Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 06-11-2016
Executado por Liris (administrador) em LIRIS-PC (08-11-2016 21:57:32)
Executando a partir de C:\Users\Liris\Downloads
Perfis Carregados: Liris (Perfis Disponíveis: Liris)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: "C:\Program Files\Ballfire\Application\chrome.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files\InterHop\InterHop.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\HSSCP.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Users\Liris\AppData\Local\Temp\Java\SYSLIRIS-PC.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(BitTorrent Inc.) C:\Users\Liris\AppData\Roaming\uTorrent\uTorrent.exe
(Spiritsoft) C:\Users\Liris\Downloads\ipts_130613\ipts.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(BitTorrent Inc.) C:\Users\Liris\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(BitTorrent Inc.) C:\Users\Liris\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
() C:\Users\Liris\AppData\Roaming\behbe\UvConverter.exe
(hxxp://www.amule.org/) C:\Program Files\amuleC\ed2k.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Nicolas Coolman) C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe
(Spiritsoft) C:\Users\Liris\Downloads\ipts_130613\ipts.exe
(Spiritsoft) C:\Users\Liris\Downloads\ipts_130613\ipts.exe
(Google Inc.) C:\Program Files\Ballfire\Application\chrome.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Run: [Intel Service] => C:\Users\Liris\AppData\Local\Temp\Java\SYSLIRIS-PC.exe [95293440 2016-09-09] () <===== ATENÇÃO
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [Chromium] => c:\users\liris\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [uTorrent] => C:\Users\Liris\AppData\Roaming\uTorrent\uTorrent.exe [2375360 2016-10-02] (BitTorrent Inc.)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [ipts] => C:\Users\Liris\Downloads\ipts_130613\ipts.exe [1078272 2016-09-13] (Spiritsoft)
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\Run: [redsurf] => C:\Users\Liris\AppData\Roaming\RedSurf-client\redsurf.exe [594432 2015-01-19] ()
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\MountPoints2: E - E:\Install.exe
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\...\MountPoints2: {5bc9ea44-8e2b-11e6-b063-b8975a797294} - E:\Install.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Nenhum Arquivo
GroupPolicy: Restrição ? <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [HKLM] => Proxy está habilitado.
ProxyServer: [HKLM] => 127.0.0.1:38830
ProxyServer: [S-1-5-21-943608218-2961624703-3239595149-1000] => 127.0.0.1:38830
AutoConfigURL: [S-1-5-21-943608218-2961624703-3239595149-1000] => 127.0.0.1:38830
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2CCB6E92-A2C6-4E15-A284-ED1F36E224FD}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2CCB6E92-A2C6-4E15-A284-ED1F36E224FD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D5D497FE-A392-433E-BC86-0155FB4B7EFD}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mylucky123.com/search/?type=ds&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX&q={searchTerms}
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mylucky123.com/?type=hp&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX
HKU\S-1-5-21-943608218-2961624703-3239595149-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mylucky123.com/?type=hp&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-943608218-2961624703-3239595149-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-943608218-2961624703-3239595149-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mylucky123.com/search/?type=ds&ts=1477341886&z=77502bad654655abc41d953gdzam4mec7z2g0b4bcm&from=interhop1024&uid=HGSTXHTS725050A7E630_TF1500WH0M8Z8M0M8Z8MX&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-15] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: u09qlgh9.default
FF ProfilePath: C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\u09qlgh9.default\Profiles\u09qlgh9.default [não encontrado (a)]
FF ProfilePath: C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default [2016-11-08]
FF user.js: detected! => C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default\user.js [2016-11-08]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\u09qlgh9.default -> youndoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\u09qlgh9.default -> youndoo
FF NetworkProxy: Mozilla\Firefox\Profiles\u09qlgh9.default -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u09qlgh9.default -> http_port", 65032
FF NetworkProxy: Mozilla\Firefox\Profiles\u09qlgh9.default -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\u09qlgh9.default -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\u09qlgh9.default -> ssl_port", 65032
FF NetworkProxy: Mozilla\Firefox\Profiles\u09qlgh9.default -> type", 0
FF Homepage: Mozilla\Firefox\Profiles\u09qlgh9.default -> hxxp://www.nicesearches.com?type=hp&ts=1478632972&from=ead80003&uid=hgstxhts725050a7e630_tf1500wh0m8z8m0m8z8mx&z=aefa759eb67c975c6ac51abgfz4m2beqbcfo7t6mco
FF NewTab: Mozilla\Firefox\Profiles\u09qlgh9.default -> hxxp://www.nicesearches.com?type=hp&ts=1478632972&from=ead80003&uid=hgstxhts725050a7e630_tf1500wh0m8z8m0m8z8mx&z=aefa759eb67c975c6ac51abgfz4m2beqbcfo7t6mco
FF Extension: (xRocket Toolbar) - C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default\Extensions\arthurj8283@gmail.com [2016-11-08] [não assinado]
FF SearchPlugin: C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default\searchplugins\mylucky123.xml [2016-10-24]
FF SearchPlugin: C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default\searchplugins\nice.xml [2016-11-08]
FF SearchPlugin: C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default\searchplugins\sfhz9xue.xml [2016-10-09]
FF HKLM\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Liris\AppData\Roaming\Mozilla\Firefox\Profiles\u09qlgh9.default\extensions\arthurj8283@gmail.com
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-15] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-22] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.nicesearches.com?type=hp&ts=1478632972&from=ead80003&uid=hgstxhts725050a7e630_tf1500wh0m8z8m0m8z8mx&z=aefa759eb67c975c6ac51abgfz4m2beqbcfo7t6mco
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nicesearches.com?type=hp&ts=1478632972&from=ead80003&uid=hgstxhts725050a7e630_tf1500wh0m8z8m0m8z8mx&z=aefa759eb67c975c6ac51abgfz4m2beqbcfo7t6mco" 
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1478632972&from=ead80003&uid=hgstxhts725050a7e630_tf1500wh0m8z8m0m8z8mx&z=aefa759eb67c975c6ac51abgfz4m2beqbcfo7t6mco&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> nice
CHR Profile: C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-08] <==== ATENÇÃO
CHR Extension: (Google Apresentações) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-09]
CHR Extension: (Google Docs) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-09]
CHR Extension: (Google Drive) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-09]
CHR Extension: (YouTube) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-09]
CHR Extension: (Planilhas do Google) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-09]
CHR Extension: (Documentos Google off-line) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-09]
CHR Extension: (Gmail) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-09]
CHR Extension: (Chrome Media Router) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-15]
CHR Profile: C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2016-10-09] <==== ATENÇÃO
CHR Extension: (Google Apresentações) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-22]
CHR Extension: (Google Docs) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-22]
CHR Extension: (Planilhas do Google) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-22]
CHR Extension: (Documentos Google off-line) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Liris\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Ajering; C:\Program Files\Stiqidom\Plsadapter.dll [277504 2016-10-09] () [Arquivo não assinado]
R2 Archer; C:\Program Files\WinArcher\Archer.dll [337920 2016-10-26] () [Arquivo não assinado]
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.) [Arquivo não assinado]
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280696 2016-01-13] (Intel Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd)
R2 ed2kidle; C:\Program Files\amuleC\ed2k.exe [237568 2016-10-08] (hxxp://www.amule.org/) [Arquivo não assinado]
R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2710648 2016-08-23] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [103168 2016-08-23] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [274040 2016-01-13] (Intel Corporation)
S2 IlS; C:\ProgramData\Tencent\QQ\qmdr\dr.dll [347648 2016-10-24] () [Arquivo não assinado]
R2 InterHop; C:\Program Files\InterHop\InterHop.exe [160256 2016-10-24] () [Arquivo não assinado] <==== ATENÇÃO
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [131024 2016-08-19] (Elex do Brasil Participações Ltda)
S3 npggsvc; C:\Windows\system32\GameMon.des [4044296 2016-06-09] (INCA Internet Co., Ltd.)
R2 UvConv; C:\Users\Liris\AppData\Roaming\behbe\UvConverter.exe [440832 2016-11-07] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [218624 2016-10-21] () [Arquivo não assinado]
S2 Hkhlp; C:\Program Files\Common Files\Apps\Hkhlp.dll [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AFTrafMgr1.1; C:\Program Files\Hotspot Shield\bin\TrafMgr_1_1_32.sys [47544 2016-08-23] (AnchorFree Inc.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [24576 2015-05-12] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [25088 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [30208 2015-05-12] (LG Electronics Inc.)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-07-03] (BlueStack Systems)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2016-10-09] (Disc Soft Ltd)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [227776 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [50280 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [97912 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [45032 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [73232 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [59152 2016-05-19] (Elex do Brasil Participações Ltda)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [27944 2015-06-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [404776 2015-06-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [818672 2016-05-06] (Intel Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [36944 2016-04-19] (Anchorfree Inc.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [103544 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [165880 2016-04-28] (Oracle Corporation)
U0 aswVmm; não ImagePath
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
U3 mbr; \??\C:\Users\Liris\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-08 21:57 - 2016-11-08 21:59 - 00023019 _____ C:\Users\Liris\Downloads\FRST.txt
2016-11-08 21:57 - 2016-11-08 21:57 - 00000000 ____D C:\FRST
2016-11-08 21:56 - 2016-11-08 21:56 - 01759744 _____ (Farbar) C:\Users\Liris\Downloads\FRST.exe
2016-11-08 21:47 - 2016-11-08 21:47 - 00004973 _____ C:\Users\Liris\Desktop\ZHPFixReport.txt
2016-11-08 21:45 - 2016-11-08 21:47 - 00000000 ____D C:\Program Files\nsrxr3sz
2016-11-08 21:41 - 2016-11-08 21:41 - 00004617 _____ C:\Users\Liris\Downloads\relatorio.txt
2016-11-08 21:39 - 2016-11-08 21:39 - 00119392 _____ C:\Users\Liris\Desktop\ZHPDiag.txt
2016-11-08 21:38 - 2016-11-08 21:38 - 00000512 _____ C:\PhysicalDisk0_MBR.bin
2016-11-08 21:19 - 2016-11-08 21:19 - 00000000 ____D C:\Program Files\f09er35s
2016-11-08 19:45 - 2016-11-08 19:46 - 00000000 ____D C:\Program Files\5g65ay8t
2016-11-08 19:28 - 2016-11-08 19:28 - 00000000 ____D C:\Users\Liris\Downloads\DateALive
2016-11-08 19:24 - 2016-11-08 19:25 - 00058681 _____ C:\Users\Liris\Downloads\DateALive.zip
2016-11-08 19:24 - 2016-11-08 19:25 - 00058681 _____ C:\Users\Liris\Downloads\DateALive (1).zip
2016-11-08 18:18 - 2016-11-08 18:19 - 00000000 ____D C:\Users\Todos os Usuários\hadha
2016-11-08 18:18 - 2016-11-08 18:19 - 00000000 ____D C:\ProgramData\hadha
2016-11-08 17:46 - 2016-11-08 17:46 - 00000000 ____D C:\Program Files\t7kky9hv
2016-11-08 17:30 - 2016-11-08 17:33 - 00000000 ____D C:\Program Files\0meedtyr
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\Users\Todos os Usuários\QQBrowser
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\Users\Todos os Usuários\ibeib
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\Users\Todos os Usuários\BaofengUpdate_U
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\Users\Liris\AppData\Roaming\behbe
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\ProgramData\QQBrowser
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\ProgramData\ibeib
2016-11-08 17:20 - 2016-11-08 17:20 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
2016-11-08 17:18 - 2016-11-08 17:19 - 00000000 ____D C:\Program Files\48q3fhtg
2016-11-07 20:24 - 2016-11-08 17:20 - 00000000 ____D C:\Users\Liris\AppData\LocalLow\uTorrent
2016-11-07 20:23 - 2016-11-07 20:24 - 00000000 ____D C:\Program Files\srf1mjwl
2016-11-07 20:19 - 2016-11-07 20:25 - 00000000 ____D C:\Users\Liris\AppData\Roaming\UBot Studio
2016-11-07 20:18 - 2016-11-07 20:18 - 02587893 _____ C:\Users\Liris\Downloads\Gerador de Tráfego.rar
2016-11-07 20:18 - 2016-11-07 20:18 - 00000000 ____D C:\Users\Liris\Downloads\Gerador de Tráfego
2016-11-07 13:46 - 2016-11-07 13:47 - 00000000 ____D C:\Program Files\5naiyeip
2016-11-07 12:23 - 2016-11-07 12:23 - 00000000 ____D C:\Program Files\iy3germ3
2016-11-07 12:13 - 2016-11-07 12:15 - 00000000 ____D C:\Program Files\t6aei0qw
2016-11-06 23:45 - 2016-11-06 23:45 - 00000000 ____D C:\Users\Liris\Downloads\ipts_165660
2016-11-06 23:11 - 2016-11-06 23:11 - 00000000 ____D C:\Users\Liris\Downloads\ipts_130613
2016-11-06 23:08 - 2016-11-06 23:08 - 00298708 _____ C:\Users\Liris\Downloads\ipts_165660.rar
2016-11-06 22:51 - 2016-11-06 22:51 - 00000946 _____ C:\Users\Public\Desktop\RedSurf-client.lnk
2016-11-06 22:51 - 2016-11-06 22:51 - 00000000 ____D C:\Users\Liris\Downloads\redsurf_setup_v.2.1
2016-11-06 22:51 - 2016-11-06 22:51 - 00000000 ____D C:\Users\Liris\AppData\Roaming\RedSurf-client
2016-11-06 22:51 - 2016-11-06 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RedSurf-client
2016-11-06 22:43 - 2016-11-06 22:48 - 25357762 _____ C:\Users\Liris\Downloads\redsurf_setup_v.2.1.rar
2016-11-05 21:58 - 2016-11-05 22:14 - 460324864 _____ C:\Users\Liris\Downloads\android-x86-6.0_20160129.iso
2016-11-05 18:50 - 2016-11-05 18:51 - 00000000 ____D C:\Users\Liris\AppData\Roaming\10KHits
2016-11-05 18:49 - 2016-11-05 18:49 - 00003039 _____ C:\Users\Liris\Desktop\10KHits Exchanger.lnk
2016-11-05 18:49 - 2016-11-05 18:49 - 00002999 _____ C:\Users\Liris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\10KHits Exchanger.lnk
2016-11-05 18:48 - 2016-11-05 18:49 - 00000000 ____D C:\Program Files\10KHits Exchanger
2016-11-05 18:44 - 2016-11-05 18:46 - 27736064 _____ C:\Users\Liris\Downloads\10khits-exchanger_win_0.9.8_i386.msi
2016-11-04 21:36 - 2016-11-04 21:36 - 00000000 ____D C:\Users\Liris\Documents\ipts_130613
2016-11-04 21:35 - 2016-11-04 21:32 - 27833465 _____ C:\Users\Liris\Documents\ipts_130613.7z
2016-11-04 21:30 - 2016-11-04 21:32 - 27833465 _____ C:\Users\Liris\Downloads\ipts_130613.7z
2016-11-03 22:16 - 2016-11-03 22:16 - 00000000 ____D C:\Users\Liris\AppData\Local\Ballfire
2016-11-03 22:15 - 2016-11-03 22:15 - 00000000 ____D C:\Users\Todos os Usuários\PreEmptive Solutions
2016-11-03 22:15 - 2016-11-03 22:15 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2016-11-03 22:15 - 2016-11-03 22:15 - 00000000 ____D C:\Program Files\Ballfire
2016-11-03 22:06 - 2016-11-03 22:06 - 00000000 ____D C:\Program Files\wygcxv5v
2016-10-26 23:45 - 2016-10-26 23:46 - 00000000 ____D C:\Program Files\7nma0qrg
2016-10-26 22:17 - 2016-10-26 22:17 - 00564456 _____ C:\Users\Liris\Downloads\20688-83732-1-PB.pdf
2016-10-26 22:14 - 2016-10-26 22:15 - 00000000 ____D C:\Program Files\dq9jgv7v
2016-10-26 22:04 - 2016-10-26 22:06 - 00000000 ____D C:\Program Files\e89n1xxn
2016-10-26 10:39 - 2016-10-26 10:40 - 00000000 ____D C:\Program Files\jv5phq10
2016-10-26 10:32 - 2016-11-03 22:17 - 00000003 _____ C:\Windows\system32\hoewmds
2016-10-26 10:31 - 2016-10-26 10:31 - 00000000 ____D C:\Program Files\WinArcher
2016-10-26 10:29 - 2016-10-26 10:31 - 00000000 ____D C:\Program Files\2zd3e72h
2016-10-25 20:09 - 2016-10-25 20:09 - 00000000 ____D C:\Users\Liris\AppData\Roaming\Elex-tech
2016-10-25 20:09 - 2016-10-25 20:09 - 00000000 ____D C:\Program Files\Elex-tech
2016-10-25 20:09 - 2016-05-23 00:41 - 00050280 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2016-10-25 20:09 - 2016-05-19 04:42 - 00059152 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-10-25 20:08 - 2016-11-08 17:20 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-10-25 20:07 - 2016-10-25 20:07 - 00000000 ____D C:\Users\Liris\AppData\Local\Stanper
2016-10-25 20:07 - 2016-10-25 20:07 - 00000000 ____D C:\Program Files\Stanper
2016-10-25 11:45 - 2016-10-25 11:45 - 00000000 ____D C:\Program Files\vz9ymf9g
2016-10-25 11:10 - 2016-10-25 11:10 - 00000000 ____D C:\Users\Todos os Usuários\WinSAPSvc
2016-10-25 11:10 - 2016-10-25 11:10 - 00000000 ____D C:\ProgramData\WinSAPSvc
2016-10-25 11:10 - 2016-10-25 11:10 - 00000000 ____D C:\Program Files\5txmglg4
2016-10-24 23:15 - 2016-10-24 23:16 - 425666824 _____ C:\Users\Liris\Downloads\[LCTUTORS] C.D X7 (WIN32) + KEYGEN.rar
2016-10-24 18:45 - 2016-10-25 11:45 - 00000000 ____D C:\Program Files\InterHop
2016-10-24 18:45 - 2016-10-24 18:45 - 00000000 ____D C:\Users\Liris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
2016-10-24 18:45 - 2016-10-24 18:45 - 00000000 ____D C:\Users\Liris\AppData\Roaming\aMule
2016-10-24 18:45 - 2016-10-24 18:45 - 00000000 ____D C:\Program Files\UvConverter
2016-10-24 18:45 - 2016-10-24 18:45 - 00000000 ____D C:\Program Files\amuleC
2016-10-23 23:37 - 2016-10-23 23:37 - 01204011 _____ C:\Windows\unins000.exe
2016-10-23 23:34 - 2016-10-23 23:34 - 00816356 _____ C:\Users\Liris\Downloads\CLEO4_setup.7z
2016-10-23 23:34 - 2016-10-23 23:34 - 00000000 ____D C:\Users\Liris\Downloads\CLEO4_setup
2016-10-23 23:22 - 2016-10-23 23:23 - 16270006 _____ C:\Users\Liris\Downloads\sa-mp-0.3.7-install.exe
2016-10-23 21:03 - 2016-10-23 21:03 - 00001196 _____ C:\Users\Liris\Desktop\GTA San Andreas.lnk
2016-10-23 20:53 - 2016-11-06 23:29 - 00000000 ____D C:\Users\Liris\AppData\Local\CrashDumps
2016-10-22 22:57 - 2016-10-23 14:12 - 00000000 ____D C:\Users\Liris\AppData\Roaming\FileZilla
2016-10-22 22:57 - 2016-10-22 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-10-22 22:57 - 2016-10-22 22:57 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-10-22 22:26 - 2016-10-22 22:26 - 00003799 _____ C:\Users\Liris\Downloads\admin-ajax.php
2016-10-21 22:50 - 2016-10-21 22:51 - 205563364 _____ C:\Users\Liris\Downloads\1.1.rar
2016-10-21 22:49 - 2016-10-21 22:50 - 205563293 _____ C:\Users\Liris\Downloads\1.1.zip
2016-10-21 17:59 - 2016-11-08 18:19 - 00000000 ____D C:\Users\Liris\Desktop\RFB 2017
2016-10-21 17:55 - 2016-10-21 21:04 - 2098249829 _____ C:\Users\Liris\Downloads\23)-20161021T194407Z-2.zip
2016-10-21 17:53 - 2016-10-21 21:06 - 2146444051 _____ C:\Users\Liris\Downloads\8)-20161021T195045Z-2.zip
2016-10-21 17:53 - 2016-10-21 21:05 - 2119434959 _____ C:\Users\Liris\Downloads\Administração Geral e Pública - Giovanna Carranza (8-8)-20161021T195045Z.zip
2016-10-21 17:53 - 2016-10-21 20:46 - 1754453473 _____ C:\Users\Liris\Downloads\8)-20161021T195045Z-3.zip
2016-10-21 17:53 - 2016-10-21 18:36 - 219021312 _____ C:\Users\Liris\Downloads\1.1.mp4
2016-10-21 17:49 - 2016-10-21 19:02 - 2115359700 _____ C:\Users\Liris\Downloads\8)-20161021T194717Z-2.zip
2016-10-19 13:41 - 2016-11-08 21:47 - 00000000 ____D C:\Users\Todos os Usuários\ChelfNotify
2016-10-19 13:41 - 2016-11-08 21:47 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-10-19 13:41 - 2016-10-19 13:41 - 00000000 ____D C:\Program Files\oay6ic5s
2016-10-16 16:44 - 2016-10-16 16:44 - 00001768 _____ C:\Users\Public\Desktop\Apps.lnk
2016-10-16 16:44 - 2016-10-16 16:44 - 00001765 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2016-10-16 16:43 - 2016-10-16 16:43 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacks
2016-10-16 16:43 - 2016-10-16 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2016-10-16 16:43 - 2016-10-16 16:43 - 00000000 ____D C:\ProgramData\BlueStacks
2016-10-16 16:43 - 2016-10-16 16:43 - 00000000 ____D C:\Program Files\BlueStacks
2016-10-13 12:25 - 2016-11-08 17:20 - 00000000 ____D C:\Program Files\Steam
2016-10-13 12:25 - 2016-10-13 12:25 - 00000921 _____ C:\Users\Public\Desktop\Steam.lnk
2016-10-13 12:25 - 2016-10-13 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-12 22:36 - 2005-07-08 21:56 - 00009900 _____ C:\Program Files\KPS.gta.san.andreas.NFO
2016-10-12 22:36 - 2005-07-08 16:13 - 00002900 _____ C:\Program Files\gta_sa.set
2016-10-12 22:36 - 2005-07-07 17:02 - 14386176 _____ C:\Program Files\gta_sa.exe
2016-10-12 22:36 - 2005-06-10 16:34 - 00000360 _____ C:\Program Files\gta_sa.reg
2016-10-12 22:36 - 2004-05-18 15:19 - 00000197 _____ C:\Program Files\stream.ini
2016-10-12 22:36 - 2004-01-06 06:43 - 00188416 _____ (Creative Technology Ltd) C:\Program Files\eax.dll
2016-10-12 22:36 - 2003-11-16 06:48 - 01060864 _____ C:\Program Files\vorbis.dll
2016-10-12 22:36 - 2003-11-16 06:48 - 00065536 _____ C:\Program Files\vorbisFile.dll
2016-10-12 22:36 - 2003-11-15 13:54 - 00036864 _____ C:\Program Files\ogg.dll
2016-10-12 22:32 - 2016-10-12 22:36 - 00000000 ____D C:\Program Files\ReadMe
2016-10-12 22:32 - 2016-10-12 22:36 - 00000000 ____D C:\Program Files\movies
2016-10-12 22:32 - 2016-10-12 22:36 - 00000000 ____D C:\Program Files\models
2016-10-12 22:32 - 2016-10-12 22:36 - 00000000 ____D C:\Program Files\data
2016-10-12 22:32 - 2016-10-12 22:34 - 00000000 ____D C:\Program Files\text
2016-10-12 22:32 - 2016-10-12 22:34 - 00000000 ____D C:\Program Files\anim
2016-10-12 22:32 - 2016-10-12 22:32 - 00000000 ____D C:\Program Files\audio
2016-10-12 22:31 - 2016-10-12 22:31 - 00000000 ____D C:\Users\Todos os Usuários\dllescort
2016-10-12 22:31 - 2016-10-12 22:31 - 00000000 ____D C:\ProgramData\dllescort
2016-10-12 22:30 - 2016-10-12 22:31 - 00000000 ____D C:\Program Files\DLLEscort
2016-10-12 22:30 - 2016-10-12 22:30 - 00000977 _____ C:\Users\Public\Desktop\DLLEscort.lnk
2016-10-12 22:30 - 2016-10-12 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL Escort 2014
2016-10-12 16:41 - 2015-11-16 02:43 - 00000000 ____D C:\Users\Liris\Desktop\ANT-CRASH SAMP 0.3.7 CODTUTORIAIS
2016-10-11 19:19 - 2016-09-30 17:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 19:19 - 2016-09-30 13:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-10-11 19:19 - 2016-09-30 13:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 19:19 - 2016-09-30 03:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 19:19 - 2016-09-30 03:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 19:19 - 2016-09-30 03:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 19:19 - 2016-09-30 03:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 19:19 - 2016-09-30 03:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 19:19 - 2016-09-30 03:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 19:19 - 2016-09-30 03:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 19:19 - 2016-09-30 03:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 19:19 - 2016-09-30 03:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 19:19 - 2016-09-30 03:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 19:19 - 2016-09-30 03:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 19:19 - 2016-09-30 03:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 19:19 - 2016-09-30 03:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 19:19 - 2016-09-30 03:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 19:19 - 2016-09-30 03:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 19:19 - 2016-09-30 03:32 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 19:19 - 2016-09-30 03:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 19:19 - 2016-09-30 03:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 19:19 - 2016-09-30 03:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 19:19 - 2016-09-30 03:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 19:19 - 2016-09-30 03:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 19:19 - 2016-09-30 03:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 19:19 - 2016-09-30 03:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 19:19 - 2016-09-30 03:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 19:19 - 2016-09-30 03:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 19:19 - 2016-09-30 03:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 19:19 - 2016-09-30 03:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 19:19 - 2016-09-30 03:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 19:19 - 2016-09-30 03:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 19:19 - 2016-09-30 03:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 19:19 - 2016-09-30 03:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 19:19 - 2016-09-30 02:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 19:19 - 2016-09-30 02:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 19:19 - 2016-09-30 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 19:19 - 2016-09-15 13:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 19:19 - 2016-09-15 13:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 19:19 - 2016-09-12 18:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 19:19 - 2016-09-12 18:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 19:19 - 2016-09-12 18:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 19:19 - 2016-09-12 18:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 19:19 - 2016-09-12 18:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 19:19 - 2016-09-12 18:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 19:19 - 2016-09-12 18:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 19:19 - 2016-09-12 18:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 19:19 - 2016-09-12 18:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 19:19 - 2016-09-12 18:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 19:19 - 2016-09-12 18:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 19:19 - 2016-09-12 18:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 19:19 - 2016-09-12 18:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 19:19 - 2016-09-12 17:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 19:19 - 2016-09-12 17:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 19:19 - 2016-09-10 13:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 19:19 - 2016-09-09 16:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 19:19 - 2016-09-09 16:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 19:19 - 2016-09-09 16:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 19:19 - 2016-09-09 15:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 19:19 - 2016-09-09 15:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 19:19 - 2016-09-09 15:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 19:19 - 2016-09-09 15:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 19:19 - 2016-09-09 15:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 19:19 - 2016-09-09 15:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 19:19 - 2016-09-09 15:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 19:19 - 2016-09-09 15:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 19:19 - 2016-09-09 15:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 19:19 - 2016-09-09 15:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 19:19 - 2016-09-09 15:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 19:19 - 2016-09-09 13:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 19:19 - 2016-09-09 13:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 19:19 - 2016-09-09 13:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 19:19 - 2016-09-09 13:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 19:19 - 2016-09-09 13:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 19:19 - 2016-09-09 13:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 19:19 - 2016-09-09 13:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 19:19 - 2016-09-08 18:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 19:19 - 2016-09-08 18:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 19:19 - 2016-09-08 12:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 19:19 - 2016-09-08 12:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 19:19 - 2016-08-16 16:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-10-11 19:19 - 2016-08-12 14:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 19:19 - 2016-08-12 14:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 19:19 - 2016-08-12 14:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 19:19 - 2016-08-12 14:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 19:19 - 2016-08-12 14:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 19:19 - 2016-08-12 14:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 19:19 - 2016-08-06 13:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 19:19 - 2016-08-06 13:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 19:19 - 2016-08-06 13:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 19:19 - 2016-08-06 13:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 19:19 - 2016-08-06 13:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 19:19 - 2016-08-06 12:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 19:19 - 2016-08-06 12:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 19:19 - 2016-08-06 12:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 19:19 - 2016-07-22 12:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 19:19 - 2016-06-14 13:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 19:19 - 2016-06-14 13:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 19:19 - 2016-06-14 13:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 19:19 - 2016-06-14 13:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 19:19 - 2016-06-14 13:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 19:19 - 2016-06-14 13:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 19:19 - 2016-06-14 13:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 19:19 - 2016-06-14 13:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 19:19 - 2016-06-14 12:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 19:19 - 2016-06-14 12:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 19:19 - 2016-06-14 12:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 19:18 - 2016-08-29 13:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 19:18 - 2016-08-29 13:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 19:18 - 2016-08-29 13:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 19:18 - 2016-08-29 12:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 19:18 - 2016-08-16 18:27 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 19:18 - 2016-08-16 18:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 19:18 - 2016-08-16 18:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 19:18 - 2016-08-16 18:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 19:18 - 2016-08-16 18:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 19:18 - 2016-08-16 18:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 19:18 - 2016-08-16 18:26 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-09 13:27 - 2016-10-23 21:34 - 00000000 ____D C:\Users\Liris\Documents\GTA San Andreas User Files
2016-10-09 13:27 - 2016-10-09 13:27 - 00000000 ____D C:\Users\Liris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-10-09 13:17 - 2016-10-09 13:39 - 00000000 ____D C:\Users\Public\Documents\GTA San Andreas User Files
2016-10-09 13:14 - 2016-10-09 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas
2016-10-09 13:07 - 2016-10-09 13:15 - 00000000 ____D C:\Users\Liris\Documents\GTA San Andreas
2016-10-09 13:04 - 2016-10-09 13:04 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2016-10-09 12:50 - 2016-10-12 22:38 - 00000000 ____D C:\Users\Liris\Documents\GTA SAN ANDREASS
2016-10-09 12:50 - 2016-10-09 12:50 - 00001856 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
2016-10-09 12:45 - 2016-11-08 21:46 - 00000000 ____D C:\Program Files\Stiqidom
2016-10-09 12:45 - 2016-10-09 12:45 - 00000000 ____D C:\Users\Liris\AppData\Roaming\Anaderviole
2016-10-09 12:45 - 2016-10-09 12:45 - 00000000 ____D C:\Users\Liris\AppData\Local\Phimaphbekigh
2016-10-09 12:43 - 2016-10-09 12:47 - 00000000 ____D C:\Users\Liris\AppData\Roaming\DAEMON Tools Lite
2016-10-09 12:43 - 2016-10-09 12:45 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-10-09 12:43 - 2016-10-09 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-10-09 12:43 - 2016-10-09 12:43 - 00025104 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-10-09 12:43 - 2016-10-09 12:43 - 00001896 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-10-09 12:43 - 2016-10-09 12:43 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2016-10-09 12:43 - 2016-10-09 12:43 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-08 21:55 - 2016-10-02 13:34 - 00000000 ____D C:\Users\Liris\AppData\Roaming\uTorrent
2016-11-08 21:47 - 2016-10-08 20:10 - 00000000 ____D C:\Users\Liris\AppData\Roaming\ZHP
2016-11-08 21:38 - 2016-10-08 20:10 - 00000000 ____D C:\Program Files\ZHPDiag
2016-11-08 21:38 - 2009-07-14 02:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-08 21:38 - 2009-07-14 02:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-08 21:05 - 2016-09-22 19:00 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-08 18:05 - 2016-09-22 19:00 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-08 17:24 - 2011-02-04 15:30 - 00006226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-08 17:24 - 2009-07-14 06:31 - 00767944 _____ C:\Windows\system32\prfh0416.dat
2016-11-08 17:24 - 2009-07-14 06:31 - 00205036 _____ C:\Windows\system32\prfc0416.dat
2016-11-08 17:20 - 2016-09-29 12:04 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2016-11-08 17:19 - 2016-04-30 18:49 - 00000000 __SHD C:\Users\Liris\IntelGraphicsProfiles
2016-11-08 17:18 - 2016-06-02 10:52 - 00000330 _____ C:\Windows\Tasks\Health-Check-auto.job
2016-11-08 17:18 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-06 13:41 - 2016-09-09 19:16 - 00614618 _____ C:\Windows\ntbtlog.txt
2016-11-05 22:17 - 2016-05-22 18:25 - 00000000 ____D C:\Users\Liris\.VirtualBox
2016-11-05 22:15 - 2016-05-22 19:12 - 00000000 ____D C:\Users\Liris\VirtualBox VMs
2016-11-05 15:59 - 2016-08-17 21:54 - 00000000 ____D C:\Users\Liris\AppData\Local\ElevatedDiagnostics
2016-11-03 22:15 - 2016-09-22 19:02 - 00002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 22:15 - 2016-09-22 19:02 - 00002469 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-03 20:30 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\system32\NDF
2016-10-29 18:57 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf
2016-10-28 14:11 - 2016-04-30 18:42 - 00000000 ____D C:\Program Files\3DP Chip
2016-10-26 17:29 - 2016-04-29 10:43 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-24 18:44 - 2016-09-10 20:04 - 00002301 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-24 18:44 - 2016-09-10 20:04 - 00001435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-24 18:44 - 2016-04-28 20:13 - 00001707 _____ C:\Users\Liris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-23 23:37 - 2016-10-02 19:44 - 00072770 _____ C:\Windows\unins000.dat
2016-10-23 20:59 - 2016-10-05 23:31 - 00000000 ____D C:\Program Files\gta san andreas 2
2016-10-23 20:58 - 2016-04-30 18:40 - 00000000 ____D C:\Program Files\Rockstar Games
2016-10-21 22:19 - 2009-07-14 02:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-16 17:07 - 2016-05-01 12:30 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-10-16 17:07 - 2016-05-01 12:30 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-10-16 16:44 - 2009-07-14 00:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-10-16 14:38 - 2016-05-07 13:14 - 00000000 ____D C:\Users\Liris\AppData\Local\BlueStacks
2016-10-13 13:04 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\rescache
2016-10-12 22:24 - 2009-07-14 02:33 - 00408264 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 22:22 - 2016-09-03 16:12 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 22:22 - 2016-09-03 16:12 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 22:22 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 16:36 - 2016-04-28 20:38 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-10-09 12:50 - 2016-04-29 08:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

==================== Arquivos na raiz de alguns diretórios =======

2016-10-12 22:36 - 2004-01-06 06:43 - 0188416 _____ (Creative Technology Ltd) C:\Program Files\eax.dll
2016-10-12 22:36 - 2005-07-07 17:02 - 14386176 _____ () C:\Program Files\gta_sa.exe
2016-10-12 22:36 - 2005-06-10 16:34 - 0000360 _____ () C:\Program Files\gta_sa.reg
2016-10-12 22:36 - 2005-07-08 16:13 - 0002900 _____ () C:\Program Files\gta_sa.set
2016-08-29 11:25 - 2016-08-29 11:25 - 7065600 _____ () C:\Program Files\GUT77C0.tmp
2016-10-12 22:36 - 2005-07-08 21:56 - 0009900 _____ () C:\Program Files\KPS.gta.san.andreas.NFO
2016-10-12 22:36 - 2003-11-15 13:54 - 0036864 _____ () C:\Program Files\ogg.dll
2016-10-12 22:36 - 2004-05-18 15:19 - 0000197 _____ () C:\Program Files\stream.ini
2016-10-12 22:36 - 2003-11-16 06:48 - 1060864 _____ () C:\Program Files\vorbis.dll
2016-10-12 22:36 - 2003-11-16 06:48 - 0065536 _____ () C:\Program Files\vorbisFile.dll
2016-05-23 11:11 - 2016-05-23 11:12 - 2068582 _____ () C:\Users\Liris\AppData\Roaming\TLauncher.jar
2016-08-28 11:40 - 2016-08-28 11:40 - 0000046 _____ () C:\Users\Liris\AppData\Roaming\WB.CFG
2016-09-13 17:36 - 2016-09-13 17:36 - 0000017 _____ () C:\Users\Liris\AppData\Local\resmon.resmoncfg
2016-09-18 14:55 - 2016-09-18 14:55 - 0000000 _____ () C:\Users\Liris\AppData\Local\{6700DB95-97C7-40E8-8400-DF04762A5092}

Arquivos para serem movidos ou deletados:
====================
C:\Users\Liris\AppData\Local\Temp\Java\SYSLIRIS-PC.exe


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-11-05 15:51

==================== Fim de FRST.txt ============================