Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 18-11-2016 Executado por Cristina (administrador) em CRISTINA-PC (18-11-2016 22:38:19) Executando a partir de C:\Users\Cristina\Downloads Perfis Carregados: Cristina (Perfis Disponíveis: Cristina) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: IE) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe (clean) C:\Users\Cristina\AppData\Roaming\UPUpdata\cleaner.exe (Lavasoft) C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe (Spotify Ltd) C:\Users\Cristina\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe (Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe (猫哈网络 版权所有) C:\Program Files\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTE.EXE (BitTorrent Inc.) C:\Users\Cristina\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Users\Cristina\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe (BitTorrent Inc.) C:\Users\Cristina\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe () C:\Program Files\Gramblr\gramblr.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe () C:\Program Files\03000200-1479514604-0500-0006-000700080009\knsbFA9E.tmpfs () C:\Users\Cristina\AppData\Local\03000200-1479507492-0500-0006-000700080009\qnsc5BFC.tmp (Google Inc.) C:\Users\Cristina\AppData\Local\Temp\{43A1E86E-1306-4D3B-A614-414D8D1575CB}\GoogleUpdate.exe (Google Inc.) C:\Users\Cristina\AppData\Local\Temp\{43A1E86E-1306-4D3B-A614-414D8D1575CB}\GoogleUpdateSetup.exe (Google Inc.) C:\Program Files\GUM97C2.tmp\GoogleUpdate.exe (FM46RW9MC) C:\Program Files\mpck\AX95NQ.exe () C:\Program Files\wanttoxiamen\Bind.exe ( ) C:\Program Files\wanttoxiamen\uc.exe (FM46RW9MC) C:\Users\Cristina\AppData\Local\Temp\LGHGR1MCNS\advise.exe (FM46RW9MC) C:\Users\Cristina\AppData\Local\Temp\H7UYUZD00P.exe () C:\Program Files\mpck\wincom_UL7.exe (FM46RW9MC) C:\Program Files\sunnyday\9SE98B.exe () C:\Users\Cristina\AppData\Roaming\KoymtPacetu\Wawjebt.exe () C:\Users\Cristina\AppData\Roaming\Imywi\Imywi.exe () C:\Users\Cristina\AppData\Roaming\Imywi\Movkix.exe () C:\Program Files\Ebukfijmijpe\Cudpilh.exe () C:\Program Files\Ebukfijmijpe\Reinaav.exe () C:\Program Files\Ebukfijmijpe\FueIzela.exe () C:\Program Files\Ebukfijmijpe\Owelo.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\YLNC30MHQH\YLNC30MHQ.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\Z5BLTYSLV\Z5BLTYSLV.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\X038NF2RWP\appsoft.exe () C:\Program Files\sunnyday\wincom_VPQ.exe (7YZSU) C:\Program Files\gamesdesktop\IWRPSC.exe () C:\Users\Cristina\AppData\Local\Temp\I64V4UDOD\shopperz.exe () C:\Users\Cristina\AppData\Local\Temp\nslE44C.tmp\nsE45D.tmp () C:\Users\Cristina\AppData\Local\Temp\nslE44C.tmp\preinstaller_win.exe ( ) C:\Users\Cristina\AppData\Local\Temp\19HHJU7FS\19HHJU7FS.exe () C:\Users\Cristina\AppData\Local\Temp\is-1MPKQ.tmp\19HHJU7FS.tmp () C:\Users\Cristina\AppData\Local\Temp\sdfE8DD.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\PV8KQHXC17\advise.exe (zdengine) C:\Program Files\OtherSearch\zdengine.exe () C:\Users\Cristina\AppData\Local\Temp\LPQ7I4P6NE.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\RB90R0ZNSV.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\HNMLLQV1G\HNMLLQV1G.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (7YZSU) C:\Program Files\sunnyday\7SAC8Y.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\is-S01JH.tmp\installer.exe () C:\Users\Cristina\AppData\Local\Temp\O2KMF50GX\O2KMF50GX.exe (7YZSU) C:\Users\Cristina\AppData\Local\Temp\QW4GGBDWU\KBMO8F3FP.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [1703016 2016-11-02] (Hola Networks Ltd.) <===== ATENÇÃO HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-10] (Nero AG) HKLM\...\Run: [cleaner] => C:\Users\Cristina\AppData\Roaming\UPUpdata\cleaner.exe [1052672 2016-11-14] (clean) HKLM\...\Run: [app] => C:\Program Files\wanttoxiamen\uc.exe [318300 2016-11-16] ( ) HKLM\...\Run: [WINCOMUL7] => C:\Program Files\mpck\wincom_UL7.exe [4213248 2016-11-18] () HKLM\...\Run: [WINCOMVPQ] => C:\Program Files\sunnyday\wincom_VPQ.exe [4213248 2016-11-18] () HKLM\...\RunOnce: [OTUTPRODUCT_519T8] => C:\Program Files\mpck\AX95NQ.exe [461824 2016-11-18] (FM46RW9MC) HKLM\...\RunOnce: [OMEWPRODUCT_H37XG] => C:\Users\Cristina\AppData\Local\Temp\H7UYUZD00P.exe [460800 2016-11-18] (FM46RW9MC) <===== ATENÇÃO HKLM\...\RunOnce: [OTUTPRODUCT_Y5253] => C:\Program Files\sunnyday\9SE98B.exe [461824 2016-11-18] (FM46RW9MC) HKLM\...\RunOnce: [OTUTPRODUCT_6P3K5] => C:\Program Files\gamesdesktop\IWRPSC.exe [538112 2016-11-18] (7YZSU) HKLM\...\RunOnce: [OMEWPRODUCT_KONP2] => C:\Users\Cristina\AppData\Local\Temp\RB90R0ZNSV.exe [537088 2016-11-18] (7YZSU) <===== ATENÇÃO HKLM\...\RunOnce: [OTUTPRODUCT_1NG9G] => C:\Program Files\sunnyday\7SAC8Y.exe [538112 2016-11-18] (7YZSU) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe [1381648 2015-06-08] (Lavasoft) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [uTorrent] => C:\Users\Cristina\AppData\Roaming\uTorrent\uTorrent.exe [2139840 2016-09-09] (BitTorrent Inc.) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [Wifi HotSpot] => "C:\Program Files\WifiHotSpot\WifiHotSpot.exe" systray HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [GoogleChromeAutoLaunch_8B3074BA4B57D9F80D4495BB2AA93390] => C:\Users\Cristina\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369664 2016-03-01] (Disc Soft Ltd) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [Spotify] => C:\Users\Cristina\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-11-14] (Spotify Ltd) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [Spotify Web Helper] => C:\Users\Cristina\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-14] (Spotify Ltd) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [msiql] => C:\Windows\Temp\00031109\msiql.exe [1883136 2016-11-18] () <===== ATENÇÃO HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [svchost0] => C:\Program Files\wanttoxiamen\uc.exe [318300 2016-11-16] ( ) HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [2CJ6K3E86W] => C:\Program Files\YLNC30MHQH\YLNC30MHQ.exe [369664 2016-11-18] () HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [HOV197VIOY] => C:\Users\Cristina\AppData\Local\Temp\LPQ7I4P6NE.exe [369664 2016-11-18] () <===== ATENÇÃO HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\Run: [M6GHBGY82S] => C:\Users\Cristina\AppData\Local\Temp\O2KMF50GX\O2KMF50GX.exe [369664 2016-11-18] () <===== ATENÇÃO HKU\S-1-5-21-1455526487-581654163-2976102132-1000\...\MountPoints2: {be8d3960-01c8-11e6-9bf9-c89cdc40a2bc} - F:\LGAutoRun.exe ShellExecuteHooks: - {5EBD559E-A5BA-11E6-B9FD-64006A5CFC23} - C:\Users\Cristina\AppData\Roaming\Phucusy\Lerjuch.dll Nenhum Arquivo [ ] ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Cristina\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Cristina\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Cristina\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\Users\Cristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2016-11-18] ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation) GroupPolicy: Restrição ? <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog9 01 C:\Windows\system32\zdengine.dll [301711 2016-11-18] (zdengine) Winsock: Catalog9 02 C:\Windows\system32\zdengine.dll [301711 2016-11-18] (zdengine) Winsock: Catalog9 31 C:\Windows\system32\zdengine.dll [301711 2016-11-18] (zdengine) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 177.36.96.21 177.36.96.23 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{4CEC2651-F940-40E5-A9DA-34607E5578FB}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{B0D04DD9-BB5B-4BBF-8F43-EDFD65769F3E}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{B0D04DD9-BB5B-4BBF-8F43-EDFD65769F3E}: [DhcpNameServer] 177.36.96.21 177.36.96.23 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{F7B7B55C-A324-42F5-9E34-ECAA312DB95D}: [NameServer] 104.197.191.4 Internet Explorer: ================== HKU\S-1-5-21-1455526487-581654163-2976102132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fsfrg_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyEtD0AtB0B0C0CtCyE0EtN0D0Tzu0StCyEzyyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzzyEtA0A0C0CtDtGyCyE0FtDtGyE0BzztAtGyC0B0DyBtGtA0E0DtCtBtBtB0C0CyEtC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtC0BtBzytDtGyE0AzytBtGyE0CyD0DtGzzyDtB0DtG0D0ByCyD0C0FyCtD0D0Bzz0F2QtN0A0LzuyE%26cr%3D193525995%26a%3Dwncy_fsfrg_16_05%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms} SearchScopes: HKLM -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fsfrg_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyEtD0AtB0B0C0CtCyE0EtN0D0Tzu0StCyEzyyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzzyEtA0A0C0CtDtGyCyE0FtDtGyE0BzztAtGyC0B0DyBtGtA0E0DtCtBtBtB0C0CyEtC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtC0BtBzytDtGyE0AzytBtGyE0CyD0DtGzzyDtB0DtG0D0ByCyD0C0FyCtD0D0Bzz0F2QtN0A0LzuyE%26cr%3D193525995%26a%3Dwncy_fsfrg_16_05%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms} SearchScopes: HKU\S-1-5-21-1455526487-581654163-2976102132-1000 -> DefaultScope {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fsfrg_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyEtD0AtB0B0C0CtCyE0EtN0D0Tzu0StCyEzyyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzzyEtA0A0C0CtDtGyCyE0FtDtGyE0BzztAtGyC0B0DyBtGtA0E0DtCtBtBtB0C0CyEtC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtC0BtBzytDtGyE0AzytBtGyE0CyD0DtGzzyDtB0DtG0D0ByCyD0C0FyCtD0D0Bzz0F2QtN0A0LzuyE%26cr%3D193525995%26a%3Dwncy_fsfrg_16_05%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms} SearchScopes: HKU\S-1-5-21-1455526487-581654163-2976102132-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10194_swoc_campaign_150725__yaie&p={searchTerms} SearchScopes: HKU\S-1-5-21-1455526487-581654163-2976102132-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fsfrg_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyEtD0AtB0B0C0CtCyE0EtN0D0Tzu0StCyEzyyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDzzyEtA0A0C0CtDtGyCyE0FtDtGyE0BzztAtGyC0B0DyBtGtA0E0DtCtBtBtB0C0CyEtC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtC0BtBzytDtGyE0AzytBtGyE0CyD0DtGzzyDtB0DtG0D0ByCyD0C0FyCtD0D0Bzz0F2QtN0A0LzuyE%26cr%3D193525995%26a%3Dwncy_fsfrg_16_05%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO: Ebukfijmijpe -> {79B33B0A-33F4-4EE0-bAAD-1863429DBACD} -> C:\Program Files\Ebukfijmijpe\Bayqg.dll [2016-11-18] () BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files\Youtube AdBlock\IEEF\FMOZzJ6jnE.dll => Nenhum Arquivo BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: v8sjlfsz.default FF DefaultProfile: v8sjlfsz.default FF ProfilePath: C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\v8sjlfsz.default\Profiles\v8sjlfsz.default [não encontrado (a)] FF ProfilePath: C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default [2016-11-18] FF user.js: detected! => C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\user.js [2016-11-18] FF NewTab: Mozilla\Firefox\Profiles\v8sjlfsz.default -> hxxp://www.youndoo.com/?z=3aac1faada45a56dd0bd85fgaz2mct6w0g3z5oag8o&from=wak&uid=ST31000524AS_6VPDF82BXXXX6VPDF82B&type=hp FF DefaultSearchEngine: Mozilla\Firefox\Profiles\v8sjlfsz.default -> youndoo FF SelectedSearchEngine: Mozilla\Firefox\Profiles\v8sjlfsz.default -> youndoo FF Homepage: Mozilla\Firefox\Profiles\v8sjlfsz.default -> hxxp://www.youndoo.com/?z=3aac1faada45a56dd0bd85fgaz2mct6w0g3z5oag8o&from=wak&uid=ST31000524AS_6VPDF82BXXXX6VPDF82B&type=hp FF Extension: (SaveFrom.net - helper) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\Extensions\helper-sig@savefrom.net.xpi [2016-11-15] FF Extension: (Baixou Agora) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\Extensions\jid1-dG9taWNhQGdtYWlsLmNvbS4u@jetpack.xpi [2016-11-15] FF Extension: (Video AdBlock) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\Extensions\{7b8a500a-a464-4624-bd4f-73eaafe0f766} [2016-07-30] FF Extension: (Asynchronous Plugin Rendering) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\features\{e198cdb7-3d52-4115-b14d-fe1d0098d2ad}\asyncrendering@mozilla.org.xpi [2016-11-05] FF Extension: (D3D9 Acceleration Fallback) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\features\{e198cdb7-3d52-4115-b14d-fe1d0098d2ad}\d3d9fallback@mozilla.org.xpi [2016-11-05] FF Extension: (Multi-process staged rollout) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\features\{e198cdb7-3d52-4115-b14d-fe1d0098d2ad}\e10srollout@mozilla.org.xpi [2016-11-05] FF Extension: (Video AdBlock) - C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\extensions\{7b8a500a-a464-4624-bd4f-73eaafe0f766} [2016-07-30] FF SearchPlugin: C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\searchplugins\o3zf4ykj.xml [2016-11-18] FF SearchPlugin: C:\Users\Cristina\AppData\Roaming\Mozilla\Firefox\Profiles\v8sjlfsz.default\searchplugins\Search Provided by Yahoo.xml [2016-02-04] FF Extension: (Multi-process staged rollout) - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2016-11-15] [não assinado] FF Extension: (Pocket) - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2016-11-15] [não assinado] FF Extension: (Web Compat) - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2016-11-15] [não assinado] FF Extension: (Adblocker para o Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} [2016-11-15] [não assinado] FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Nenhum Arquivo] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1455526487-581654163-2976102132-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Cristina\AppData\Local\Hola\firefox_hola\app\vlc [2015-07-29] () Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=3aac1faada45a56dd0bd85fgaz2mct6w0g3z5oag8o&from=wak&uid=ST31000524AS_6VPDF82BXXXX6VPDF82B&type=hp CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=3aac1faada45a56dd0bd85fgaz2mct6w0g3z5oag8o&from=wak&uid=ST31000524AS_6VPDF82BXXXX6VPDF82B&type=hp" CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=3aac1faada45a56dd0bd85fgaz2mct6w0g3z5oag8o&from=wak&uid=ST31000524AS_6VPDF82BXXXX6VPDF82B&type=sp CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo CHR Profile: C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-18] <==== ATENÇÃO CHR Extension: (Google Apresentações) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-25] CHR Extension: (Google Docs) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-25] CHR Extension: (Google Drive) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (Spotiload (former Spotify Vk Downloader)) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\baggnalhgbpeanbhedjlbndhjgmimmhl [2016-11-16] CHR Extension: (YouTube) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Adblocker para o Youtube™) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dkgcomhcmhlbdokplmbpkejkojkmjglg [2016-10-28] CHR Extension: (Planilhas do Google) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-25] CHR Extension: (Documentos Google off-line) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09] CHR Extension: (Conversor de vídeo) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2016-02-16] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09] CHR Extension: (Red Livros) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nnecgimhifkakdfbjbndjkckjddbjngl [2015-10-12] CHR Extension: (Gmail) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-25] CHR Extension: (Chrome Media Router) - C:\Users\Cristina\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26] CHR Extension: (easychrome) - C:\Users\Cristina\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk [2016-11-14] CHR HKLM\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1455526487-581654163-2976102132-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1455526487-581654163-2976102132-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 96E3E694-7839-424F-aEF9-B56B31EAF264; C:\Program Files\Ebukfijmijpe\Reinaav.exe [270336 2016-11-18] () [Arquivo não assinado] S2 Archer; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1126080 2016-03-01] (Disc Soft Ltd) R2 Ebukfijmijpe Updater; C:\Program Files\Ebukfijmijpe\Cudpilh.exe [265216 2016-11-18] () [Arquivo não assinado] R2 FueIzela; C:\Program Files\Ebukfijmijpe\FueIzela.exe [1681920 2016-11-18] () [Arquivo não assinado] S2 GoogleChromeUpService; C:\ProgramData\service.exe [1620992 2016-11-14] () [Arquivo não assinado] R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [7727696 2016-11-17] () [Arquivo não assinado] R2 Gukle; C:\Users\Cristina\AppData\Roaming\KoymtPacetu\Wawjebt.exe [121344 2016-11-18] () [Arquivo não assinado] R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [4746856 2016-11-02] (Hola Networks Ltd.) <==== ATENÇÃO R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [4746856 2016-10-18] (Hola Networks Ltd.) <==== ATENÇÃO R2 Jegivahfi; C:\Users\Cristina\AppData\Roaming\Imywi\Imywi.exe [170496 2016-11-18] () [Arquivo não assinado] R2 Jilersepherrey; C:\Program Files\Wefashpluqitain\vrzrpr.dll [276480 2016-10-28] () [Arquivo não assinado] R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751792 2015-06-08] (Lavasoft Limited) R2 MaohaWifiSvr; C:\Program Files\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [170464 2014-12-18] (猫哈网络 版权所有) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado] R2 Qovchgroserge; C:\Program Files\Nernapyclermocult\Tnrcr.dll [276480 2016-11-18] () [Arquivo não assinado] R2 SearchProtectionService; C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-06-08] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [208384 2016-11-14] () [Arquivo não assinado] R2 zdengine; C:\Program Files\OtherSearch\zdengine.exe [1660135 2016-11-18] (zdengine) [Arquivo não assinado] <==== ATENÇÃO R2 zigipyro; C:\Users\Cristina\AppData\Local\03000200-1479507492-0500-0006-000700080009\qnsc5BFC.tmp [158720 2015-12-26] () [Arquivo não assinado] S2 hezitubi; C:\Program Files\03000200-1479162889-0500-0006-000700080009\knsd9B9C.tmpfs [X] S2 TheCalendarService; C:\Program Files\CalendarTool\2.0.0.11382\CalendarServ.exe [X] R2 vowemeti; C:\Program Files\03000200-1479514604-0500-0006-000700080009\knsbFA9E.tmpfs [X] S3 WsDrvInst; "C:\Program Files\Wondershare\Dr.Fone para Android\DriverInstall.exe" [X] ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.) S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [73728 2012-07-04] (LG Electronics Inc.) R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [62368 2016-11-18] (Cherimoya Ltd) <==== ATENÇÃO R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-03-06] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-03-06] (Disc Soft Ltd) R1 MaohaWifiNetPro; C:\Program Files\GreatMaker\MaohaWiFi\MaoHaWiFiNet.sys [499952 2015-10-27] () U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-11-18 22:38 - 2016-11-18 22:39 - 00027268 _____ C:\Users\Cristina\Downloads\FRST.txt 2016-11-18 22:38 - 2016-11-18 22:38 - 00000000 ____D C:\FRST 2016-11-18 22:36 - 2016-11-18 22:37 - 01761280 _____ (Farbar) C:\Users\Cristina\Downloads\FRST.exe 2016-11-18 22:31 - 2016-11-18 22:31 - 00000002 _____ C:\END 2016-11-18 22:30 - 2016-11-18 22:31 - 00000000 ____D C:\Program Files\OtherSearch 2016-11-18 22:30 - 2016-11-18 22:30 - 00301711 _____ (zdengine) C:\Windows\system32\zdengine.dll 2016-11-18 22:30 - 2016-11-18 22:30 - 00009648 _____ C:\Windows\system32\zdengineOff.ini 2016-11-18 22:28 - 2016-11-18 22:37 - 00000000 ____D C:\Program Files\gamesdesktop 2016-11-18 22:26 - 2016-11-18 22:27 - 00000000 ____D C:\Program Files\YLNC30MHQH 2016-11-18 22:26 - 2016-11-18 22:26 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\KoymtPacetu 2016-11-18 22:26 - 2016-11-18 22:26 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Imywi 2016-11-18 22:26 - 2016-11-18 22:26 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Company 2016-11-18 22:26 - 2016-11-18 22:26 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} 2016-11-18 22:26 - 2016-11-18 22:26 - 00000000 ____D C:\Users\Cristina\AppData\Local\Tempfolder 2016-11-18 22:26 - 2016-11-18 22:26 - 00000000 ____D C:\uninst 2016-11-18 22:25 - 2016-11-18 22:26 - 00000000 ____D C:\Program Files\Ebukfijmijpe 2016-11-18 22:25 - 2016-11-18 22:25 - 00000000 ____D C:\Program Files\EbukfijmijpeUn 2016-11-18 22:24 - 2016-11-18 22:34 - 00000000 ____D C:\Program Files\sunnyday 2016-11-18 22:24 - 2016-11-18 22:24 - 00000000 ____D C:\Users\Cristina\AppData\Local\tuto_monetize_120161118 2016-11-18 22:21 - 2016-11-18 22:21 - 00000000 ____D C:\Program Files\wanttoxiamen 2016-11-18 22:19 - 2016-11-18 22:19 - 07065600 _____ C:\Program Files\GUT97C3.tmp 2016-11-18 22:19 - 2016-11-18 22:19 - 00000000 ____D C:\Program Files\GUM97C2.tmp 2016-11-18 22:18 - 2016-11-18 22:18 - 00000000 ____D C:\Users\Cristina\AppData\Local\03000200-1479507492-0500-0006-000700080009 2016-11-18 22:16 - 2016-11-18 22:16 - 00000000 ____D C:\Program Files\03000200-1479514604-0500-0006-000700080009 2016-11-18 22:15 - 2016-11-18 22:15 - 00000000 ____D C:\Windows\system32\appmgmt 2016-11-18 22:10 - 2016-11-18 22:29 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Phucusy 2016-11-18 22:10 - 2016-11-18 22:17 - 00000000 ____D C:\Users\Cristina\AppData\Local\Dercse 2016-11-18 22:10 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\Nernapyclermocult 2016-11-18 22:08 - 2016-11-18 22:10 - 02725592 _____ C:\Users\Cristina\Downloads\Não confirmado 151817.crdownload 2016-11-18 22:06 - 2016-11-18 22:08 - 04587780 _____ C:\Users\Cristina\Downloads\KINCB.rar 2016-11-18 21:21 - 2016-11-18 21:35 - 07292966 _____ C:\Users\Cristina\Desktop\08 Slumber Party (feat. Tinashe).m4a 2016-11-18 21:20 - 2016-11-18 21:33 - 07517440 _____ C:\Users\Cristina\Desktop\01 Want to Want Me.m4a 2016-11-18 21:08 - 2016-11-18 21:16 - 07999341 _____ C:\Users\Cristina\Desktop\01 Never Give Up.m4a 2016-11-18 20:52 - 2016-11-18 20:52 - 00000000 ____D C:\Users\Cristina\Desktop\Glory Days (Deluxe Concert Film Edition) [Audio] 2016-11-18 20:10 - 2016-11-18 20:48 - 06188690 _____ C:\Users\Cristina\Desktop\02 Library.m4a 2016-11-18 19:24 - 2016-11-18 20:47 - 111962899 _____ C:\Users\Cristina\Downloads\Little Mix - Glory Days (Deluxe Concert Film Edition) [Audio] [HitseBeats].zip 2016-11-18 17:44 - 2016-11-18 21:31 - 00000000 ____D C:\Users\Cristina\Downloads\Esquadrão Suicida 720p WWW.TORRENTDOSFIMES.COM 2016-11-18 17:44 - 2016-11-18 21:30 - 1037967032 _____ C:\Users\Cristina\Desktop\Esquadrão Suicida (2016) Dublado BluRay 720p 5.1 TDF.mp4 2016-11-18 13:55 - 2016-11-18 22:26 - 00062368 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys 2016-11-17 15:18 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\arbd4jp8 2016-11-15 22:36 - 2016-11-02 13:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-11-15 22:36 - 2016-11-02 13:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-11-15 22:36 - 2016-11-02 13:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-11-15 22:36 - 2016-11-02 13:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-11-15 22:36 - 2016-11-02 12:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-11-15 22:36 - 2016-10-28 01:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-11-15 22:36 - 2016-10-27 13:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-11-15 22:36 - 2016-10-27 12:16 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-11-15 22:36 - 2016-10-25 12:54 - 02399744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-11-15 22:36 - 2016-10-22 15:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-11-15 22:36 - 2016-10-22 15:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-11-15 22:36 - 2016-10-22 15:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-11-15 22:36 - 2016-10-22 15:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-11-15 22:36 - 2016-10-22 15:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-11-15 22:36 - 2016-10-22 15:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-11-15 22:36 - 2016-10-22 15:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-11-15 22:36 - 2016-10-22 15:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-11-15 22:36 - 2016-10-22 15:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-11-15 22:36 - 2016-10-22 15:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-11-15 22:36 - 2016-10-22 15:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-11-15 22:36 - 2016-10-22 15:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-11-15 22:36 - 2016-10-22 15:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-11-15 22:36 - 2016-10-22 15:21 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-11-15 22:36 - 2016-10-22 15:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-11-15 22:36 - 2016-10-22 15:13 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-11-15 22:36 - 2016-10-22 15:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-11-15 22:36 - 2016-10-22 15:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-11-15 22:36 - 2016-10-22 15:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-11-15 22:36 - 2016-10-22 14:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-11-15 22:36 - 2016-10-22 14:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-11-15 22:36 - 2016-10-22 14:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-11-15 22:36 - 2016-10-22 14:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-11-15 22:36 - 2016-10-22 14:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-11-15 22:36 - 2016-10-22 14:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-11-15 22:36 - 2016-10-22 14:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-11-15 22:36 - 2016-10-22 14:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-11-15 22:36 - 2016-10-22 14:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-11-15 22:36 - 2016-10-22 14:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-11-15 22:36 - 2016-10-22 14:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-11-15 22:36 - 2016-10-22 14:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-11-15 22:36 - 2016-10-22 14:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-11-15 22:36 - 2016-10-15 13:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-11-15 22:36 - 2016-10-15 13:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-11-15 22:36 - 2016-10-11 13:24 - 00250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-11-15 22:36 - 2016-10-11 13:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2016-11-15 22:36 - 2016-10-11 13:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-11-15 22:36 - 2016-10-11 13:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-11-15 22:36 - 2016-10-11 13:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2016-11-15 22:36 - 2016-10-11 13:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2016-11-15 22:36 - 2016-10-11 13:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2016-11-15 22:36 - 2016-10-11 11:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-11-15 22:36 - 2016-10-10 13:21 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-11-15 22:36 - 2016-10-10 13:21 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-11-15 22:36 - 2016-10-10 13:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-11-15 22:36 - 2016-10-10 13:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-11-15 22:36 - 2016-10-10 12:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-11-15 22:36 - 2016-10-10 12:50 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-11-15 22:36 - 2016-10-10 12:50 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-11-15 22:36 - 2016-10-10 12:50 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-11-15 22:36 - 2016-10-10 12:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-11-15 22:36 - 2016-10-10 12:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-11-15 22:36 - 2016-10-10 12:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-11-15 22:36 - 2016-10-07 13:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-11-15 22:36 - 2016-10-07 13:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-11-15 22:36 - 2016-10-07 13:15 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-11-15 22:36 - 2016-10-07 13:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-11-15 22:36 - 2016-10-07 12:54 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-11-15 22:36 - 2016-10-07 12:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-11-15 22:36 - 2016-10-07 12:54 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-11-15 22:36 - 2016-10-07 12:54 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-11-15 22:36 - 2016-10-07 12:51 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-11-15 22:36 - 2016-10-07 12:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-11-15 22:36 - 2016-10-05 12:50 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2016-11-15 22:36 - 2016-09-15 12:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-11-15 22:36 - 2016-09-13 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-11-15 22:36 - 2016-09-09 16:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-11-15 22:36 - 2016-08-21 11:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-11-15 22:35 - 2016-10-26 16:29 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-11-15 22:26 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\WinArcher 2016-11-15 22:26 - 2016-11-18 16:11 - 00000000 ____D C:\Users\Todos os Usuários\ChelfNotify 2016-11-15 22:26 - 2016-11-18 16:11 - 00000000 ____D C:\ProgramData\ChelfNotify 2016-11-15 22:25 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\6hvpn4wh 2016-11-15 16:12 - 2016-11-15 16:12 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-15 16:01 - 2016-11-15 16:12 - 12016486 _____ C:\Users\Cristina\Desktop\01 Black Barbies.m4a 2016-11-15 13:33 - 2016-11-15 13:33 - 00000000 _____ C:\autoexec.bat 2016-11-15 12:54 - 2016-11-15 12:54 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\AVAST Software 2016-11-15 12:52 - 2016-11-15 16:07 - 897086642 _____ C:\Users\Cristina\Desktop\Procurando Dory 720p (2016) Dual Áudio BluRay 5.1 -- By - Lucas Firmo.mkv 2016-11-15 12:52 - 2016-11-15 16:07 - 843650398 _____ C:\Users\Cristina\Desktop\Procurando Dory 720p (2016) Dual Áudio BluRay 5.1 -- By - Lucas Firmo.avi 2016-11-15 12:50 - 2016-11-15 22:29 - 00000000 ____D C:\Users\Cristina\Downloads\Procurando Dory 720p (2016) Dual Áudio BluRay 5.1 -- By - Lucas Firmo 2016-11-15 12:36 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\AVAST Software 2016-11-15 12:35 - 2016-11-18 19:37 - 00000000 ____D C:\Users\Cristina\AppData\LocalLow\uTorrent 2016-11-15 10:09 - 2016-11-18 22:31 - 00000000 ____D C:\Program Files\mpck 2016-11-15 10:02 - 2016-11-18 22:13 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-11-14 22:59 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\Zilesh_ 2016-11-14 22:59 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\Zilesh 2016-11-14 22:47 - 2016-11-14 22:47 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\MaohaWifi 2016-11-14 22:42 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\GreatMaker 2016-11-14 22:42 - 2016-11-15 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi 2016-11-14 22:40 - 2016-11-14 22:40 - 01620992 _____ C:\Users\Todos os Usuários\service.exe 2016-11-14 22:40 - 2016-11-14 22:40 - 01620992 _____ C:\ProgramData\service.exe 2016-11-14 22:34 - 2016-11-14 22:34 - 00000000 ____D C:\Users\Todos os Usuários\Thunder Network 2016-11-14 22:34 - 2016-11-14 22:34 - 00000000 ____D C:\Users\Public\Thunder Network 2016-11-14 22:34 - 2016-11-14 22:34 - 00000000 ____D C:\ProgramData\Thunder Network 2016-11-14 22:30 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\CleanBrowser 2016-11-14 21:36 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\360 2016-11-14 21:36 - 2016-11-14 21:36 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\360Safe 2016-11-14 21:26 - 2016-11-14 21:26 - 00000043 _____ C:\Users\Cristina\Desktop\ujr.txt 2016-11-14 21:25 - 2016-11-14 21:25 - 00000000 ____D C:\Users\Cristina\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk 2016-11-14 21:19 - 2016-11-15 19:17 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\UPUpdata 2016-11-14 20:50 - 2016-11-14 20:50 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-11-14 20:50 - 2016-11-14 20:50 - 00000000 ____D C:\Users\Public\Documents\Baidu 2016-11-14 20:50 - 2016-11-14 20:50 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\CalendarTool 2016-11-14 20:38 - 2016-11-14 20:38 - 00000000 ____D C:\Users\Public\Documents\Guid 2016-11-14 20:34 - 2016-11-18 22:16 - 00000000 _____ C:\TOSTACK 2016-11-14 20:34 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\03000200-1479162889-0500-0006-000700080009 2016-11-14 20:32 - 2016-11-15 19:17 - 00000000 ____D C:\Users\Cristina\Downloads\Pets A Vida Secreta dos Bichos 2016 WWW.BLUDV.COM 2016-11-14 20:32 - 2016-11-15 11:28 - 753956708 _____ C:\Users\Cristina\Desktop\Pets A Vida Secreta dos Bichos.2016.720p.BluRay.5.1.x264.DUAL-WWW.BLUDV.COM.avi 2016-11-14 20:32 - 2016-11-15 11:28 - 1087601425 _____ C:\Users\Cristina\Desktop\Pets A Vida Secreta dos Bichos.2016.720p.BluRay.5.1.x264.DUAL-WWW.BLUDV.COM.mkv 2016-11-12 14:15 - 2016-11-12 14:15 - 00000000 ____D C:\Users\Cristina\Desktop\Cry Baby (Deluxe Version) 2016-11-12 14:06 - 2016-11-15 15:35 - 00000000 ____D C:\Users\Cristina\Desktop\Open Bar EP 2016-11-12 14:00 - 2016-11-12 14:05 - 31695009 _____ C:\Users\Cristina\Downloads\Pabllo Vittar - Open Bar EP [HitseBeats].zip 2016-11-12 13:41 - 2016-11-12 13:42 - 08275507 _____ C:\Users\Cristina\Downloads\12 Nothing Else Matters.rar 2016-11-11 21:03 - 2016-11-11 21:03 - 00145000 _____ C:\Windows\Minidump\111116-18252-01.dmp 2016-11-09 20:14 - 2016-11-09 20:14 - 00001023 _____ C:\Users\Public\Desktop\Windows Movie Maker.lnk 2016-11-09 20:14 - 2016-11-09 20:14 - 00000000 ____D C:\Users\Cristina\AppData\Local\WMTools Downloaded Files 2016-11-09 20:13 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\Windows Movie Maker 2016-11-09 20:13 - 2016-11-09 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2016-11-09 20:13 - 2008-06-27 10:49 - 00518064 _____ (Codejock Software) C:\Windows\system32\framework.ocx 2016-11-05 10:45 - 2016-11-06 10:22 - 00000000 ____D C:\Users\Cristina\Desktop\Natural Causes 2016-11-03 13:02 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\f5hmm82w 2016-11-02 20:28 - 2016-11-02 23:44 - 00000098 _____ C:\Users\Cristina\Downloads\96052279-7af0-4696-850a-e71f90fd8773 2016-11-02 19:55 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\m2kfsuqf 2016-11-02 13:54 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\f09er35s 2016-11-02 09:54 - 2016-11-17 15:19 - 00000000 ____D C:\Users\Todos os Usuários\WinSAPSvc 2016-11-02 09:54 - 2016-11-17 15:19 - 00000000 ____D C:\ProgramData\WinSAPSvc 2016-11-02 09:53 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\kdoaa 2016-11-02 09:52 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\6cvw1iy1 2016-10-30 21:10 - 2016-10-30 21:18 - 07693475 _____ C:\Users\Cristina\Downloads\Não confirmado 175227.crdownload 2016-10-29 10:22 - 2016-10-29 16:28 - 00000000 ____D C:\Users\Cristina\Downloads\Hola 2016-10-28 20:56 - 2016-10-28 20:56 - 00058447 _____ C:\Users\Cristina\Desktop\YTaAN2o.jpg[ 2016-10-28 19:50 - 2016-10-30 21:11 - 00000000 ____D C:\Users\Cristina\Desktop\facebook-album-401651919946101 2016-10-28 16:35 - 2016-11-15 19:15 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software 2016-10-28 16:35 - 2016-11-15 19:15 - 00000000 ____D C:\ProgramData\AVAST Software 2016-10-28 16:35 - 2016-10-28 16:35 - 00000000 ____D C:\Users\Todos os Usuários\Avg 2016-10-28 16:35 - 2016-10-28 16:35 - 00000000 ____D C:\ProgramData\Avg 2016-10-28 16:33 - 2016-11-18 22:11 - 00000000 ____D C:\Program Files\Wefashpluqitain 2016-10-28 16:33 - 2016-10-28 16:33 - 00000000 ____D C:\Users\Cristina\AppData\Local\Lotocultpherjiy 2016-10-28 10:11 - 2016-10-28 10:28 - 80866774 _____ C:\Users\Cristina\Downloads\Tove Lo - Lady Wood [HitseBeats] (1).zip 2016-10-25 17:03 - 2016-10-25 20:42 - 00000000 ____D C:\Users\Cristina\Downloads\Truque.de.Mestre.2.BDRip.XviD.Dual.Audio 2016-10-25 17:03 - 2016-10-25 20:20 - 836270080 ____R C:\Users\Cristina\Desktop\Truque.de.Mestre.2.BDRip.XviD.Dual.Audio.avi 2016-10-23 21:19 - 2016-10-23 21:21 - 07960971 _____ C:\Users\Cristina\Downloads\TRQM2TORRENT.rar 2016-10-23 21:17 - 2016-10-25 20:42 - 00000000 ____D C:\Users\Cristina\Downloads\Caça-Fantasmas.Versão.de.Cinema.BDRip.XviD.Dual.Audio 2016-10-23 21:17 - 2016-10-25 11:29 - 937728000 _____ C:\Users\Cristina\Desktop\Caça-Fantasmas.Versão.de.Cinema.BDRip.XviD.Dual.Audio.avi 2016-10-23 21:13 - 2016-10-23 21:15 - 07962974 _____ C:\Users\Cristina\Downloads\CAFTMTORRENT.rar 2016-10-23 12:44 - 2016-10-23 12:44 - 00067548 _____ C:\Users\Cristina\Downloads\Rasterbation (1).pdf 2016-10-23 12:23 - 2016-10-23 12:23 - 00817229 _____ C:\Users\Cristina\Downloads\Rasterbation.pdf 2016-10-22 20:20 - 2016-10-23 18:04 - 00000000 ____D C:\Users\Cristina\Downloads\Quando.as.Luzes.se.Apagam.BDRip.XviD.Dual.Áudio-BGD 2016-10-22 20:20 - 2016-10-23 16:31 - 813283328 _____ C:\Users\Cristina\Desktop\Quando.as.Luzes.se.Apagam.BDRip.XviD.Dual.Áudio-BGD.avi 2016-10-22 20:18 - 2016-10-22 20:19 - 07960579 _____ C:\Users\Cristina\Downloads\QUATORRENT.rar 2016-10-17 20:24 - 2016-10-17 20:33 - 34575298 _____ C:\Users\Cristina\Downloads\Brooke Candy - Opulence - EP [HitseBeats.com].zip 2016-10-16 20:42 - 2016-10-16 20:42 - 00000000 ____D C:\Users\Cristina\AppData\Local\{6859D162-847E-4525-84F5-77CE958BACA9} 2016-10-15 14:43 - 2016-10-31 20:42 - 00000000 ____D C:\Users\Cristina\Desktop\pendrive 2016-10-14 23:35 - 2016-10-14 23:41 - 39298707 _____ C:\Users\Cristina\Downloads\Hayley Kiyoko - Citrine - EP [HitseBeats].zip 2016-10-14 23:04 - 2016-10-14 23:09 - 22032505 _____ C:\Users\Cristina\Downloads\Tove Lo - Lady Wood [HitseBeats].zip 2016-10-13 13:16 - 2016-09-12 17:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-10-13 13:16 - 2016-09-12 17:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-10-13 13:16 - 2016-09-08 12:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-10-13 13:16 - 2016-08-16 16:47 - 00419640 _____ C:\Windows\system32\locale.nls 2016-10-13 13:16 - 2016-08-12 14:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-10-13 13:16 - 2016-08-12 14:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-10-13 13:16 - 2016-08-12 14:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2016-10-13 13:16 - 2016-08-06 13:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-10-13 13:16 - 2016-08-06 13:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2016-10-13 13:16 - 2016-08-06 13:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-10-13 13:16 - 2016-08-06 13:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-10-13 13:16 - 2016-08-06 12:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2016-10-13 13:16 - 2016-06-14 13:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2016-10-13 13:16 - 2016-06-14 13:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-10-13 13:16 - 2016-06-14 13:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2016-10-13 13:16 - 2016-06-14 13:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2016-10-13 13:15 - 2016-09-12 18:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2016-10-13 13:15 - 2016-09-08 18:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2016-10-13 13:15 - 2016-09-08 18:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2016-10-13 13:15 - 2016-09-08 12:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-10-13 13:15 - 2016-08-12 14:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2016-10-13 13:15 - 2016-08-12 14:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2016-10-13 13:15 - 2016-08-12 14:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2016-10-13 13:15 - 2016-08-06 13:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll 2016-10-13 13:15 - 2016-08-06 12:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2016-10-13 13:15 - 2016-08-06 12:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2016-10-13 13:15 - 2016-06-14 13:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-10-13 13:15 - 2016-06-14 13:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-10-13 13:15 - 2016-06-14 13:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-10-13 13:15 - 2016-06-14 13:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-10-13 13:15 - 2016-06-14 13:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2016-10-13 13:15 - 2016-06-14 12:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2016-10-13 13:15 - 2016-06-14 12:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2016-10-13 13:15 - 2016-06-14 12:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2016-10-12 18:11 - 2016-09-12 18:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-10-12 18:11 - 2016-09-12 18:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-10-12 18:11 - 2016-09-09 13:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-10-12 18:11 - 2016-07-22 12:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-10-12 18:06 - 2016-08-29 13:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-10-12 18:06 - 2016-08-29 13:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-10-12 18:06 - 2016-08-29 13:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-10-12 18:06 - 2016-08-29 12:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-10-12 17:56 - 2016-08-16 18:27 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-10-12 17:56 - 2016-08-16 18:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2016-10-12 17:56 - 2016-08-16 18:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2016-10-12 17:56 - 2016-08-16 18:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2016-10-12 17:56 - 2016-08-16 18:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2016-10-12 17:56 - 2016-08-16 18:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2016-10-12 17:56 - 2016-08-16 18:26 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2016-10-12 16:47 - 2016-10-12 16:56 - 06886854 _____ C:\Users\Cristina\Downloads\100_ Feminista (feat. Karol Conká, Leo Justi & Tropikillaz) - Single [HitseBeats].zip 2016-10-05 21:44 - 2016-10-05 21:44 - 00000000 ____D C:\Users\Cristina\AppData\Local\{C1C46F64-CDA0-44F3-B198-D652F918E413} 2016-10-03 15:52 - 2016-10-03 15:55 - 07960664 _____ C:\Users\Cristina\Downloads\AO30TORRENT.rar 2016-10-02 19:34 - 2016-10-02 20:16 - 97589554 _____ C:\Users\Cristina\Downloads\Fifth Harmony - 7_27 (Japan Deluxe Edition) [HitseBeats].zip 2016-10-02 19:05 - 2016-10-02 19:25 - 101361800 _____ C:\Users\Cristina\Downloads\Fifth Harmony - Reflection (Deluxe) [HitseBeats].zip 2016-10-02 14:56 - 2016-10-03 15:46 - 00000000 ____D C:\Users\Cristina\Downloads\A.Era.do.Gelo.O.Big.Bang.2016.BDRip.XviD.Dual.Áudio-BGD 2016-10-02 14:50 - 2016-10-02 14:53 - 07960815 _____ C:\Users\Cristina\Downloads\AERATORRENT.rar 2016-10-01 14:41 - 2016-10-01 14:41 - 00000000 ____D C:\Users\Cristina\AppData\Local\{0F376500-DFBE-47DE-A1F0-B86761A82BF2} 2016-09-27 13:40 - 2016-09-27 13:56 - 83848750 _____ C:\Users\Cristina\Downloads\BØRNS - Dopamine [HitseBeats].zip 2016-09-27 13:03 - 2016-09-27 22:34 - 00000000 ____D C:\Users\Cristina\Downloads\Os Caça-Noivas.2016.BDRip.XviD.Dual.Áudio-BGD 2016-09-27 12:45 - 2016-09-27 12:47 - 07960967 _____ C:\Users\Cristina\Downloads\OSCATORRENT.rar 2016-09-27 12:31 - 2016-09-27 12:44 - 40396728 _____ C:\Users\Cristina\Downloads\COMO FAZER CAIXA DE PRESENTE DE ORIGAMI.mp4 2016-09-27 12:15 - 2016-09-27 12:16 - 00159491 _____ C:\Users\Cristina\Downloads\caixa PAI.studio 2016-09-25 15:22 - 2016-09-27 12:43 - 00000000 ____D C:\Users\Cristina\Downloads\Alice Através do Espelho [WEB-DL] WWW.BLUDV.COM 2016-09-25 15:19 - 2016-09-25 15:22 - 00000000 ____D C:\Users\Cristina\Downloads\The.Magicians.WWW.AZTORRENTS.ORG 2016-09-24 11:56 - 2016-11-04 18:51 - 00000000 ____D C:\Users\Cristina\Documents\Arquivos do Outlook 2016-09-23 00:24 - 2016-09-23 00:26 - 11475986 _____ C:\Users\Cristina\Downloads\13645611_1768041906811826_121641625_n.mp4 2016-09-13 19:37 - 2016-05-13 19:50 - 02945536 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-09-13 19:37 - 2016-05-13 19:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-09-13 19:37 - 2016-05-13 19:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-09-13 19:37 - 2016-05-13 19:39 - 02060288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-09-13 19:37 - 2016-05-13 19:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-09-13 19:37 - 2016-05-13 19:38 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-09-13 19:37 - 2016-05-13 19:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-09-13 19:37 - 2016-05-13 19:38 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-09-13 19:37 - 2016-05-13 19:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-09-13 19:37 - 2016-05-13 19:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-09-13 19:37 - 2016-05-13 19:38 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-09-13 19:37 - 2016-05-04 15:21 - 00105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-09-13 19:37 - 2016-05-04 15:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-09-13 19:37 - 2016-05-04 15:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-09-13 19:37 - 2016-05-04 15:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-09-13 19:37 - 2016-05-04 15:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-09-13 19:37 - 2016-05-04 12:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-09-13 19:11 - 2016-08-16 00:48 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-09-13 19:11 - 2016-07-07 13:20 - 01309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-09-13 19:11 - 2016-07-07 13:20 - 00240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2016-09-13 19:11 - 2016-07-07 13:20 - 00187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-09-13 19:11 - 2016-07-07 12:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2016-09-13 19:07 - 2016-08-12 14:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-09-13 19:07 - 2016-08-12 14:21 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-09-13 19:07 - 2016-08-12 14:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-09-13 16:05 - 2016-09-13 16:24 - 67300118 _____ C:\Users\Cristina\Downloads\Flordelis - A Volta Por Cima 2014 (PlayBack).rar 2016-09-06 22:45 - 2016-09-06 22:45 - 00128525 _____ C:\Users\Cristina\Downloads\cocaine_sans.zip 2016-09-06 22:45 - 2016-09-06 22:45 - 00018969 _____ C:\Users\Cristina\Downloads\ferro_rosso.zip 2016-09-06 22:43 - 2016-09-06 22:43 - 00080907 _____ C:\Users\Cristina\Downloads\miltown.zip 2016-09-06 22:42 - 2016-09-06 22:42 - 00039839 _____ C:\Users\Cristina\Downloads\black_rose.zip 2016-09-06 22:42 - 2016-09-06 22:42 - 00009293 _____ C:\Users\Cristina\Downloads\blade_2.zip 2016-09-06 22:41 - 2016-09-06 22:41 - 00026705 _____ C:\Users\Cristina\Downloads\old_script.zip 2016-09-06 22:39 - 2016-09-06 22:46 - 13688461 _____ C:\Users\Cristina\Downloads\3D-Wooden-Logo-MockUp.zip 2016-09-06 22:39 - 2016-09-06 22:40 - 00074634 _____ C:\Users\Cristina\Downloads\base_02.zip 2016-08-26 20:09 - 2016-08-26 21:09 - 89656358 _____ C:\Users\Cristina\Downloads\Banda Uo - VENENO [HitseBeats].zip 2016-08-26 19:48 - 2016-08-26 20:06 - 88194617 _____ C:\Users\Cristina\Downloads\Banda Uó - Motel - [HitseBeats.com].zip 2016-08-26 12:18 - 2016-08-26 12:47 - 116296448 _____ C:\Users\Cristina\Downloads\Britney Spears - Glory (Deluxe Version) [HitseBeats].zip ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-11-18 22:40 - 2016-05-04 19:18 - 00000000 ____D C:\Users\Todos os Usuários\Gramblr 2016-11-18 22:40 - 2016-05-04 19:18 - 00000000 ____D C:\ProgramData\Gramblr 2016-11-18 22:39 - 2015-07-25 13:26 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\uTorrent 2016-11-18 22:34 - 2009-07-14 02:34 - 00033904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-18 22:34 - 2009-07-14 02:34 - 00033904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-18 22:33 - 2015-10-31 18:14 - 00001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-11-18 22:33 - 2015-07-19 18:23 - 00001427 _____ C:\Users\Cristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-11-18 22:29 - 2015-07-25 11:21 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-18 22:18 - 2015-07-25 11:21 - 00000000 ____D C:\Users\Cristina\AppData\Local\Google 2016-11-18 22:18 - 2015-07-25 11:21 - 00000000 ____D C:\Program Files\Google 2016-11-18 22:11 - 2016-07-30 14:27 - 00000000 ____D C:\Program Files\K-Lite Codec Pack 2016-11-18 22:11 - 2016-07-17 21:30 - 00000000 ____D C:\Program Files\Hamster Soft 2016-11-18 22:11 - 2016-07-06 13:25 - 00000000 ____D C:\Autodesk 2016-11-18 22:11 - 2016-06-18 14:30 - 00000000 ____D C:\Program Files\Adobe 2016-11-18 22:11 - 2016-06-04 16:44 - 00000000 ____D C:\Program Files\DVDlabPro2 2016-11-18 22:11 - 2016-06-04 15:51 - 00000000 ____D C:\Program Files\Nero 2016-11-18 22:11 - 2016-05-04 19:18 - 00000000 ____D C:\Program Files\Gramblr 2016-11-18 22:11 - 2016-04-14 23:28 - 00000000 ____D C:\Program Files\LG Electronics 2016-11-18 22:11 - 2016-04-09 11:39 - 00000000 ___HD C:\Program Files\DrFoneAndroid_Temp 2016-11-18 22:11 - 2016-04-09 11:39 - 00000000 ____D C:\Program Files\Wondershare 2016-11-18 22:11 - 2016-03-13 15:36 - 00000000 ____D C:\Program Files\Digiarty 2016-11-18 22:11 - 2016-03-06 22:33 - 00000000 ____D C:\Program Files\MajorSilence 2016-11-18 22:11 - 2016-03-06 18:25 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2016-11-18 22:11 - 2016-02-27 21:37 - 00000000 ____D C:\Program Files\Mp3tag 2016-11-18 22:11 - 2016-02-21 21:07 - 00000000 ____D C:\Program Files\VirtualDJ 2016-11-18 22:11 - 2016-02-04 11:00 - 00000000 ____D C:\Program Files\DVDStyler 2016-11-18 22:11 - 2015-11-25 22:02 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2016-11-18 22:11 - 2015-11-25 22:00 - 00000000 ____D C:\Program Files\Microsoft Office 2016-11-18 22:11 - 2015-11-25 22:00 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-11-18 22:11 - 2015-11-24 21:09 - 00000000 ____D C:\Program Files\MSECache 2016-11-18 22:11 - 2015-10-31 18:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-11-18 22:11 - 2015-10-12 17:05 - 00000000 ____D C:\Program Files\Freemake 2016-11-18 22:11 - 2015-08-08 14:18 - 00000000 ____D C:\Program Files\PicosmosTools 2016-11-18 22:11 - 2015-08-08 14:06 - 00000000 ____D C:\Program Files\FormatFactory 2016-11-18 22:11 - 2015-07-29 13:15 - 00000000 ____D C:\Program Files\Hola 2016-11-18 22:11 - 2015-07-27 18:56 - 00000000 ____D C:\Program Files\PhotoScape 2016-11-18 22:11 - 2015-07-25 13:34 - 00000000 ____D C:\searchplugins 2016-11-18 22:11 - 2015-07-25 13:32 - 00000000 ____D C:\Program Files\Lavasoft 2016-11-18 22:11 - 2015-07-22 03:00 - 00000000 ____D C:\Program Files\WinRAR 2016-11-18 22:11 - 2015-07-22 03:00 - 00000000 ____D C:\Program Files\Windows Loader 2016-11-18 22:11 - 2015-07-22 02:50 - 00000000 ____D C:\Users\Todos os Usuários\Avira 2016-11-18 22:11 - 2015-07-22 02:50 - 00000000 ____D C:\ProgramData\Avira 2016-11-18 22:11 - 2015-07-22 02:50 - 00000000 ____D C:\Program Files\Avira 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\Windows Sidebar 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\Windows Defender 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\MSBuild 2016-11-18 22:11 - 2009-07-14 02:52 - 00000000 ____D C:\Program Files\DVD Maker 2016-11-18 22:11 - 2009-07-14 00:37 - 00000000 ____D C:\Program Files\Windows NT 2016-11-18 22:01 - 2016-02-04 11:01 - 00000282 _____ C:\Windows\Tasks\UpdateTask.job 2016-11-18 19:29 - 2015-07-25 11:21 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-18 17:22 - 2016-07-27 22:56 - 00000000 ____D C:\Users\Cristina\AppData\Local\Spotify 2016-11-18 17:02 - 2016-07-27 22:35 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Spotify 2016-11-18 17:01 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-16 13:16 - 2015-07-19 14:01 - 00705474 _____ C:\Windows\system32\prfh0416.dat 2016-11-16 13:16 - 2015-07-19 14:01 - 00147314 _____ C:\Windows\system32\prfc0416.dat 2016-11-16 13:16 - 2010-11-20 19:01 - 01634498 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-16 13:16 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf 2016-11-16 13:10 - 2009-07-14 02:33 - 00440032 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-16 12:53 - 2015-11-25 22:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-11-16 12:52 - 2015-11-25 22:00 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-11-16 12:51 - 2009-07-14 00:04 - 00000478 _____ C:\Windows\win.ini 2016-11-15 19:17 - 2016-08-13 22:24 - 00000000 ____D C:\Users\Cristina\AppData\Local\UmmyVideoDownloader 2016-11-15 19:17 - 2015-07-25 13:34 - 00000000 ____D C:\Users\Cristina\AppData\Local\Lavasoft 2016-11-15 19:17 - 2015-07-25 13:30 - 00000000 ____D C:\Users\Todos os Usuários\Lavasoft 2016-11-15 19:17 - 2015-07-25 13:30 - 00000000 ____D C:\ProgramData\Lavasoft 2016-11-15 19:17 - 2015-07-19 18:23 - 00000000 ____D C:\Users\Cristina 2016-11-15 19:16 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\registration 2016-11-15 19:15 - 2015-07-25 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-11-15 19:15 - 2015-07-20 02:55 - 00000000 ____D C:\Users\Cristina\Desktop\BACKUP 2016-11-14 23:44 - 2016-02-27 21:39 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Mp3tag 2016-11-14 23:37 - 2016-03-06 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeVeDe 2016-11-14 23:33 - 2015-09-20 22:37 - 00000000 ____D C:\Users\Cristina\Desktop\Isac 2016-11-14 23:32 - 2016-08-13 12:38 - 00000000 ____D C:\Users\Cristina\Desktop\Originals 2016-11-14 22:55 - 2015-10-15 17:30 - 00051200 ____H C:\Users\Cristina\Desktop\photothumb.db 2016-11-14 22:52 - 2016-03-06 22:35 - 00000000 ____D C:\Users\Cristina\AppData\Local\MPlayer 2016-11-14 21:56 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\system32\NDF 2016-11-14 21:36 - 2015-07-22 02:52 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-11-14 21:36 - 2015-07-22 02:52 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-14 21:17 - 2015-07-22 02:51 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Avira 2016-11-11 21:03 - 2016-02-21 21:22 - 236149632 _____ C:\Windows\MEMORY.DMP 2016-11-11 21:03 - 2016-02-21 21:22 - 00000000 ____D C:\Windows\Minidump 2016-11-05 09:10 - 2016-06-18 14:30 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-11-02 10:49 - 2015-07-29 13:34 - 00000000 ____D C:\Users\Cristina\AppData\Roaming\Hola 2016-10-28 16:35 - 2016-07-30 14:50 - 00000000 ____D C:\KMPlayer 2016-10-28 16:35 - 2015-08-08 14:06 - 00000000 ____D C:\FFOutput 2016-10-28 16:35 - 2009-07-14 00:37 - 00000000 ____D C:\PerfLogs 2016-10-22 20:20 - 2016-07-18 12:45 - 00000000 ____D C:\Users\Cristina\Downloads\Projeto.X.Uma.Festa.Fora.de.Controle.BDRip.XviD.Dual.Áudio-DeadPool ==================== Arquivos na raiz de alguns diretórios ======= 2016-11-18 22:19 - 2016-11-18 22:19 - 7065600 _____ () C:\Program Files\GUT97C3.tmp 2016-02-04 17:01 - 2016-02-06 13:01 - 0000103 _____ () C:\Users\Cristina\AppData\Roaming\WB.CFG 2016-11-14 22:40 - 2016-11-14 22:40 - 1620992 _____ () C:\ProgramData\service.exe Arquivos para serem movidos ou deletados: ==================== C:\Program Files\Hola\app\hola.exe C:\Users\Cristina\AppData\Local\Temp\H7UYUZD00P.exe C:\Users\Cristina\AppData\Local\Temp\RB90R0ZNSV.exe C:\Windows\Temp\00031109\msiql.exe C:\Users\Cristina\AppData\Local\Temp\LPQ7I4P6NE.exe C:\Users\Cristina\AppData\Local\Temp\O2KMF50GX\O2KMF50GX.exe C:\ProgramData\service.exe C:\Users\Todos os Usuários\service.exe Alguns arquivos em TEMP: ==================== C:\Users\Cristina\AppData\Local\Temp\3VLDPCF4O1.exe C:\Users\Cristina\AppData\Local\Temp\60EA.tmp.exe C:\Users\Cristina\AppData\Local\Temp\AW1J16C6EI.exe C:\Users\Cristina\AppData\Local\Temp\BB5YG1NJOU.exe C:\Users\Cristina\AppData\Local\Temp\BMDL1SI6JA.exe C:\Users\Cristina\AppData\Local\Temp\Browser_V5.6.14087.902_r_4727_(Build1608021049).exe C:\Users\Cristina\AppData\Local\Temp\Browser_V5.7.15319.5_r_4722_(Build1608291541).exe C:\Users\Cristina\AppData\Local\Temp\DriverInstall.exe C:\Users\Cristina\AppData\Local\Temp\DriverInstall_X64.exe C:\Users\Cristina\AppData\Local\Temp\DriverTool.dll C:\Users\Cristina\AppData\Local\Temp\fsd793A.exe C:\Users\Cristina\AppData\Local\Temp\H7UYUZD00P.exe C:\Users\Cristina\AppData\Local\Temp\IQ171VEQDP.exe C:\Users\Cristina\AppData\Local\Temp\LPQ7I4P6NE.exe C:\Users\Cristina\AppData\Local\Temp\maohasubstat.dll C:\Users\Cristina\AppData\Local\Temp\RB90R0ZNSV.exe C:\Users\Cristina\AppData\Local\Temp\rkinstaller.exe C:\Users\Cristina\AppData\Local\Temp\rkverify.exe C:\Users\Cristina\AppData\Local\Temp\sdf4CAF.exe C:\Users\Cristina\AppData\Local\Temp\sdfE8DD.exe C:\Users\Cristina\AppData\Local\Temp\softconfig.dll C:\Users\Cristina\AppData\Local\Temp\TJ8J9WS4VO.exe C:\Users\Cristina\AppData\Local\Temp\uninstall.dll C:\Users\Cristina\AppData\Local\Temp\YYCGRF3M5M.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-11-14 17:58 ==================== Fim de FRST.txt ============================