cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by Usuario (administrator) on USUARIO-PC on 26-12-2014 08:33:52
Running from C:\Users\Usuario\Downloads
Loaded Profile: Usuario (Available profiles: Usuario)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKU\S-1-5-21-1144292019-2563834070-1988740619-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-1144292019-2563834070-1988740619-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S1].txt [985 2014-12-25] ()
HKU\S-1-5-21-1144292019-2563834070-1988740619-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1144292019-2563834070-1988740619-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1144292019-2563834070-1988740619-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49611;https=127.0.0.1:49611
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1144292019-2563834070-1988740619-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1144292019-2563834070-1988740619-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{C31F5793-DD21-4E3B-9AD8-0E197C7FCF2D}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\hj3yggok.default-1404748270349
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.br/RCplugin -> C:\Users\Usuario\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Usuario\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1144292019-2563834070-1988740619-1000: @nsroblox.roblox.com/launcher -> C:\Users\Usuario\AppData\Local\Roblox\Versions\version-c4060e4821af4163\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-1144292019-2563834070-1988740619-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Usuario\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1144292019-2563834070-1988740619-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.facebook.com/", "hxxp://google.com/"
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-06-04]
CHR Extension: (Google Docs) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-04]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-04]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-04]
CHR Extension: (Adblock Plus) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-07]
CHR Extension: (Pesquisa do Google) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-04]
CHR Extension: (XJZ Survey Remover) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cphljojhgmnabimjemakjleocdheengh [2014-08-30]
CHR Extension: (LoL Stream Browser) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-06-04]
CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-11-22]
CHR Extension: (Google Wallet) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-04]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\39.0.2171.46\remoting_host.exe [56648 2014-10-29] (Google Inc.)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S2 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-27] (Electronic Arts)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-25] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-07-15] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-07-15] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-08] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 npkcrypt; C:\Program Files (x86)\Old Times + Ragnarok\npkcrypt.sys [21442 2005-09-07] (INCA Internet Co., Ltd.) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-08-28] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S2 WiseFS; C:\Program Files (x86)\Wise\Wise Folder Hider\WiseFs64.sys [10280 2014-03-14] ()
S2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2009-02-28] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 korzgsio; \??\C:\Windows\system32\drivers\korzgsio.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 MpKslbddcd41f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF17D603-E5AD-4257-B676-2F7B614E2489}\MpKslbddcd41f.sys [X]
S3 npkycryp; \??\C:\Program Files (x86)\Old Times + Ragnarok\npkycryp.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Spring64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S1 uvpbvnsp; \??\C:\Windows\system32\drivers\uvpbvnsp.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 08:33 - 2014-12-26 08:34 - 00016385 _____ () C:\Users\Usuario\Downloads\FRST.txt
2014-12-26 08:32 - 2014-12-26 08:33 - 00000000 ____D () C:\FRST
2014-12-26 08:32 - 2014-12-26 08:32 - 02122240 _____ (Farbar) C:\Users\Usuario\Downloads\FRST64.exe
2014-12-26 00:30 - 2014-12-26 00:18 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-26 00:20 - 2014-12-26 00:31 - 00012794 _____ () C:\zoek-results.log
2014-12-26 00:18 - 2014-12-26 00:27 - 00000000 ____D () C:\zoek_backup
2014-12-26 00:17 - 2014-12-26 00:17 - 01295360 _____ () C:\Users\Usuario\Downloads\zoek.exe
2014-12-26 00:09 - 2014-12-26 00:09 - 00000770 _____ () C:\Users\Usuario\Desktop\JRT.txt
2014-12-25 23:07 - 2014-12-25 23:10 - 00000000 ____D () C:\Program Files (x86)\HDD Regenerator
2014-12-25 23:07 - 2014-12-25 23:07 - 00001975 _____ () C:\Users\Public\Desktop\HDD Regenerator.lnk
2014-12-25 23:07 - 2014-12-25 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2014-12-25 22:44 - 2014-12-25 22:44 - 00000582 __RSH () C:\Users\Todos os Usuários\ntuser.pol
2014-12-25 22:44 - 2014-12-25 22:44 - 00000582 __RSH () C:\ProgramData\ntuser.pol
2014-12-25 18:56 - 2014-12-25 18:56 - 00007235 _____ () C:\Users\Usuario\Desktop\hijackthis2.txt
2014-12-25 17:11 - 2014-12-25 17:41 - 3319478272 _____ () C:\Users\Usuario\Downloads\X17-24395.iso
2014-12-25 15:12 - 2014-12-25 15:12 - 00003007 _____ () C:\Users\Usuario\Desktop\HiJackThis.lnk
2014-12-25 15:12 - 2014-12-25 15:12 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-12-25 15:12 - 2014-12-25 15:12 - 00000000 ____D () C:\Program Files (x86)\HiJackThis
2014-12-25 03:13 - 2014-12-25 03:13 - 00045584 _____ () C:\ComboFix.txt
2014-12-25 02:54 - 2011-06-26 04:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-25 02:54 - 2010-11-07 15:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-25 02:54 - 2009-04-20 02:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-25 02:54 - 2000-08-30 22:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-25 02:54 - 2000-08-30 22:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-25 02:54 - 2000-08-30 22:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-25 02:54 - 2000-08-30 22:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-25 02:54 - 2000-08-30 22:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-25 02:51 - 2014-12-25 03:13 - 00000000 ____D () C:\Qoobox
2014-12-25 02:50 - 2014-12-25 03:12 - 00000000 ____D () C:\Windows\erdnt
2014-12-25 02:49 - 2014-12-25 02:49 - 05603465 ____R (Swearware) C:\Users\Usuario\Downloads\ComboFix.exe
2014-12-25 02:19 - 2014-12-25 02:19 - 01264968 _____ (Microsoft Corporation) C:\Users\Usuario\Downloads\vs_ultimate(1).exe
2014-12-25 01:45 - 2014-12-25 01:45 - 00000000 ____D () C:\Windows\ERUNT
2014-12-25 01:44 - 2014-12-25 01:44 - 01707646 _____ (Thisisu) C:\Users\Usuario\Downloads\JRT.exe
2014-12-25 00:56 - 2014-12-25 23:47 - 00000000 ____D () C:\AdwCleaner
2014-12-25 00:55 - 2014-12-25 00:55 - 02173952 _____ () C:\Users\Usuario\Downloads\adwcleaner_4.106.exe
2014-12-25 00:46 - 2014-12-25 00:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-12-25 00:44 - 2014-12-25 00:44 - 01402880 _____ () C:\Users\Usuario\Downloads\HijackThis.msi
2014-12-25 00:35 - 2014-12-25 18:41 - 00109635 _____ () C:\Users\Usuario\Desktop\avgrep.txt
2014-12-25 00:13 - 2014-12-25 00:13 - 00000000 ____D () C:\Users\Usuario\AppData\Local\Downloaded Installations
2014-12-25 00:10 - 2014-12-25 00:10 - 08318088 _____ (Abstradrome ) C:\Users\Usuario\Downloads\hr2011.exe
2014-12-25 00:04 - 2014-12-25 00:06 - 00368256 _____ (RegNow.com) C:\Users\Usuario\Downloads\Download_hr.exe
2014-12-24 23:23 - 2014-12-24 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-24 22:28 - 2014-12-24 22:28 - 00006576 ____N () C:\bootsqm.dat
2014-12-24 16:46 - 2014-10-18 00:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-24 16:46 - 2014-10-17 23:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-24 16:46 - 2014-07-07 00:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-24 16:46 - 2014-07-07 00:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-24 16:46 - 2014-07-07 00:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-24 16:46 - 2014-07-07 00:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-24 16:46 - 2014-07-06 23:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-24 16:46 - 2014-07-06 23:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-24 16:46 - 2014-07-06 23:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-24 16:46 - 2014-07-06 23:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-24 16:46 - 2014-06-27 00:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-12-24 16:46 - 2014-06-26 23:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-12-24 16:40 - 2014-06-30 20:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-24 16:40 - 2014-06-30 20:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-12-24 16:40 - 2014-03-09 19:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-24 16:40 - 2014-03-09 19:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-24 16:40 - 2014-03-09 19:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-12-24 16:40 - 2014-03-09 19:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-12-24 16:39 - 2014-06-06 04:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-24 16:39 - 2014-06-06 04:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-24 16:05 - 2014-12-24 16:05 - 00000000 ___RD () C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2014-12-18 00:50 - 2014-07-14 00:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-18 00:50 - 2014-07-13 23:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-18 00:49 - 2014-10-18 00:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-18 00:49 - 2014-10-17 23:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-17 19:03 - 2014-12-17 19:03 - 00002947 _____ () C:\Users\Usuario\Desktop\aida64.lnk
2014-12-17 19:02 - 2014-12-17 19:02 - 00000000 ____D () C:\Users\Usuario\Documents\Aida64
2014-12-13 21:45 - 2014-12-13 21:45 - 00001198 _____ () C:\Users\Usuario\Documents\contradição.txt
2014-12-13 18:55 - 2014-12-13 18:55 - 00010852 _____ () C:\Users\Usuario\Documents\contasnetflix.txt
2014-12-12 00:08 - 2014-12-12 02:03 - 1073742336 _____ () C:\TestDisk.vhd
2014-12-11 23:59 - 2014-12-11 23:59 - 00841027 _____ () C:\Users\Usuario\Downloads\WDR (1).zip
2014-12-11 23:18 - 2014-12-11 23:47 - 00861791 _____ () C:\Users\Usuario\Downloads\WDR.zip
2014-11-30 19:07 - 2014-11-30 19:07 - 00292640 _____ () C:\Windows\Minidump\113014-34101-01.dmp
2014-11-29 00:54 - 2014-11-29 01:03 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\LeagueSharp
2014-11-29 00:47 - 2014-11-12 18:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-29 00:43 - 2014-11-12 22:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-29 00:43 - 2014-11-12 22:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-29 00:43 - 2014-11-12 22:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-28 19:54 - 2014-11-28 19:54 - 00044269 _____ () C:\Users\Usuario\Downloads\DxDiag.txt
2014-11-28 19:08 - 2014-11-12 22:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-11-28 19:08 - 2014-11-12 22:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-11-28 19:08 - 2014-11-12 22:20 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-28 16:33 - 2014-11-28 16:33 - 00292672 _____ () C:\Windows\Minidump\112814-46535-01.dmp
2014-11-28 10:43 - 2014-11-28 10:43 - 00291384 _____ () C:\Windows\Minidump\112814-45099-01.dmp
2014-11-27 10:01 - 2014-11-27 10:01 - 00292616 _____ () C:\Windows\Minidump\112714-48422-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 00:30 - 2014-06-01 11:53 - 00028168 _____ () C:\Windows\PFRO.log
2014-12-26 00:28 - 2014-07-04 01:30 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-26 00:28 - 2014-07-04 01:30 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-26 00:28 - 2014-07-04 01:30 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Google
2014-12-26 00:28 - 2014-07-04 01:30 - 00000000 ____D () C:\Users\Convidado\AppData\Local\Comodo
2014-12-26 00:28 - 2014-07-04 01:30 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Google
2014-12-26 00:28 - 2014-07-04 01:30 - 00000000 ____D () C:\Users\Administrador\AppData\Local\Comodo
2014-12-26 00:28 - 2013-04-26 04:50 - 00000000 ____D () C:\Users\Usuario\AppData\Local\Google
2014-12-26 00:28 - 2013-04-26 04:21 - 00000000 ____D () C:\Users\Usuario
2014-12-26 00:28 - 2009-07-14 01:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-26 00:28 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-12-25 23:39 - 2014-06-03 23:58 - 00000000 ____D () C:\Users\Usuario\AppData\Local\Apps\2.0
2014-12-25 23:36 - 2013-04-26 04:18 - 01129288 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 23:36 - 2013-04-25 18:29 - 00000000 ____D () C:\Users\Todos os Usuários\Temp
2014-12-25 23:36 - 2013-04-25 18:29 - 00000000 ____D () C:\ProgramData\Temp
2014-12-25 22:51 - 2014-11-15 23:45 - 00000000 ____D () C:\Users\Todos os Usuários\MFAData
2014-12-25 22:51 - 2014-11-15 23:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-25 22:50 - 2013-10-29 19:47 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 22:50 - 2009-07-14 02:45 - 00010384 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-25 22:50 - 2009-07-14 02:45 - 00010384 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-25 22:44 - 2014-11-15 21:25 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 22:42 - 2014-03-02 11:48 - 00126046 _____ () C:\Windows\setupact.log
2014-12-25 22:42 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 20:39 - 2014-11-15 21:25 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-25 18:55 - 2013-10-18 21:23 - 00000000 ___RD () C:\Users\Usuario\Dropbox
2014-12-25 18:55 - 2013-10-18 21:21 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\Dropbox
2014-12-25 15:35 - 2009-07-14 15:55 - 00706584 _____ () C:\Windows\system32\prfh0416.dat
2014-12-25 15:35 - 2009-07-14 15:55 - 00148384 _____ () C:\Windows\system32\prfc0416.dat
2014-12-25 15:35 - 2009-07-14 03:13 - 01636066 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-25 03:10 - 2009-07-14 00:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-25 02:12 - 2014-06-20 23:40 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\NoNameScript
2014-12-25 02:10 - 2014-10-28 09:22 - 00000000 ____D () C:\Program Files (x86)\GitzWc
2014-12-25 02:09 - 2013-04-27 01:35 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\Adobe
2014-12-25 02:09 - 2013-04-26 05:22 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-25 02:02 - 2014-01-30 19:07 - 00007617 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2014-12-25 01:27 - 2014-06-24 20:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-25 01:19 - 2014-01-09 21:36 - 00000000 ____D () C:\Program Files (x86)\Rust
2014-12-25 00:46 - 2013-08-28 23:10 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\DAEMON Tools Lite
2014-12-25 00:46 - 2013-08-28 23:10 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-12-24 23:03 - 2014-11-16 00:04 - 00000000 ____D () C:\Users\Todos os Usuários\AVG2015
2014-12-24 23:03 - 2014-11-16 00:04 - 00000000 ____D () C:\ProgramData\AVG2015
2014-12-24 23:00 - 2013-10-29 19:47 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-24 22:59 - 2013-06-07 00:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-24 22:59 - 2013-06-07 00:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-24 22:35 - 2013-10-18 21:23 - 00001025 _____ () C:\Users\Usuario\Desktop\Dropbox.lnk
2014-12-24 22:35 - 2013-10-18 21:21 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-24 22:31 - 2013-07-06 19:25 - 00000000 ____D () C:\Users\Todos os Usuários\NVIDIA
2014-12-24 22:31 - 2013-07-06 19:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-24 16:49 - 2013-04-26 05:23 - 00000000 ____D () C:\Users\Todos os Usuários\Microsoft Help
2014-12-24 16:49 - 2013-04-26 05:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-24 16:06 - 2014-06-29 23:24 - 00000000 ____D () C:\Users\Usuario\AppData\Local\Adobe
2014-12-17 19:00 - 2013-05-24 13:40 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-12-17 19:00 - 2013-04-26 05:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-17 18:43 - 2014-11-15 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-17 18:43 - 2014-10-17 23:33 - 00000000 ____D () C:\Users\Usuario\Documents\LeagueSharp
2014-12-17 18:43 - 2014-09-17 10:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-17 18:43 - 2014-02-01 00:43 - 00000000 ____D () C:\Users\Usuario\Documents\BolStudio
2014-12-17 18:43 - 2013-06-07 23:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-17 18:43 - 2013-06-07 00:14 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-17 18:43 - 2013-04-28 16:41 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\uTorrent
2014-12-17 18:43 - 2013-04-27 14:35 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\Skype
2014-12-17 18:43 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\registration
2014-12-17 18:39 - 2013-05-15 20:20 - 00000000 ____D () C:\Users\Usuario\AppData\Local\Mozilla
2014-12-17 18:38 - 2014-11-25 23:41 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-12-17 18:38 - 2013-04-27 14:35 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2014-12-17 18:38 - 2013-04-27 14:35 - 00000000 ____D () C:\ProgramData\Skype
2014-12-17 18:37 - 2013-04-26 05:21 - 00000000 ___RD () C:\MSOCache
2014-12-17 13:45 - 2014-03-20 22:09 - 00000000 ____D () C:\Users\Usuario\Tracing
2014-12-16 23:44 - 2013-04-29 20:30 - 00040499 _____ () C:\Users\Usuario\Documents\xhm.txt
2014-12-12 23:41 - 2014-02-01 00:44 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\BoL
2014-12-12 00:14 - 2013-06-07 00:25 - 00000198 _____ () C:\Users\Usuario\Documents\dados cadastrais games.txt
2014-12-06 19:55 - 2014-06-06 19:05 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\TS3Client
2014-12-02 18:07 - 2014-06-03 23:58 - 00000000 ____D () C:\Users\Usuario\AppData\Local\Deployment
2014-11-30 19:07 - 2014-03-06 19:49 - 301150274 _____ () C:\Windows\MEMORY.DMP
2014-11-30 19:07 - 2013-04-28 11:57 - 00000000 ____D () C:\Windows\Minidump
2014-11-29 00:48 - 2014-10-17 02:49 - 00000000 ____D () C:\temp
2014-11-29 00:48 - 2013-04-26 05:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-29 00:47 - 2013-04-26 05:10 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-28 22:44 - 2013-06-06 13:10 - 00000000 ____D () C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-28 22:44 - 2013-06-06 00:17 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-28 19:55 - 2013-06-27 13:38 - 00000000 ____D () C:\Program Files\cFosSpeed
2014-11-28 19:45 - 2009-07-14 01:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-28 19:14 - 2014-04-13 03:19 - 00000000 ____D () C:\Users\Todos os Usuários\HappyCloud
2014-11-28 19:14 - 2014-04-13 03:19 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-11-28 18:58 - 2014-02-09 14:03 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-11-27 20:27 - 2014-06-01 03:23 - 00000000 ____D () C:\Users\Todos os Usuários\Origin
2014-11-27 20:27 - 2014-06-01 03:23 - 00000000 ____D () C:\ProgramData\Origin
2014-11-27 20:24 - 2014-06-01 03:23 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-27 20:23 - 2014-06-01 03:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-26 23:52 - 2014-05-30 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-11-26 18:40 - 2014-11-15 21:26 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

Files to move or delete:
====================
C:\Users\Usuario\jagex_cl_runescape_LIVE.dat
C:\Users\Usuario\random.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 13:46

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité