Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by rusobr2 (administrator) on RUSOBR2-PC (06-09-2016 21:46:10)
Running from C:\Users\rusobr2\Downloads
Loaded Profiles: rusobr2 (Available Profiles: rusobr2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
() C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(© 2015 Microsoft Corporation) C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1838504 2016-07-11] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-436883666-1139675966-1884149517-1000\...\Run: [BingSvc] => C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-436883666-1139675966-1884149517-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2014-08-04]
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
Tcpip\..\Interfaces\{F63853C9-4098-42F4-ADE8-406C47CCC51F}: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
Internet Explorer:
==================
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-07-11] (Qihu 360 Software Co., Ltd.)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-07-11] (Qihu 360 Software Co., Ltd.)
FireFox:
========
FF ProfilePath: C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957
FF Homepage: msn.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-30] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Extension: (360 Internet Protection) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-07-30]
FF Extension: (American English Spelling Checker) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\extensions\AmericanEnglishSpellingChecker@lipocodes.xpi [2016-08-26]
FF Extension: (Firefox Hotfix) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-30]
FF Extension: (SaveFrom.net - helper) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\Extensions\helper-sig@savefrom.net.xpi [2016-08-22]
FF Extension: (YouTube™ Flash-HTML5) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2016-07-30]
FF Extension: (translator) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\Extensions\translator@dontfollowme.net.xpi [2016-06-08]
FF Extension: (Video DownloadHelper) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-03]
FF Extension: (Adblock Plus) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\Profiles\dyxfuajd.default-1444401129957\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-18] (McAfee, Inc.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [913832 2016-07-11] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
S2 424706e40d5a5f55369633986718ca4d; c:\program files\768045ce0ae8eb4426ad6062514a19b7\7bb70b6e96314a97879c4b2fe3c53913.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-07-11] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2016-07-11] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-07-11] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-07-11] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-05] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [370768 2016-04-24] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [182352 2016-05-18] (360.cn)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )
R1 219c91ba2c1e0bc8a0cdb74f9227c597; system32\DRIVERS\219c91ba2c1e0bc8a0cdb74f9227c597.sys [X]
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-06 21:46 - 2016-09-06 21:47 - 00010191 _____ C:\Users\rusobr2\Downloads\FRST.txt
2016-09-06 21:46 - 2016-09-06 21:46 - 00000000 ____D C:\FRST
2016-09-06 21:45 - 2016-09-06 21:45 - 02397696 _____ (Farbar) C:\Users\rusobr2\Downloads\FRST64.exe
2016-09-06 21:37 - 2016-09-06 21:37 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-06 21:35 - 2016-09-06 21:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-06 21:35 - 2016-09-06 21:35 - 00001393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-06 21:35 - 2016-09-06 21:35 - 00001381 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-06 21:35 - 2016-09-06 21:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-06 21:35 - 2016-09-06 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-06 21:35 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2016-09-06 21:33 - 2016-09-06 21:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\rusobr2\Downloads\spybot-2.4.exe
2016-09-06 21:08 - 2016-09-06 21:08 - 00064024 _____ C:\Users\rusobr2\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-03 09:07 - 2016-09-03 09:08 - 30461490 _____ C:\Users\rusobr2\Downloads\Guide to do some gymnastics.mp4
2016-09-02 07:09 - 2016-09-02 07:10 - 138450435 _____ C:\Users\rusobr2\Downloads\BFF'S YOGA CHALLENGE ч.2(1).mp4
2016-09-02 07:09 - 2016-09-02 07:09 - 138450435 _____ C:\Users\rusobr2\Downloads\BFF'S YOGA CHALLENGE ч.2.mp4
2016-09-02 06:41 - 2016-09-02 06:41 - 81445047 _____ C:\Users\rusobr2\Downloads\Йога челинж.mp4
2016-09-02 06:30 - 2016-09-02 06:31 - 192798156 _____ C:\Users\rusobr2\Downloads\THE YOGA CHALLENGE_Испытания для девчонок ч.1.mp4
2016-09-02 05:36 - 2016-09-02 05:37 - 317107316 _____ C:\Users\rusobr2\Downloads\BetaRiffs _ Day 4 _ SLEEPOVER.mp4
2016-09-02 04:26 - 2016-09-02 04:26 - 08923784 _____ C:\Users\rusobr2\Downloads\Gymnastics.mp4
2016-09-02 04:07 - 2016-09-02 04:07 - 44739103 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge.mp4
2016-09-01 14:25 - 2016-09-01 14:25 - 35688452 _____ C:\Users\rusobr2\Downloads\NOT MY LEGS CHALLENGE WITH TRYNDA BLOOPERS(1).mp4
2016-09-01 14:20 - 2016-09-01 14:20 - 35688452 _____ C:\Users\rusobr2\Downloads\NOT MY LEGS CHALLENGE WITH TRYNDA BLOOPERS.mp4
2016-09-01 13:20 - 2016-09-01 13:20 - 25188114 _____ C:\Users\rusobr2\Downloads\How to do siple gymnastics.mp4
2016-09-01 12:50 - 2016-09-01 12:50 - 18890598 _____ C:\Users\rusobr2\Downloads\Twister challenge.mp4
2016-09-01 12:46 - 2016-09-01 12:46 - 103365220 _____ C:\Users\rusobr2\Downloads\2 girls yoga challenge(2).mp4
2016-09-01 12:44 - 2016-09-01 12:45 - 103365220 _____ C:\Users\rusobr2\Downloads\2 girls yoga challenge(1).mp4
2016-09-01 12:39 - 2016-09-01 12:40 - 103365220 _____ C:\Users\rusobr2\Downloads\2 girls yoga challenge.mp4
2016-09-01 12:38 - 2016-09-01 12:38 - 05783319 _____ C:\Users\rusobr2\Downloads\My gymnastics(1).mp4
2016-09-01 12:12 - 2016-09-01 12:12 - 09422493 _____ C:\Users\rusobr2\Downloads\How to do a handstand(2).mp4
2016-09-01 11:56 - 2016-09-01 11:56 - 139398536 _____ C:\Users\rusobr2\Downloads\How to do handstands. Work with me plz.mp4
2016-09-01 11:54 - 2016-09-01 11:54 - 36282488 _____ C:\Users\rusobr2\Downloads\how to do a handstand(1).mp4
2016-09-01 11:29 - 2016-09-01 11:29 - 53293425 _____ C:\Users\rusobr2\Downloads\My gymnastics.mp4
2016-09-01 11:27 - 2016-09-01 11:27 - 77406100 _____ C:\Users\rusobr2\Downloads\Gymnastics whith my sister.mp4
2016-09-01 11:08 - 2016-09-01 11:08 - 25833121 _____ C:\Users\rusobr2\Downloads\Back bend for 2 min.mp4
2016-09-01 11:03 - 2016-09-01 11:03 - 06683268 _____ C:\Users\rusobr2\Downloads\Как научиться делать переворот вперед.mp4
2016-09-01 10:59 - 2016-09-01 10:59 - 177258943 _____ C:\Users\rusobr2\Downloads\THE YOGA CHALLENGE_Испытания для девчонок ч.2.mp4
2016-09-01 10:44 - 2016-09-01 10:44 - 75395273 _____ C:\Users\rusobr2\Downloads\Doing gymnastics while doing daily tasks _EPIC FAIL.mp4
2016-09-01 10:39 - 2016-09-01 10:40 - 275679168 _____ C:\Users\rusobr2\Downloads\My first video - Gymnastics.mp4
2016-09-01 10:35 - 2016-09-01 10:35 - 116829000 _____ C:\Users\rusobr2\Downloads\my second video - Gymnastics Backbend.mp4
2016-09-01 10:20 - 2016-09-01 10:20 - 160563696 _____ C:\Users\rusobr2\Downloads\Gymnastics with my friends.mp4
2016-09-01 10:15 - 2016-09-01 10:15 - 15523013 _____ C:\Users\rusobr2\Downloads\My gymnastics and dance in a skirt.mp4
2016-09-01 09:59 - 2016-09-01 09:59 - 85640965 _____ C:\Users\rusobr2\Downloads\The Yoga Challenge ft ЮляЭлпис.mp4
2016-09-01 09:27 - 2016-09-01 09:27 - 38333639 _____ C:\Users\rusobr2\Downloads\Ice _ yoga challenge.mp4
2016-09-01 09:22 - 2016-09-01 09:23 - 75980070 _____ C:\Users\rusobr2\Downloads\Ice bath challenge.mp4
2016-09-01 09:05 - 2016-09-01 09:05 - 107725635 _____ C:\Users\rusobr2\Downloads\Растяжка на шпагат и мостик .(1 часть).mp4
2016-09-01 01:13 - 2016-09-01 08:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-31 12:34 - 2016-08-31 12:34 - 75407449 _____ C:\Users\rusobr2\Downloads\Cailin and Jenna's Yoga Challenge.mp4
2016-08-31 12:20 - 2016-08-31 12:20 - 11821617 _____ C:\Users\rusobr2\Downloads\New The Yoga Challenge! The Yoga Challenge girl 2016 386 YouTube.mp4
2016-08-31 12:12 - 2016-08-31 12:12 - 46864298 _____ C:\Users\rusobr2\Downloads\New The Yoga Challenge.mp4
2016-08-31 11:54 - 2016-08-31 11:54 - 10682703 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Morning Routine.mp4
2016-08-31 11:09 - 2016-08-31 11:09 - 06859592 _____ C:\Users\rusobr2\Downloads\How to improve your splits! the yoga challenge girls teen desafio da piscina desafio da yoga!.mp4
2016-08-31 11:05 - 2016-08-31 11:05 - 22142829 _____ C:\Users\rusobr2\Downloads\New The Yoga Challenge! The Yoga Challenge girl 2016 314.mp4
2016-08-31 10:57 - 2016-08-31 10:57 - 79534852 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt1.mp4
2016-08-31 10:49 - 2016-08-31 10:49 - 81818813 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt2.mp4
2016-08-31 10:38 - 2016-08-31 10:38 - 49549248 _____ C:\Users\rusobr2\Downloads\El desafío del yoga.The Yoga Challenge.mp4
2016-08-31 10:36 - 2016-08-31 10:36 - 65209880 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 149.mp4
2016-08-31 10:24 - 2016-08-31 10:25 - 76388680 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 145.mp4
2016-08-31 10:19 - 2016-08-31 10:20 - 57424697 _____ C:\Users\rusobr2\Downloads\The Yoga Challenge ft Lurv4lyfe.mp4
2016-08-31 10:01 - 2016-08-31 10:02 - 139949912 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Funny!.mp4
2016-08-31 09:18 - 2016-08-31 09:18 - 100493836 _____ C:\Users\rusobr2\Downloads\word desafios , Yoga Challenge chany.mp4
2016-08-31 09:06 - 2016-08-31 09:06 - 79297183 _____ C:\Users\rusobr2\Downloads\Yoga challenge .mp4
2016-08-31 08:50 - 2016-08-31 08:50 - 16898776 _____ C:\Users\rusobr2\Downloads\Gymnastics - Middle Split.mp4
2016-08-31 08:46 - 2016-08-31 08:46 - 26290750 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits at home!.mp4
2016-08-31 08:44 - 2016-08-31 08:44 - 07834294 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits Cute Baby Girl.mp4
2016-08-31 08:41 - 2016-08-31 08:41 - 18773871 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits.mp4
2016-08-31 08:39 - 2016-08-31 08:39 - 07341877 _____ C:\Users\rusobr2\Downloads\Gymnastics - How to do the Middle Splits for Kids.mp4
2016-08-31 08:35 - 2016-08-31 08:35 - 12684431 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits Warm Up !.mp4
2016-08-31 08:28 - 2016-08-31 08:28 - 138981413 _____ C:\Users\rusobr2\Downloads\Bath challenge.mp4
2016-08-28 12:05 - 2016-08-28 12:06 - 101468474 _____ C:\Users\rusobr2\Downloads\As meninas brincando kkkkk.mp4
2016-08-28 12:03 - 2016-08-28 12:04 - 120643585 _____ C:\Users\rusobr2\Downloads\Non so cosa fare.mp4
2016-08-28 12:02 - 2016-08-28 12:02 - 08486016 _____ C:\Users\rusobr2\Downloads\моё утро 2.mp4
2016-08-28 11:53 - 2016-08-28 11:53 - 129671651 _____ C:\Users\rusobr2\Downloads\Best friend pool chllenge and funny moments.mp4
2016-08-28 11:41 - 2016-08-28 11:41 - 42856901 _____ C:\Users\rusobr2\Downloads\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога .mp4
2016-08-28 11:19 - 2016-08-28 11:19 - 12107039 _____ C:\Users\rusobr2\Downloads\How to do a handstand.mp4
2016-08-28 11:10 - 2016-08-28 11:10 - 13544437 _____ C:\Users\rusobr2\Downloads\How to do splits easy way.mp4
2016-08-28 10:59 - 2016-08-28 10:59 - 35264086 _____ C:\Users\rusobr2\Downloads\How to do the splits in 5 minutes!.mp4
2016-08-28 10:47 - 2016-08-28 10:47 - 20814969 _____ C:\Users\rusobr2\Downloads\How to do Splits - best way.mp4
2016-08-28 10:37 - 2016-08-28 10:37 - 111448144 _____ C:\Users\rusobr2\Downloads\Splits part 1.mp4
2016-08-28 10:33 - 2016-08-28 10:33 - 15828179 _____ C:\Users\rusobr2\Downloads\#YOGA #CHALLENGE #WITH #GIRLFRIEND - #POOL CHALLENGE #BEST #FRIENDS (501).mp4.mp4
2016-08-28 10:29 - 2016-08-28 10:29 - 167548596 _____ C:\Users\rusobr2\Downloads\Yoga Challenge 2 __ REBECCA HOFFMAN.mp4
2016-08-28 10:28 - 2016-08-28 10:28 - 18724991 _____ C:\Users\rusobr2\Downloads\Split skills.mp4
2016-08-27 11:33 - 2016-08-27 11:33 - 17713166 _____ C:\Users\rusobr2\Downloads\Как сесть на шпагат за 5 минут.mp4
2016-08-27 11:26 - 2016-08-27 11:26 - 01097477 _____ C:\Users\rusobr2\Downloads\Моя гимнастика #3.mp4
2016-08-27 10:12 - 2016-08-27 10:12 - 40954820 _____ C:\Users\rusobr2\Downloads\Как научиться делать шпагат.mp4
2016-08-27 09:48 - 2016-08-27 09:48 - 31631713 _____ C:\Users\rusobr2\Downloads\Почувствовал слабинку.mp4
2016-08-27 09:38 - 2016-08-27 09:38 - 53330275 _____ C:\Users\rusobr2\Downloads\În pis.mp4
2016-08-27 08:50 - 2016-08-27 08:50 - 01652464 _____ C:\Users\rusobr2\Downloads\Моё утро _3.mp4
2016-08-24 20:35 - 2016-07-08 08:37 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-08-24 20:35 - 2016-07-08 08:37 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-08-24 20:35 - 2016-07-08 08:32 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-08-24 20:35 - 2016-07-08 08:32 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-08-24 20:35 - 2016-07-08 08:17 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-08-24 20:35 - 2016-07-08 08:17 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-08-24 20:35 - 2016-07-08 08:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-08-24 20:35 - 2016-07-08 08:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-08-24 20:35 - 2016-07-08 07:57 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-08-24 20:35 - 2016-07-08 07:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-08-24 20:35 - 2016-07-08 07:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-08-24 20:35 - 2016-07-08 07:55 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-08-24 20:35 - 2016-07-08 07:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-08-24 20:35 - 2016-07-08 07:50 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-08-24 20:35 - 2016-06-25 17:27 - 00970240 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-08-24 20:35 - 2016-06-25 17:27 - 00756736 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-08-24 20:35 - 2016-06-25 17:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2016-08-24 20:35 - 2016-06-25 17:27 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2016-08-24 20:35 - 2016-06-25 17:27 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\inetppui.dll
2016-08-24 20:35 - 2016-06-25 12:54 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2016-08-24 20:35 - 2016-06-25 12:53 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2016-08-24 20:35 - 2016-06-25 12:53 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\ntprint.exe
2016-08-24 20:35 - 2016-06-25 12:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wpnpinst.exe
2016-08-24 20:35 - 2016-06-25 12:41 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.exe
2016-08-24 20:35 - 2016-05-18 09:10 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-08-24 20:35 - 2016-05-18 09:09 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-08-24 20:35 - 2016-05-13 15:15 - 00382184 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-08-24 20:35 - 2016-05-13 15:09 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-08-24 20:35 - 2016-05-13 15:09 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-08-24 20:35 - 2016-05-13 15:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-08-24 20:35 - 2016-05-13 15:09 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-08-24 20:35 - 2016-05-13 14:54 - 00308456 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-08-24 20:35 - 2016-05-13 14:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-08-24 20:35 - 2016-05-13 14:49 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-08-24 20:35 - 2016-05-13 14:49 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-08-24 20:35 - 2016-05-13 14:27 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-08-24 20:35 - 2016-05-12 10:15 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\winipsec.dll
2016-08-24 20:35 - 2016-05-12 10:14 - 00794624 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2016-08-24 20:35 - 2016-05-12 10:14 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
2016-08-24 20:35 - 2016-05-12 10:14 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\polstore.dll
2016-08-24 20:35 - 2016-05-12 10:14 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\gpapi.dll
2016-08-24 20:35 - 2016-05-12 10:14 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\FwRemoteSvr.dll
2016-08-24 20:35 - 2016-05-12 08:18 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\polstore.dll
2016-08-24 20:35 - 2016-05-12 08:18 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll
2016-08-24 20:35 - 2016-05-12 08:18 - 00070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\winipsec.dll
2016-08-24 20:35 - 2016-05-12 08:18 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\FwRemoteSvr.dll
2016-08-24 20:35 - 2016-05-12 07:58 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-08-24 20:35 - 2016-05-12 07:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-08-24 20:35 - 2016-05-12 07:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-08-24 20:35 - 2016-05-12 06:05 - 00459640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-08-24 20:35 - 2016-05-12 06:05 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-08-24 20:35 - 2016-05-12 06:04 - 00249352 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-08-24 20:35 - 2016-05-11 10:02 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2016-08-24 20:35 - 2016-05-11 10:02 - 00444928 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2016-08-24 20:35 - 2016-05-11 10:02 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-08-24 20:35 - 2016-05-11 10:02 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2016-08-24 20:35 - 2016-05-11 08:19 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2016-08-24 20:35 - 2016-05-11 08:19 - 00351744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2016-08-24 20:35 - 2016-05-11 08:19 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-08-24 20:35 - 2016-05-11 08:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2016-08-24 20:35 - 2016-05-11 08:11 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\netbtugc.exe
2016-08-24 20:35 - 2016-05-11 08:01 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
2016-08-24 20:35 - 2016-05-11 07:58 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2016-08-24 20:35 - 2016-04-14 06:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-08-24 20:35 - 2016-04-14 06:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-08-24 20:35 - 2016-04-09 00:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-08-24 20:35 - 2016-04-09 00:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-08-24 20:35 - 2016-04-09 00:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-08-24 20:35 - 2016-04-09 00:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-08-24 20:35 - 2016-04-09 00:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-08-24 20:35 - 2016-04-08 23:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-08-24 20:35 - 2016-04-08 23:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-08-24 20:35 - 2016-04-08 23:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-08-24 20:35 - 2016-04-08 23:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 23:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 22:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-08-24 20:35 - 2016-04-08 22:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-08-24 20:35 - 2016-04-08 22:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-08-24 20:35 - 2016-04-08 22:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-08-24 20:35 - 2016-04-08 22:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-08-24 20:35 - 2016-04-08 22:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-08-24 20:35 - 2016-04-08 22:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-08-24 20:35 - 2016-04-08 22:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-08-24 20:35 - 2016-04-08 22:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-08-24 20:35 - 2016-04-08 22:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-08-24 20:35 - 2016-04-08 22:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 22:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 22:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 22:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-24 20:35 - 2016-04-08 21:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-08-24 20:35 - 2016-04-06 08:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-08-24 20:28 - 2016-07-08 08:01 - 03218944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-08-24 15:08 - 2016-08-24 15:08 - 04365182 _____ C:\Users\rusobr2\Downloads\How to do a back bend over.mp4
2016-08-23 13:13 - 2016-08-23 13:13 - 48627963 _____ C:\Users\rusobr2\Downloads\Desafio da piscina na yoga challenge at the beach.mp4
2016-08-23 00:48 - 2016-08-23 00:48 - 20983192 _____ C:\Users\rusobr2\Downloads\#YOGA #CHALLENGE #WITH #GIRLFRIEND - #POOL CHALLENGE #BEST #FRIENDS (201).mp4.mp4
2016-08-23 00:39 - 2016-08-23 00:40 - 130612113 _____ C:\Users\rusobr2\Downloads\Girls Having A Swim in The Lake.mp4
2016-08-23 00:34 - 2016-08-23 00:34 - 43724095 _____ C:\Users\rusobr2\Downloads\Girls Gymnastics Challenge in Small Pool.mp4
2016-08-22 23:52 - 2016-08-22 23:52 - 28694588 _____ C:\Users\rusobr2\Downloads\Oque eu levo para a piscina.mp4
2016-08-21 09:11 - 2016-08-21 09:11 - 33331954 _____ C:\Users\rusobr2\Downloads\My new gymnastics skills.mp4
2016-08-20 15:28 - 2016-08-20 15:28 - 42159687 _____ C:\Users\rusobr2\Downloads\Women's water polo FINA 2016 underwater highlights Pt1.mp4
2016-08-15 11:30 - 2016-08-15 11:30 - 20137015 _____ C:\Users\rusobr2\Downloads\How To Do The Splits Quickly!.mp4
2016-08-15 10:53 - 2016-08-15 10:53 - 42404459 _____ C:\Users\rusobr2\Downloads\Gymnastics challenge.mp4
2016-08-13 15:17 - 2016-08-13 15:18 - 98481160 _____ C:\Users\rusobr2\Downloads\7 июня 2016 г.mp4
2016-08-13 11:35 - 2016-08-13 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-13 09:56 - 2016-08-13 09:57 - 36870816 _____ C:\Users\rusobr2\Downloads\Не своими ногами_NOT MY LEGS CHALLENGE.mp4
2016-08-13 06:56 - 2016-08-13 06:57 - 30125516 _____ C:\Users\rusobr2\Downloads\Yoga Challenge.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-06 21:46 - 2015-09-27 10:57 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\vlc
2016-09-06 21:45 - 2015-09-15 15:17 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\360safe
2016-09-06 21:45 - 2015-09-15 15:16 - 00000000 ____D C:\Users\rusobr2\AppData\LocalLow\360WD
2016-09-06 21:16 - 2016-05-26 09:32 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-06 21:13 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-06 21:13 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-06 02:11 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2016-09-02 13:37 - 2015-12-02 02:43 - 00000000 ____D C:\Users\rusobr2\dwhelper
2016-09-01 08:59 - 2009-07-13 22:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-01 08:54 - 2015-11-19 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-01 08:54 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-08-25 01:19 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2016-08-24 20:49 - 2011-04-12 01:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-24 20:44 - 2014-07-31 14:32 - 00000000 ____D C:\windows\system32\MRT
2016-08-24 20:39 - 2014-07-31 14:32 - 147640136 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-08-22 11:35 - 2015-09-25 06:13 - 00000000 ____D C:\Users\rusobr2\Downloads\MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos_files
2016-08-20 08:17 - 2015-09-25 21:13 - 00004478 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-13 11:35 - 2016-03-05 12:34 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-13 11:35 - 2016-03-02 12:34 - 00001926 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-07 08:20 - 2015-09-28 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-07 08:20 - 2015-09-27 10:56 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by rusobr2 (06-09-2016 21:47:57)
Running from C:\Users\rusobr2\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-15 21:37:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-436883666-1139675966-1884149517-500 - Administrator - Disabled)
Guest (S-1-5-21-436883666-1139675966-1884149517-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-436883666-1139675966-1884149517-1002 - Limited - Enabled)
rusobr2 (S-1-5-21-436883666-1139675966-1884149517-1000 - Administrator - Enabled) => C:\Users\rusobr2
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.6.0.1158 - 360 Security Center)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32\...\{98B82958-1DCA-4504-BE88-C91F1C7A7225}) (Version: 1 - D-Link)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
RealDownloader (x32 Version: 18.1.2.179 - RealNetworks) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Unknown File Handler (HKLM-x32\...\UFH_is1) (Version: 2015.12.29.0 - File.org)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {112EB998-21AB-451B-84E6-16B7E490B7D8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-30] (Adobe Systems Incorporated)
Task: {17F5B756-88DC-4AF9-B7DF-CE86CB01E698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {695CC8BF-7C35-4760-B577-C7930E2F8504} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-436883666-1139675966-1884149517-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8EF0AFD9-13F3-4129-A4D3-6A35AA6C13FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {E79D24D9-EF3C-4FAB-96D2-1E132CFCF8E4} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {EB701FFA-2793-4687-91C5-B5E75F882E3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {F772966F-99C1-4160-BADC-979584135DBE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-436883666-1139675966-1884149517-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)