-22 18:58 - 2006-09-28 16:05 - 02414360 ____C (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2016-02-22 18:33 - 2016-02-22 18:37 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\DAEMON Tools Pro 2016-02-22 18:33 - 2016-02-22 18:33 - 00000000 ___DC C:\Users\Todos os Usuários\DAEMON Tools Pro 2016-02-22 18:33 - 2016-02-22 18:33 - 00000000 ___DC C:\ProgramData\DAEMON Tools Pro 2016-02-22 18:32 - 2016-02-22 18:32 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\WinRAR 2016-02-19 19:42 - 2016-02-19 19:43 - 00000000 ___DC C:\Users\Alice Mota\Desktop\Nova pasta 2016-02-19 19:25 - 2016-02-19 20:10 - 154249176 ____C C:\Users\Alice Mota\Downloads\Teen.Wolf.S05E17.Legendado.mp4 2016-02-18 09:51 - 2016-02-18 09:51 - 00000000 ___DC C:\Users\Alice Mota\AppData\LocalLow\Adobe 2016-02-18 07:40 - 2016-02-18 07:47 - 64602162 ____C C:\Users\Alice Mota\Downloads\Física.pdf 2016-02-18 07:40 - 2016-02-18 07:44 - 24162360 ____C C:\Users\Alice Mota\Downloads\Física (1).pdf 2016-02-17 21:29 - 2016-02-17 21:29 - 00000000 ___DC C:\Users\Alice Mota\dwhelper 2016-02-17 20:52 - 2016-02-25 08:54 - 00002127 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-17 20:52 - 2016-02-17 21:06 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\Mozilla 2016-02-17 20:52 - 2016-02-17 21:02 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\Mozilla 2016-02-17 20:52 - 2016-02-17 20:52 - 00000000 ___DC C:\Program Files\Mozilla Maintenance Service 2016-02-17 20:51 - 2016-02-17 20:52 - 00000000 ___DC C:\Program Files\Mozilla Firefox 2016-02-11 02:02 - 2016-02-11 02:03 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-02-10 17:44 - 2016-02-11 02:23 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 17:37 - 2016-02-11 02:19 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 17:37 - 2016-02-11 02:19 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 17:37 - 2016-02-11 02:19 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 17:37 - 2016-02-11 02:19 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 17:34 - 2016-02-11 02:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 17:33 - 2016-02-11 02:24 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 17:25 - 2016-02-11 02:17 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 17:22 - 2016-02-11 02:14 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 17:21 - 2016-02-11 02:12 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-02-10 17:21 - 2016-02-11 02:12 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 17:21 - 2016-02-11 02:12 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll 2016-02-10 17:21 - 2016-02-11 02:12 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 17:20 - 2016-02-11 02:12 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 17:20 - 2016-02-11 02:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 17:20 - 2016-02-11 02:12 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 17:20 - 2016-02-11 02:12 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 17:20 - 2016-02-11 02:12 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 17:20 - 2016-02-11 02:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 17:20 - 2016-02-11 02:12 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 17:20 - 2016-02-11 02:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 17:20 - 2016-02-11 02:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 17:20 - 2016-02-11 02:12 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 17:20 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 17:19 - 2016-02-11 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 17:06 - 2016-02-11 02:02 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 17:06 - 2016-02-11 02:02 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 17:06 - 2016-02-11 02:02 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 17:05 - 2016-02-11 02:02 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 17:05 - 2016-02-11 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 17:05 - 2016-02-11 02:02 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 17:05 - 2016-02-11 02:02 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 17:05 - 2016-02-11 02:02 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 17:05 - 2016-02-11 02:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 17:05 - 2016-02-11 02:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 17:05 - 2016-02-11 02:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 13:10 - 2016-02-10 14:34 - 277430312 ____C C:\Users\Alice Mota\Downloads\Teen.Wolf.S05E16.wmv.mp4 2016-02-03 23:43 - 2016-02-04 00:22 - 273175967 ____C C:\Users\Alice Mota\Downloads\Teen.Wolf.S05E15.wmv.mp4 2016-02-03 22:33 - 2016-02-03 22:54 - 48705465 ____C C:\Users\Alice Mota\Downloads\Como Eu Era Antes de Você - Trailer Oficial 1 (leg) [HD].mp4 2016-01-28 20:13 - 2016-02-24 17:06 - 00000000 ___DC C:\Users\Alice Mota\AppData\LocalLow\uTorrent 2016-01-28 20:12 - 2016-01-28 20:12 - 00002634 ____C C:\Users\Alice Mota\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-01-28 20:09 - 2016-02-24 19:16 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\uTorrent 2016-01-28 10:06 - 2016-01-28 10:10 - 00000000 ___DC C:\Windows\rescache 2016-01-27 22:49 - 2016-01-27 23:23 - 151884403 ____C C:\Users\Alice Mota\Downloads\Teen.Wolf.S05E14.Legendado.mp4 2016-01-27 10:28 - 2016-02-11 02:40 - 00000000 __SDC C:\Windows\system32\CompatTel 2016-01-27 10:28 - 2016-02-11 02:40 - 00000000 ___DC C:\Windows\system32\appraiser 2016-01-26 14:24 - 2016-01-27 02:30 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2016-01-26 14:24 - 2016-01-27 02:30 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2016-01-26 14:24 - 2016-01-27 02:30 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-26 14:23 - 2016-01-27 02:24 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2016-01-26 14:23 - 2016-01-27 02:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2016-01-26 14:23 - 2016-01-27 02:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2016-01-26 14:23 - 2016-01-27 02:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2016-01-26 14:23 - 2016-01-27 02:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2016-01-26 14:23 - 2016-01-27 02:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2016-01-26 14:23 - 2016-01-27 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2016-01-26 14:23 - 2012-07-06 16:23 - 00393728 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2016-01-26 14:23 - 2011-04-28 00:15 - 00060416 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2016-01-26 14:23 - 2011-03-11 02:39 - 00143744 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2016-01-26 14:23 - 2011-03-11 02:39 - 00117120 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2016-01-26 14:23 - 2011-03-11 02:38 - 00332160 ____C (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2016-01-26 14:23 - 2011-03-11 02:38 - 00080256 ____C (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2016-01-26 14:23 - 2011-03-11 02:38 - 00022400 ____C (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2016-01-26 14:23 - 2011-03-11 01:01 - 00076288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-01-26 14:17 - 2016-01-27 02:22 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2016-01-26 14:17 - 2016-01-27 02:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2016-01-26 13:51 - 2016-01-27 02:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-02-25 09:51 - 2010-11-20 23:33 - 00766676 ____C C:\Windows\system32\prfh0416.dat 2016-02-25 09:51 - 2010-11-20 23:33 - 00168416 ____C C:\Windows\system32\prfc0416.dat 2016-02-25 09:51 - 2010-11-20 18:01 - 01793230 ____C C:\Windows\system32\PerfStringBackup.INI 2016-02-25 09:51 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\inf 2016-02-25 09:45 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\system32\inetsrv 2016-02-25 08:59 - 2009-07-14 01:34 - 00017328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-25 08:59 - 2009-07-14 01:34 - 00017328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-25 08:55 - 2016-01-14 18:36 - 00002358 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-25 08:55 - 2016-01-14 18:36 - 00002340 ____C C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-24 21:36 - 2009-07-14 01:46 - 00001515 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-02-24 20:50 - 2016-01-25 00:22 - 00270336 ____C (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2016-02-24 20:32 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\system32\GroupPolicy 2016-02-24 19:19 - 2016-01-14 18:22 - 00002129 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2016-02-24 19:18 - 2016-01-14 18:21 - 00000000 ___DC C:\Program Files\Microsoft Security Client 2016-02-22 21:49 - 2016-01-19 11:22 - 00000000 ___DC C:\Users\Alice Mota\Desktop\Images 2016-02-22 21:43 - 2016-01-20 09:54 - 00000000 ___DC C:\Users\Alice Mota\Desktop\Celular 2016-02-22 21:40 - 2016-01-14 18:26 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\Google 2016-02-22 21:39 - 2009-07-14 01:52 - 00000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-02-18 10:07 - 2016-01-14 17:17 - 00002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-02-18 10:06 - 2016-01-14 17:17 - 00000000 ___DC C:\Program Files\Common Files\Adobe 2016-02-18 09:52 - 2016-01-14 17:15 - 00000000 ___DC C:\Users\Todos os Usuários\Adobe 2016-02-18 09:52 - 2016-01-14 17:15 - 00000000 ___DC C:\ProgramData\Adobe 2016-02-18 09:51 - 2016-01-14 17:15 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\Adobe 2016-02-18 09:51 - 2016-01-14 17:15 - 00000000 ___DC C:\Users\Alice Mota\AppData\Local\Adobe 2016-02-17 21:29 - 2016-01-14 17:00 - 00000000 ___DC C:\Users\Alice Mota 2016-02-17 10:14 - 2016-01-14 20:34 - 00000000 ___DC C:\Users\Alice Mota\AppData\Roaming\vlc 2016-02-17 10:07 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\system32\NDF 2016-02-11 02:42 - 2009-07-14 01:33 - 00267528 ____C C:\Windows\system32\FNTCACHE.DAT 2016-01-28 09:28 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\AppCompat 2016-01-27 02:20 - 2016-01-23 14:26 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-01-27 02:20 - 2016-01-23 14:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2016-01-26 13:32 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\tracing 2016-01-26 13:32 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\system32\Dism 2016-01-26 13:32 - 2009-07-13 23:37 - 00000000 ___DC C:\Windows\PolicyDefinitions 2016-01-26 13:32 - 2009-07-13 23:37 - 00000000 ___DC C:\Program Files\Common Files\System 2016-01-26 13:13 - 2016-01-25 11:36 - 01081856 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-01-26 13:13 - 2016-01-25 11:36 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-01-26 13:13 - 2016-01-25 11:36 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-01-26 13:12 - 2016-01-25 11:36 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-01-26 13:10 - 2016-01-25 11:36 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-01-26 13:09 - 2016-01-25 11:35 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2016-01-26 13:08 - 2016-01-25 11:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2016-01-26 13:07 - 2016-01-25 11:35 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2016-01-26 13:06 - 2016-01-25 11:34 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2016-01-26 13:06 - 2016-01-25 11:34 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2016-01-26 13:03 - 2016-01-25 11:28 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-01-26 13:03 - 2016-01-25 11:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2016-01-26 13:03 - 2016-01-25 11:28 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2016-01-26 13:02 - 2016-01-25 11:25 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\tlntsess.exe 2016-01-26 13:01 - 2016-01-25 11:25 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-01-26 13:01 - 2016-01-25 11:25 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-01-26 13:01 - 2016-01-25 11:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-01-26 13:01 - 2016-01-25 11:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2016-01-26 13:00 - 2016-01-25 12:40 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2016-01-26 13:00 - 2016-01-25 12:40 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2016-01-26 13:00 - 2016-01-25 12:40 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2016-01-26 12:59 - 2016-01-25 11:17 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2016-01-26 12:59 - 2016-01-25 11:17 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2016-01-26 12:58 - 2016-01-25 11:13 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-01-26 12:58 - 2016-01-25 11:13 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2016-01-26 12:58 - 2016-01-25 11:13 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-01-26 12:57 - 2016-01-25 11:13 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2016-01-26 12:56 - 2016-01-25 11:12 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2016-01-26 12:56 - 2016-01-25 11:12 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2016-01-26 12:55 - 2016-01-25 11:12 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2016-01-26 12:55 - 2016-01-25 11:12 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2016-01-26 12:54 - 2016-01-25 11:11 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-26 12:52 - 2016-01-25 11:11 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-01-26 12:52 - 2016-01-25 11:11 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-01-26 12:48 - 2016-01-25 11:01 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2016-01-26 12:48 - 2016-01-25 11:01 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-01-26 12:48 - 2016-01-25 11:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2016-01-26 12:48 - 2016-01-25 11:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2016-01-26 12:47 - 2016-01-25 11:01 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-01-26 12:47 - 2016-01-25 11:01 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2016-01-26 12:46 - 2016-01-25 00:25 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2016-01-26 12:44 - 2016-01-25 00:24 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-01-26 12:44 - 2016-01-25 00:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-01-26 12:44 - 2016-01-25 00:24 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-01-26 12:44 - 2016-01-25 00:24 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-01-26 12:43 - 2016-01-25 00:22 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2016-01-26 12:43 - 2016-01-25 00:22 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2016-01-26 12:40 - 2016-01-25 00:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-01-26 12:35 - 2016-01-25 00:15 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-01-26 12:35 - 2016-01-25 00:15 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-01-26 12:35 - 2016-01-25 00:14 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2016-01-26 12:10 - 2016-01-25 00:07 - 02135040 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-26 12:10 - 2016-01-25 00:07 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-01-26 12:10 - 2016-01-25 00:07 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-01-26 12:10 - 2016-01-25 00:06 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-01-26 12:10 - 2016-01-25 00:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-01-26 12:10 - 2016-01-25 00:05 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-01-26 12:10 - 2016-01-25 00:05 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-01-26 12:10 - 2016-01-25 00:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-01-26 12:10 - 2016-01-25 00:05 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-01-26 12:10 - 2016-01-25 00:05 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-01-26 12:10 - 2016-01-25 00:05 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe ==================== Arquivos na raiz de alguns diretórios ======= 2016-02-24 14:10 - 2016-02-24 14:13 - 0815104 ___HC () C:\Users\Alice Mota\AppData\Roaming\base_en.db 2016-02-24 18:45 - 2016-02-24 18:59 - 0001266 ____C () C:\Users\Alice Mota\AppData\Roaming\Bubble Dock.boostrap.log 2016-02-24 18:48 - 2016-02-24 18:54 - 0005743 ____C () C:\Users\Alice Mota\AppData\Roaming\Bubble Dock.installation.log 2016-02-24 18:57 - 2016-02-24 18:57 - 0000078 ____C () C:\Users\Alice Mota\AppData\Roaming\Selection Tools.installation.log 2016-02-24 18:46 - 2016-02-24 18:46 - 0000097 ____C () C:\Users\Alice Mota\AppData\Roaming\WindApp.boostrap.log 2016-02-24 18:54 - 2016-02-24 18:54 - 0000078 ____C () C:\Users\Alice Mota\AppData\Roaming\WindApp.installation.log 2016-02-25 08:47 - 2016-02-25 08:47 - 0000461 ____C () C:\ProgramData\cookies 2016-02-24 21:24 - 2016-02-24 06:18 - 1085440 ____C () C:\ProgramData\delCalendarReg.exe 2016-01-14 17:20 - 2016-01-14 17:20 - 0000000 ___HC () C:\ProgramData\DP45977C.lfl 2016-02-24 21:25 - 2015-11-25 15:31 - 1100288 ____C () C:\ProgramData\HomePage.exe 2016-02-24 21:20 - 2015-12-04 13:14 - 1081344 ____C () C:\ProgramData\LightGate.exe 2016-02-25 08:46 - 2016-02-25 15:33 - 1589760 ____C (TZ) C:\ProgramData\MediadownloaderDlr.exe 2016-02-24 21:19 - 2016-01-26 11:54 - 2415616 ____C () C:\ProgramData\msiql.exe 2016-02-25 08:45 - 2016-01-28 01:30 - 1054472 ____C () C:\ProgramData\MTViewbuildmtview_316.exe 2016-02-24 21:18 - 2016-02-24 21:18 - 1734656 ____C () C:\ProgramData\service.exe 2016-02-24 21:20 - 2016-02-24 21:30 - 0010365 ____C () C:\ProgramData\webad.xml 2016-02-25 09:04 - 2016-02-25 09:04 - 0000161 ____C () C:\ProgramData\xcgui_debug.txt 2016-02-24 21:21 - 2015-12-10 15:43 - 0600312 ____C () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe 2016-02-24 21:37 - 2016-02-18 08:13 - 2963253 ____C ( ) C:\ProgramData\yeaplayer_wajam2.exe Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\delCalendarReg.exe C:\ProgramData\HomePage.exe C:\ProgramData\LightGate.exe C:\ProgramData\MediadownloaderDlr.exe C:\ProgramData\msiql.exe C:\ProgramData\MTViewbuildmtview_316.exe C:\ProgramData\service.exe C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe C:\ProgramData\yeaplayer_wajam2.exe C:\Users\Todos os Usuários\delCalendarReg.exe C:\Users\Todos os Usuários\HomePage.exe C:\Users\Todos os Usuários\LightGate.exe C:\Users\Todos os Usuários\MediadownloaderDlr.exe C:\Users\Todos os Usuários\msiql.exe C:\Users\Todos os Usuários\MTViewbuildmtview_316.exe C:\Users\Todos os Usuários\service.exe C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe C:\Users\Todos os Usuários\yeaplayer_wajam2.exe Alguns arquivos em TEMP: ==================== C:\Users\Alice Mota\AppData\Local\Temp\25F9.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\3073.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\3832.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\7244.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\7686.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\8140.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\938A.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\B21F.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\B5E7.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\BC9MSRKB2M.exe C:\Users\Alice Mota\AppData\Local\Temp\cabex.dll C:\Users\Alice Mota\AppData\Local\Temp\fsd511C.exe C:\Users\Alice Mota\AppData\Local\Temp\FYs9tW1Mej.exe C:\Users\Alice Mota\AppData\Local\Temp\GRRemove.exe C:\Users\Alice Mota\AppData\Local\Temp\GuCdbJUT2Z.exe C:\Users\Alice Mota\AppData\Local\Temp\ICReinstall_25F9.tmp.exe C:\Users\Alice Mota\AppData\Local\Temp\LOUafrXjTy.exe C:\Users\Alice Mota\AppData\Local\Temp\stubhelper.dll C:\Users\Alice Mota\AppData\Local\Temp\unelevate.exe C:\Users\Alice Mota\AppData\Local\Temp\V4y1WG17mT.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-02-19 11:09 ==================== Fim de FRST.txt ============================