cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:14-12-2015
Executado por JD_LC (administrador) em JD_LC-PC (15-12-2015 23:37:00)
Executando a partir de E:\Users\JD_LC\Desktop
Perfis Carregados: JD_LC (Perfis Disponíveis: JD_LC & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(IObit) E:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) E:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) E:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) E:\Windows\System32\wlanext.exe
(IObit) E:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) E:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) E:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(CybelSoft) E:\Program Files\ma-config.com\MaConfigAgent.exe
(Microsoft Corporation) E:\Windows\System32\GWX\GWX.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() E:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
(Malwarebytes) E:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IObit) E:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Avanquest Software) E:\Users\JD_LC\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
(BitTorrent Inc.) E:\Users\JD_LC\AppData\Roaming\uTorrent\uTorrent.exe
() E:\ProgramData\WindowsMsg\osmsg.exe
(Ralink Technology, Corp.) E:\Program Files (x86)\Ralink\Common\ApUI.exe
(Dropbox, Inc.) E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ralink Technology, Corp.) E:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(IObit) E:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Ralink Technology, Corp.) E:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(BitTorrent Inc.) E:\Users\JD_LC\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(BitTorrent Inc.) E:\Users\JD_LC\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Microsoft Corporation) E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VIA Technologies, Inc.) E:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) E:\Windows\System32\alg.exe
(Avast Software) E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(IObit) E:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Adobe Systems Incorporated) E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() E:\Program Files (x86)\WeatherTool\2.0.0.10998\WeatherService.exe
(ShenZhen Enode Techology co,.Ltd) E:\Program Files (x86)\WeatherTool\2.0.0.10998\weather.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) E:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => E:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5844800 2015-04-02] (IObit)
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Run: [Advanced SystemCare 8] => E:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Run: [Avanquest Message] => E:\Users\JD_LC\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [374240 2015-02-27] (Avanquest Software)
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Run: [Dropbox Update] => E:\Users\JD_LC\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-15] (Dropbox, Inc.)
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Run: [uTorrent] => E:\Users\JD_LC\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Run: [osmsg] => E:\ProgramData\WindowsMsg\osmsg.exe [2920448 2015-12-02] ()
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Run: [X-Proxy] => E:\Users\JD_LC\AppData\Local\Apps\2.0\8OX333EE.MMV\X8J6PMEJ.RDJ\x-pr..tion_97cf6c8cf6459fff_0006.0001_f3621adb78512d3c\X-Proxy.exe [628104 2015-12-06] (Sauces Software)
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [SmartRAM] => E:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [535840 2014-09-02] (IObit)
HKU\S-1-5-18\...\RunOnce: [SPReview] => E:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-08] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-11-11]
ShortcutTarget: Ralink Wireless Utility.lnk -> E:\Program Files (x86)\Ralink\Common\ApUI.exe (Ralink Technology, Corp.)
Startup: E:\Users\JD_LC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-15]
ShortcutTarget: Dropbox.lnk -> E:\Users\JD_LC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-2662280489-2615740208-2487742208-1003\User: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-2662280489-2615740208-2487742208-1000] => 77.245.110.111:8080
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.100 0.0.0.0
Tcpip\..\Interfaces\{0CB47B86-7C92-4B9C-A072-C2DD0CD8DA90}: [NameServer] 208.67.222.123,208.67.220.123
Tcpip\..\Interfaces\{A191808B-4722-4F02-934B-9E28D6F836C9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E0349DC1-66E2-4A59-9A7B-A8D5A4646FD1}: [DhcpNameServer] 192.168.0.100 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://br.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2662280489-2615740208-2487742208-1000 -> DefaultScope {B1E6A837-0E8F-4C1C-AAC0-6557F21D16A5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2662280489-2615740208-2487742208-1000 -> {B1E6A837-0E8F-4C1C-AAC0-6557F21D16A5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> E:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-21] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> E:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> E:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-01-18] (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-08] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> E:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
BHO: Sem Nome -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Nenhum Arquivo
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> E:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> E:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-01-18] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-08] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> E:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> E:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: Sem Nome -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Nenhum Arquivo
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-01-18] (AVAST Software)
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
Toolbar: HKLM-x32 - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-01-18] (AVAST Software)
Toolbar: HKU\S-1-5-21-2662280489-2615740208-2487742208-1000 -> avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - E:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-01-18] (AVAST Software)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: E:\Users\JD_LC\AppData\Roaming\Mozilla\Firefox\Profiles\9oiesi7f.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> E:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-11] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> E:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> E:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> E:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> E:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> E:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> e:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> E:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2662280489-2615740208-2487742208-1000: @Skype Limited.com/Facebook Video Calling Plugin -> E:\Users\JD_LC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: E:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF SearchPlugin: E:\Users\JD_LC\AppData\Roaming\Mozilla\Firefox\Profiles\9oiesi7f.default\searchplugins\7071285EEB18.xml [2015-11-29]
FF SearchPlugin: E:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-26]
FF SearchPlugin: E:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-26]
FF Extension: Advanced SystemCare Surfing Protection - E:\Users\JD_LC\AppData\Roaming\Mozilla\Firefox\Profiles\9oiesi7f.default\extensions\iobitascsurfingprotection@iobit.com [2015-07-01] [não assinado]
FF Extension: Advanced SystemCare Surfing Protection - E:\Users\JD_LC\AppData\Roaming\Mozilla\Firefox\Profiles\9oiesi7f.default\Extensions\ascsurfingprotection@iobit.com [2015-08-29] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-08]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - E:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - E:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-08]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: E:\Program Files (x86)\mozilla firefox\defaults\pref\!2CA21EE73F04DD8796B2E0AD9D4FC6962CA2.js [2015-11-09] <==== ATENÇÃO
FF ExtraCheck: E:\Program Files (x86)\mozilla firefox\2CA21EE73F04DD8796B2E0AD9D4FC6962CA2 [2015-11-09] <==== ATENÇÃO

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com.br/
CHR StartupUrls: Default -> "hxxp://google.com.br/"
CHR Profile: E:\Users\JD_LC\AppData\Local\Google\Chrome\User Data\Default
CHR HKU\S-1-5-21-2662280489-2615740208-2487742208-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - E:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-08]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService8; E:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-08] (AVAST Software)
R3 AvastVBoxSvc; E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5554152 2015-11-08] (Avast Software)
S3 c2wts; E:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
S3 fussvc; E:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Arquivo não assinado]
S2 GoogleChromeUpService; E:\ProgramData\upgsvr.exe [1762304 2015-10-16] (TODO: <公司名>) [Arquivo não assinado]
R2 IMFservice; E:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878912 2015-04-02] (IObit)
S2 LiveUpdateSvc; E:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 MaConfigAgent; E:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-10-15] (CybelSoft)
R2 MBAMScheduler; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; E:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MySQL56; E:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [13057024 2015-05-05] () [Arquivo não assinado]
R2 RalinkRegistryWriter; E:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-01-13] (Ralink Technology, Corp.) [Arquivo não assinado]
R2 RalinkRegistryWriter64; E:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-01-13] (Ralink Technology, Corp.) [Arquivo não assinado]
S2 RaMediaServer; E:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
S3 SwitchBoard; E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 Te.Service; E:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Arquivo não assinado]
R2 TheDesktopWeatherService; E:\Program Files (x86)\WeatherTool\2.0.0.10998\WeatherService.exe [152008 2015-11-01] ()
R2 VIAKaraokeService; E:\Windows\system32\viakaraokesrv.exe [27768 2014-12-06] (VIA Technologies, Inc.)
S3 VsEtwService120; E:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
R2 WinDefend; E:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 61883; E:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
R3 Apowersoft_AudioDevice; E:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 asfilterdrv; E:\Windows\System32\drivers\asfilterdrv.sys [57656 2015-08-12] (Windows (R) Win 7 DDK provider)
R2 aswHwid; E:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-08] (AVAST Software)
R2 aswMonFlt; E:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-08] (AVAST Software)
R1 aswRdr; E:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-08] (AVAST Software)
R0 aswRvrt; E:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-08] (AVAST Software)
R1 aswSnx; E:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; E:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; E:\Windows\system32\drivers\aswStm.sys [154256 2015-11-08] (AVAST Software)
R0 aswVmm; E:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-08] (AVAST Software)
S3 BdApiUtil; não ImagePath
S3 BdCameraProtect; não ImagePath
R1 Bfilter; E:\Windows\System32\drivers\Bfilter.sys [52032 2014-01-21] (Baidu, Inc.)
R1 Bfmon; E:\Windows\System32\drivers\Bfmon.sys [34624 2014-01-21] (Baidu, Inc.)
R1 Bprotect; E:\Windows\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.)
S3 BprotectEx; não ImagePath
R1 crfilterdrv; E:\Windows\System32\drivers\crfilterdrv.sys [57160 2015-08-12] (Windows (R) Win 7 DDK provider)
S3 ebdrv; E:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 FileMonitor; E:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; E:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-01] (REALiX(tm))
S3 ma-config_amd64; E:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
R1 mbamchameleon; E:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; E:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; E:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-15] (Malwarebytes)
R3 MBAMWebAccessControl; E:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; E:\Windows\System32\Drivers\ngvss.sys [147088 2015-11-08] (AVAST Software)
R3 RegFilter; E:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; E:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R0 sptd; E:\Windows\System32\Drivers\sptd.sys [381440 2014-01-18] (Duplex Secure Ltd.)
R1 ssfilterdrv; E:\Windows\System32\drivers\ssfilterdrv.sys [57152 2015-08-12] (Windows (R) Win 7 DDK provider)
R3 UrlFilter; E:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
R2 VBoxAswDrv; E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [310904 2015-11-08] (Avast Software)
U3 am5k43o1; E:\Windows\System32\Drivers\am5k43o1.sys [0 ] (Advanced Micro Devices) <==== ATENÇÃO (zero byte Arquivo/Pasta)
S3 cpuz134; \??\E:\Users\JD_LC\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 cpuz137; \??\E:\Users\JD_LC\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 PCFApiUtil; \??\E:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-15 23:31 - 2015-12-15 23:31 - 00094247 _____ E:\Users\JD_LC\Desktop\Shortcut.txt
2015-12-15 23:29 - 2015-12-15 23:31 - 00071824 _____ E:\Users\JD_LC\Desktop\Addition.txt
2015-12-15 23:28 - 2015-12-15 23:37 - 00029750 _____ E:\Users\JD_LC\Desktop\FRST.txt
2015-12-15 23:27 - 2015-12-15 23:37 - 00000000 ____D E:\FRST
2015-12-15 23:26 - 2015-12-15 23:26 - 02369536 _____ (Farbar) E:\Users\JD_LC\Desktop\FRST64.exe
2015-12-15 23:19 - 2015-12-15 23:19 - 00000000 ____D E:\Program Files (x86)\WeatherTool
2015-12-15 14:47 - 2015-12-15 14:48 - 00000000 ____D E:\Users\JD_LC\Downloads\Desencontro Perfeito (2015) 5.1 CH Dublado 720p (By-LuanHarper)
2015-12-15 14:31 - 2015-12-15 14:31 - 00000000 ____D E:\Users\JD_LC\Downloads\Música Amigos e Festa 2015 720p WEB-DL Dublado - WWW.THEPIRATEFILMES.COM.mp4
2015-12-15 14:19 - 2015-12-15 14:29 - 00000000 ____D E:\Users\JD_LC\Downloads\Peter Pan 2015 720p BluRay Dublado - WWW.THEPIRATEFILMES.COM
2015-12-15 14:01 - 2015-12-15 14:03 - 00000000 ____D E:\Users\JD_LC\Downloads\Bata Antes de Entrar (2015) 5.1 CH Dublado 1080p (By-LuanHarper)
2015-12-15 14:00 - 2015-12-15 14:46 - 00000000 ____D E:\Users\JD_LC\Downloads\Nocaute (2015) Dublado 720p (By-LuanHarper)
2015-12-15 13:29 - 2015-12-15 13:29 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-12 10:05 - 2015-12-12 10:05 - 00000660 __RSH E:\Users\JD_LC\ntuser.pol
2015-12-11 13:55 - 2015-11-11 19:12 - 00387792 _____ (Microsoft Corporation) E:\Windows\system32\iedkcs32.dll
2015-12-11 13:55 - 2015-11-11 18:52 - 00341192 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iedkcs32.dll
2015-12-11 13:55 - 2015-11-11 14:21 - 25837568 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.dll
2015-12-11 13:55 - 2015-11-11 14:00 - 12856832 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieframe.dll
2015-12-11 13:55 - 2015-11-11 13:44 - 00416256 _____ (Microsoft Corporation) E:\Windows\SysWOW64\dxtmsft.dll
2015-12-11 13:55 - 2015-11-11 13:44 - 00279040 _____ (Microsoft Corporation) E:\Windows\SysWOW64\dxtrans.dll
2015-12-11 13:55 - 2015-11-11 13:41 - 20366848 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtml.dll
2015-12-11 13:55 - 2015-11-11 13:12 - 00092160 _____ (Microsoft Corporation) E:\Windows\system32\mshtmled.dll
2015-12-11 13:55 - 2015-11-11 12:57 - 00076288 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtmled.dll
2015-12-11 13:55 - 2015-11-09 22:24 - 02724864 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtml.tlb
2015-12-11 13:55 - 2015-11-09 22:13 - 00496640 _____ (Microsoft Corporation) E:\Windows\SysWOW64\vbscript.dll
2015-12-11 13:55 - 2015-11-09 22:13 - 00062464 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iesetup.dll
2015-12-11 13:55 - 2015-11-09 22:12 - 00341504 _____ (Microsoft Corporation) E:\Windows\SysWOW64\html.iec
2015-12-11 13:55 - 2015-11-09 22:12 - 00047616 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-11 13:55 - 2015-11-09 22:11 - 00064000 _____ (Microsoft Corporation) E:\Windows\SysWOW64\MshtmlDac.dll
2015-12-11 13:55 - 2015-11-09 22:08 - 02280448 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iertutil.dll
2015-12-11 13:55 - 2015-11-09 22:06 - 00047104 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jsproxy.dll
2015-12-11 13:55 - 2015-11-09 22:06 - 00030720 _____ (Microsoft Corporation) E:\Windows\SysWOW64\iernonce.dll
2015-12-11 13:55 - 2015-11-09 22:04 - 00476160 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieui.dll
2015-12-11 13:55 - 2015-11-09 22:03 - 00115712 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieUnatt.exe
2015-12-11 13:55 - 2015-11-09 22:02 - 00663552 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jscript.dll
2015-12-11 13:55 - 2015-11-09 22:02 - 00620032 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jscript9diag.dll
2015-12-11 13:55 - 2015-11-09 21:50 - 00060416 _____ (Microsoft Corporation) E:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-11 13:55 - 2015-11-09 21:47 - 00168960 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msrating.dll
2015-12-11 13:55 - 2015-11-09 21:46 - 04514816 _____ (Microsoft Corporation) E:\Windows\SysWOW64\jscript9.dll
2015-12-11 13:55 - 2015-11-09 21:44 - 00130048 _____ (Microsoft Corporation) E:\Windows\SysWOW64\occache.dll
2015-12-11 13:55 - 2015-11-09 21:37 - 00230400 _____ (Microsoft Corporation) E:\Windows\SysWOW64\webcheck.dll
2015-12-11 13:55 - 2015-11-09 21:36 - 02050560 _____ (Microsoft Corporation) E:\Windows\SysWOW64\inetcpl.cpl
2015-12-11 13:55 - 2015-11-09 21:36 - 00687104 _____ (Microsoft Corporation) E:\Windows\SysWOW64\msfeeds.dll
2015-12-11 13:55 - 2015-11-09 21:35 - 01155072 _____ (Microsoft Corporation) E:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-11 13:55 - 2015-11-09 21:17 - 02011136 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wininet.dll
2015-12-11 13:55 - 2015-11-09 21:14 - 01311744 _____ (Microsoft Corporation) E:\Windows\SysWOW64\urlmon.dll
2015-12-11 13:55 - 2015-11-09 21:12 - 00710144 _____ (Microsoft Corporation) E:\Windows\SysWOW64\ieapfltr.dll
2015-12-11 13:55 - 2015-11-08 20:33 - 02724864 _____ (Microsoft Corporation) E:\Windows\system32\mshtml.tlb
2015-12-11 13:55 - 2015-11-08 20:32 - 00004096 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollectorres.dll
2015-12-11 13:55 - 2015-11-08 20:16 - 00066560 _____ (Microsoft Corporation) E:\Windows\system32\iesetup.dll
2015-12-11 13:55 - 2015-11-08 20:15 - 02887168 _____ (Microsoft Corporation) E:\Windows\system32\iertutil.dll
2015-12-11 13:55 - 2015-11-08 20:15 - 00571392 _____ (Microsoft Corporation) E:\Windows\system32\vbscript.dll
2015-12-11 13:55 - 2015-11-08 20:15 - 00417792 _____ (Microsoft Corporation) E:\Windows\system32\html.iec
2015-12-11 13:55 - 2015-11-08 20:15 - 00048640 _____ (Microsoft Corporation) E:\Windows\system32\ieetwproxystub.dll
2015-12-11 13:55 - 2015-11-08 20:14 - 00088064 _____ (Microsoft Corporation) E:\Windows\system32\MshtmlDac.dll
2015-12-11 13:55 - 2015-11-08 20:07 - 00054784 _____ (Microsoft Corporation) E:\Windows\system32\jsproxy.dll
2015-12-11 13:55 - 2015-11-08 20:06 - 00034304 _____ (Microsoft Corporation) E:\Windows\system32\iernonce.dll
2015-12-11 13:55 - 2015-11-08 20:04 - 05923840 _____ (Microsoft Corporation) E:\Windows\system32\jscript9.dll
2015-12-11 13:55 - 2015-11-08 20:02 - 00615936 _____ (Microsoft Corporation) E:\Windows\system32\ieui.dll
2015-12-11 13:55 - 2015-11-08 20:01 - 00817664 _____ (Microsoft Corporation) E:\Windows\system32\jscript.dll
2015-12-11 13:55 - 2015-11-08 20:01 - 00814080 _____ (Microsoft Corporation) E:\Windows\system32\jscript9diag.dll
2015-12-11 13:55 - 2015-11-08 20:01 - 00144384 _____ (Microsoft Corporation) E:\Windows\system32\ieUnatt.exe
2015-12-11 13:55 - 2015-11-08 20:01 - 00114688 _____ (Microsoft Corporation) E:\Windows\system32\ieetwcollector.exe
2015-12-11 13:55 - 2015-11-08 19:52 - 00968704 _____ (Microsoft Corporation) E:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-11 13:55 - 2015-11-08 19:48 - 00489984 _____ (Microsoft Corporation) E:\Windows\system32\dxtmsft.dll
2015-12-11 13:55 - 2015-11-08 19:40 - 00077824 _____ (Microsoft Corporation) E:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-11 13:55 - 2015-11-08 19:35 - 00199680 _____ (Microsoft Corporation) E:\Windows\system32\msrating.dll
2015-12-11 13:55 - 2015-11-08 19:32 - 00315392 _____ (Microsoft Corporation) E:\Windows\system32\dxtrans.dll
2015-12-11 13:55 - 2015-11-08 19:29 - 00152064 _____ (Microsoft Corporation) E:\Windows\system32\occache.dll
2015-12-11 13:55 - 2015-11-08 19:18 - 00262144 _____ (Microsoft Corporation) E:\Windows\system32\webcheck.dll
2015-12-11 13:55 - 2015-11-08 19:15 - 00798208 _____ (Microsoft Corporation) E:\Windows\system32\msfeeds.dll
2015-12-11 13:55 - 2015-11-08 19:15 - 00718336 _____ (Microsoft Corporation) E:\Windows\system32\ie4uinit.exe
2015-12-11 13:55 - 2015-11-08 19:14 - 14456832 _____ (Microsoft Corporation) E:\Windows\system32\ieframe.dll
2015-12-11 13:55 - 2015-11-08 19:14 - 01359360 _____ (Microsoft Corporation) E:\Windows\system32\mshtmlmedia.dll
2015-12-11 13:55 - 2015-11-08 19:13 - 02123264 _____ (Microsoft Corporation) E:\Windows\system32\inetcpl.cpl
2015-12-11 13:55 - 2015-11-08 18:53 - 02487808 _____ (Microsoft Corporation) E:\Windows\system32\wininet.dll
2015-12-11 13:55 - 2015-11-08 18:41 - 01546752 _____ (Microsoft Corporation) E:\Windows\system32\urlmon.dll
2015-12-11 13:55 - 2015-11-08 18:30 - 00800768 _____ (Microsoft Corporation) E:\Windows\system32\ieapfltr.dll
2015-12-11 13:54 - 2015-11-05 17:02 - 00002048 _____ (Microsoft Corporation) E:\Windows\system32\tzres.dll
2015-12-11 13:54 - 2015-11-05 17:00 - 00002048 _____ (Microsoft Corporation) E:\Windows\SysWOW64\tzres.dll
2015-12-11 13:53 - 2015-11-11 16:53 - 01735680 _____ (Microsoft Corporation) E:\Windows\system32\comsvcs.dll
2015-12-11 13:53 - 2015-11-11 16:53 - 00525312 _____ (Microsoft Corporation) E:\Windows\system32\catsrvut.dll
2015-12-11 13:53 - 2015-11-11 16:39 - 01242624 _____ (Microsoft Corporation) E:\Windows\SysWOW64\comsvcs.dll
2015-12-11 13:53 - 2015-11-11 16:39 - 00487936 _____ (Microsoft Corporation) E:\Windows\SysWOW64\catsrvut.dll
2015-12-11 13:53 - 2015-11-10 16:55 - 01648128 _____ (Microsoft Corporation) E:\Windows\system32\DWrite.dll
2015-12-11 13:53 - 2015-11-10 16:55 - 01180160 _____ (Microsoft Corporation) E:\Windows\system32\FntCache.dll
2015-12-11 13:53 - 2015-11-10 16:55 - 01008640 _____ (Microsoft Corporation) E:\Windows\system32\user32.dll
2015-12-11 13:53 - 2015-11-10 16:39 - 01251328 _____ (Microsoft Corporation) E:\Windows\SysWOW64\DWrite.dll
2015-12-11 13:53 - 2015-11-10 16:37 - 00833024 _____ (Microsoft Corporation) E:\Windows\SysWOW64\user32.dll
2015-12-11 13:53 - 2015-11-10 15:47 - 03211264 _____ (Microsoft Corporation) E:\Windows\system32\win32k.sys
2015-12-11 13:53 - 2015-11-05 17:05 - 00017408 _____ (Microsoft Corporation) E:\Windows\system32\wshrm.dll
2015-12-11 13:53 - 2015-11-05 17:02 - 00014848 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wshrm.dll
2015-12-11 13:53 - 2015-11-05 07:53 - 00146944 _____ (Microsoft Corporation) E:\Windows\system32\Drivers\rmcast.sys
2015-12-11 13:53 - 2015-11-03 17:04 - 00802304 _____ (Microsoft Corporation) E:\Windows\system32\usp10.dll
2015-12-11 13:53 - 2015-11-03 16:56 - 00627712 _____ (Microsoft Corporation) E:\Windows\SysWOW64\usp10.dll
2015-12-11 13:49 - 2015-11-03 17:04 - 00241664 _____ (Microsoft Corporation) E:\Windows\system32\els.dll
2015-12-11 13:49 - 2015-11-03 16:55 - 00179712 _____ (Microsoft Corporation) E:\Windows\SysWOW64\els.dll
2015-12-11 12:15 - 2015-12-11 12:15 - 00000000 ____D E:\Users\Public\Documents\Guid
2015-12-09 23:34 - 2015-12-09 23:34 - 00000000 ____D E:\Users\Todos os Usuários\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-12-09 23:34 - 2015-12-09 23:34 - 00000000 ____D E:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-12-09 23:07 - 2015-12-15 23:07 - 00000000 ____D E:\Users\JD_LC\AppData\LocalLow\uTorrent
2015-12-07 21:14 - 2015-12-07 21:16 - 00000000 ____D E:\Users\JD_LC\Documents\Pen Drive of car
2015-12-07 13:44 - 2015-12-10 15:43 - 00600312 _____ E:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2015-12-07 13:44 - 2015-12-10 15:43 - 00600312 _____ E:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2015-12-06 12:49 - 2015-12-06 12:49 - 00000000 ____D E:\Users\JD_LC\AppData\Local\Sauces_Software
2015-12-06 03:33 - 2015-12-06 03:33 - 00000338 _____ E:\Users\JD_LC\Desktop\X-Proxy.appref-ms
2015-12-06 03:33 - 2015-12-06 03:33 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauces Software
2015-12-06 02:30 - 2015-12-06 02:30 - 03170304 _____ (Microsoft Corporation) E:\Windows\system32\wucltux.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 02609152 _____ (Microsoft Corporation) E:\Windows\system32\wuaueng.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00709632 _____ (Microsoft Corporation) E:\Windows\system32\wuapi.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00573440 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wuapi.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00192512 _____ (Microsoft Corporation) E:\Windows\system32\wuwebv.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00174080 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wuwebv.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00140288 _____ (Microsoft Corporation) E:\Windows\system32\wuauclt.exe
2015-12-06 02:30 - 2015-12-06 02:30 - 00098816 _____ (Microsoft Corporation) E:\Windows\system32\wudriver.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00093696 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wudriver.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00091136 _____ (Microsoft Corporation) E:\Windows\system32\WinSetupUI.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00037888 _____ (Microsoft Corporation) E:\Windows\system32\wups2.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00037888 _____ (Microsoft Corporation) E:\Windows\system32\wuapp.exe
2015-12-06 02:30 - 2015-12-06 02:30 - 00036864 _____ (Microsoft Corporation) E:\Windows\system32\wups.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00035328 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wuapp.exe
2015-12-06 02:30 - 2015-12-06 02:30 - 00030208 _____ (Microsoft Corporation) E:\Windows\SysWOW64\wups.dll
2015-12-06 02:30 - 2015-12-06 02:30 - 00012288 _____ (Microsoft Corporation) E:\Windows\system32\wu.upgrade.ps.dll
2015-12-05 23:49 - 2013-12-30 18:23 - 00001816 _____ E:\Users\Todos os Usuários\tops.exe
2015-12-05 23:49 - 2013-12-30 18:23 - 00001816 _____ E:\ProgramData\tops.exe
2015-12-04 14:57 - 2013-12-30 18:23 - 00001816 _____ E:\Users\Todos os Usuários\carssb.exe
2015-12-04 14:57 - 2013-12-30 18:23 - 00001816 _____ E:\ProgramData\carssb.exe
2015-12-03 11:12 - 2015-12-03 11:12 - 00000000 ____D E:\Windows\System32\Tasks\AVAST Software
2015-12-03 11:12 - 2015-12-03 11:12 - 00000000 ____D E:\Program Files\Common Files\AV
2015-12-03 11:09 - 2015-12-03 11:10 - 00000000 ____D E:\Users\Todos os Usuários\WindowsMsg
2015-12-03 11:09 - 2015-12-03 11:10 - 00000000 ____D E:\ProgramData\WindowsMsg
2015-12-03 11:07 - 2015-12-02 15:40 - 01308162 _____ ( ) E:\Users\Todos os Usuários\carss---.exe
2015-12-03 11:07 - 2015-12-02 15:40 - 01308162 _____ ( ) E:\ProgramData\carss---.exe
2015-12-03 00:49 - 2015-12-03 00:50 - 00000000 ____D E:\Program Files (x86)\Google
2015-12-03 00:00 - 2015-12-03 00:00 - 00000831 _____ E:\Users\Public\Desktop\VLC media player.lnk
2015-12-01 14:29 - 2015-12-01 14:29 - 00000000 ____D E:\Users\JD_LC\Downloads\Boulevard 1080p (2015) Dublado - WWW.THEPIRATEFILMES.COM
2015-12-01 14:06 - 2015-12-01 14:26 - 00000000 ____D E:\Users\JD_LC\Downloads\Dragon Ball Z A Queda dos Homens (2015) Blu-Ray 720p Legendado - WWW.THEPIRATEFILMES.COM
2015-12-01 14:06 - 2015-12-01 14:23 - 00000000 ____D E:\Users\JD_LC\Downloads\Maze Runner - Prova de Fogo (2015) 1080p 5.1Ch Dublado - Alan_680
2015-11-29 14:39 - 2015-11-29 14:39 - 00357020 _____ E:\Users\JD_LC\Desktop\AV1 e AV2 + simulado Paradigmas de Analise de Desenvolvimento.rar
2015-11-29 14:39 - 2015-11-29 14:39 - 00141324 _____ E:\Users\JD_LC\Desktop\Simulado paradigmas 2014.2 BDQ Prova.pdf
2015-11-29 14:37 - 2015-11-29 14:37 - 00182103 _____ E:\Users\JD_LC\Desktop\AV2 2014 paradigmas de analise e desenvolvimento.pdf
2015-11-29 14:34 - 2015-11-29 14:34 - 00088781 _____ E:\Users\JD_LC\Desktop\AV2 PARADIGMAS DE ANÁLISE E DESENVOLVIMENTO - Tiago Gomes.pdf
2015-11-29 13:41 - 2015-12-15 23:10 - 00192216 _____ (Malwarebytes) E:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-29 13:40 - 2015-11-29 13:40 - 00001106 _____ E:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-29 13:40 - 2015-11-29 13:40 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-29 13:40 - 2015-11-29 13:40 - 00000000 ____D E:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-29 13:40 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) E:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-29 13:40 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\mwac.sys
2015-11-29 13:40 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) E:\Windows\system32\Drivers\mbam.sys
2015-11-29 13:26 - 2015-11-29 13:26 - 00004188 _____ E:\Windows\System32\Tasks\task Update
2015-11-29 13:25 - 2015-11-29 13:25 - 00000000 ____D E:\Users\Public\Documents\dmp
2015-11-29 13:25 - 2015-08-12 11:16 - 00057160 _____ (Windows (R) Win 7 DDK provider) E:\Windows\system32\Drivers\crfilterdrv.sys
2015-11-29 13:25 - 2015-08-12 11:14 - 00057152 _____ (Windows (R) Win 7 DDK provider) E:\Windows\system32\Drivers\ssfilterdrv.sys
2015-11-29 13:25 - 2015-08-12 11:12 - 00057656 _____ (Windows (R) Win 7 DDK provider) E:\Windows\system32\Drivers\asfilterdrv.sys
2015-11-29 13:24 - 2015-11-29 13:24 - 00044670 _____ E:\Users\JD_LC\Downloads\Malwarebytes Anti-malware Premium Serial [1].exe
2015-11-27 09:40 - 2015-11-26 07:58 - 04127064 _____ E:\Users\Todos os Usuários\ch_dl_url
2015-11-27 09:40 - 2015-11-26 07:58 - 04127064 _____ E:\ProgramData\ch_dl_url
2015-11-26 11:36 - 2015-11-30 12:53 - 00000322 _____ E:\Users\Todos os Usuários\xcgui_debug.txt
2015-11-26 11:36 - 2015-11-30 12:53 - 00000322 _____ E:\ProgramData\xcgui_debug.txt
2015-11-26 10:40 - 2015-11-26 10:40 - 00004313 _____ E:\Users\Todos os Usuários\webad.xml
2015-11-26 10:40 - 2015-11-26 10:40 - 00004313 _____ E:\ProgramData\webad.xml
2015-11-19 15:35 - 2015-11-19 15:41 - 00000000 ____D E:\Users\JD_LC\Downloads\A História Verdadeira (2015) 5.1 CH Dublado 720p (By-LuanHarper)
2015-11-19 15:20 - 2015-11-19 15:34 - 00000000 ____D E:\Users\JD_LC\Downloads\O Agente da U.N.C.L.E. (2015) 1080p 5.1Ch Dublado - Alan_680
2015-11-19 15:05 - 2015-11-19 15:07 - 00000000 ____D E:\Users\JD_LC\Downloads\A Fúria de Vajra (2015) BRRip 1080p Dublado - DouglasTPF
2015-11-19 14:01 - 2015-11-19 14:02 - 00000000 ____D E:\Users\JD_LC\Downloads\O Ataque dos Vermes Malditos - Linhas de Sangue (2015) BRRip 1080p Dublado - DouglasTPF
2015-11-19 14:00 - 2015-11-19 15:01 - 00000000 ____D E:\Users\JD_LC\Downloads\Sem Retorno (2015) 720p 2.0Ch Dublado - Alan_680
2015-11-19 14:00 - 2015-11-19 14:49 - 00000000 ____D E:\Users\JD_LC\Downloads\Hitman Agente 47 (2015) 720p 5.1Ch Dublado - Alan_680
2015-11-18 23:24 - 2015-11-18 23:24 - 00419928 _____ E:\Windows\SysWOW64\locale.nls
2015-11-18 23:24 - 2015-11-18 23:24 - 00419928 _____ E:\Windows\system32\locale.nls
2015-11-18 23:24 - 2015-11-18 23:24 - 00069120 _____ (Microsoft Corporation) E:\Windows\SysWOW64\nlsbres.dll
2015-11-18 23:24 - 2015-11-18 23:24 - 00069120 _____ (Microsoft Corporation) E:\Windows\system32\nlsbres.dll
2015-11-18 23:24 - 2015-11-18 23:24 - 00007168 _____ (Microsoft Corporation) E:\Windows\SysWOW64\KBDAZE.DLL
2015-11-18 23:24 - 2015-11-18 23:24 - 00007168 _____ (Microsoft Corporation) E:\Windows\system32\kbdgeoqw.dll
2015-11-18 23:24 - 2015-11-18 23:24 - 00007168 _____ (Microsoft Corporation) E:\Windows\system32\KBDAZEL.DLL
2015-11-18 23:24 - 2015-11-18 23:24 - 00007168 _____ (Microsoft Corporation) E:\Windows\system32\KBDAZE.DLL
2015-11-18 23:24 - 2015-11-18 23:24 - 00006656 _____ (Microsoft Corporation) E:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-18 23:24 - 2015-11-18 23:24 - 00006656 _____ (Microsoft Corporation) E:\Windows\SysWOW64\KBDAZEL.DLL

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-15 23:37 - 2015-10-10 21:19 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\uTorrent
2015-12-15 23:35 - 2009-07-14 01:20 - 00000000 ____D E:\Windows
2015-12-15 23:34 - 2015-11-09 23:56 - 00002904 _____ E:\Windows\System32\Tasks\Uninstaller_SkipUac_JD_LC
2015-12-15 23:34 - 2014-01-18 04:07 - 00000902 _____ E:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-15 23:34 - 2009-07-14 01:20 - 00000000 ____D E:\Windows\inf
2015-12-15 23:27 - 2014-01-18 03:48 - 00000000 ____D E:\Users\JD_LC\AppData\Local\Deployment
2015-12-15 23:24 - 2009-07-14 02:45 - 00019792 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-15 23:24 - 2009-07-14 02:45 - 00019792 ____H E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-15 23:22 - 2015-05-06 13:11 - 00005002 _____ E:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JD_LC-PC-JD_LC JD_LC-PC
2015-12-15 23:20 - 2015-06-15 23:29 - 00001030 _____ E:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2662280489-2615740208-2487742208-1000UA.job
2015-12-15 23:12 - 2014-12-05 23:05 - 00000000 ___RD E:\Users\JD_LC\Dropbox
2015-12-15 23:09 - 2015-11-09 23:09 - 00001020 _____ E:\Windows\Tasks\TgUaBK4mUePZ9kfA47OL948T.job
2015-12-15 23:09 - 2015-11-09 23:09 - 00000994 _____ E:\Windows\Tasks\a7um5ggOFMx.job
2015-12-15 23:09 - 2015-07-04 01:28 - 00000436 _____ E:\Windows\system32\Drivers\etc\hosts.ics
2015-12-15 23:09 - 2014-04-06 01:36 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\Dropbox
2015-12-15 23:09 - 2014-01-18 04:29 - 00004182 _____ E:\Windows\System32\Tasks\avast! Emergency Update
2015-12-15 23:06 - 2014-01-18 03:48 - 00001066 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-15 23:05 - 2015-11-10 21:45 - 00001018 _____ E:\Windows\Tasks\tAGPQFUTFBowBHpg0HMe6Zx.job
2015-12-15 23:05 - 2015-11-10 21:45 - 00000990 _____ E:\Windows\Tasks\GtIdbkbXX.job
2015-12-15 23:05 - 2015-11-10 00:07 - 00001018 _____ E:\Windows\Tasks\pjVRprj2tz6WOYwdKAHW5lS.job
2015-12-15 23:05 - 2015-11-10 00:07 - 00001010 _____ E:\Windows\Tasks\ZxOvWCF7LI1yYDnReod.job
2015-12-15 23:05 - 2015-11-09 23:47 - 00001004 _____ E:\Windows\Tasks\6tqZYGen5lQPUeHn.job
2015-12-15 23:05 - 2015-11-09 23:47 - 00000992 _____ E:\Windows\Tasks\jOzK2RlIwr.job
2015-12-15 23:05 - 2015-11-09 14:33 - 00000996 _____ E:\Windows\Tasks\O3ECSoeQhE43.job
2015-12-15 23:05 - 2015-11-08 19:04 - 00001024 _____ E:\Windows\Tasks\DLEbF0CvNNcdIAow8eCYB12V0t.job
2015-12-15 23:05 - 2009-07-14 03:08 - 00000006 ____H E:\Windows\Tasks\SA.DAT
2015-12-15 15:03 - 2014-01-18 03:48 - 00001070 _____ E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-15 14:04 - 2015-06-14 11:16 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\WeatherTool
2015-12-15 13:47 - 2014-07-28 11:42 - 00000928 _____ E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2662280489-2615740208-2487742208-1000UA.job
2015-12-15 09:59 - 2015-07-01 01:14 - 137113600 _____ E:\Windows\system32\config\software.iodefrag
2015-12-15 09:59 - 2015-07-01 01:14 - 05636096 _____ E:\Windows\system32\config\default.iodefrag
2015-12-15 09:59 - 2015-07-01 01:14 - 00032768 _____ E:\Windows\system32\config\sam.iodefrag
2015-12-15 09:59 - 2015-07-01 01:14 - 00024576 _____ E:\Windows\system32\config\security.iodefrag
2015-12-15 09:59 - 2014-04-06 00:48 - 137113600 _____ E:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-12-15 09:59 - 2014-04-06 00:48 - 05636096 _____ E:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-12-15 09:59 - 2014-04-06 00:48 - 00032768 _____ E:\Windows\system32\config\SAM.iodefrag.bak
2015-12-15 09:59 - 2014-04-06 00:48 - 00024576 _____ E:\Windows\system32\config\SECURITY.iodefrag.bak
2015-12-15 00:20 - 2015-06-15 23:29 - 00000978 _____ E:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2662280489-2615740208-2487742208-1000Core.job
2015-12-15 00:20 - 2015-04-24 03:36 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\vlc
2015-12-14 22:37 - 2015-07-01 00:08 - 00002169 _____ E:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-12-12 13:47 - 2015-07-01 00:44 - 00000964 _____ E:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-12 11:54 - 2015-11-02 21:33 - 00000000 ____D E:\Users\JD_LC\Downloads\A.Viatura.2015.720p.Dual-WOLVERDONFILMES.COM
2015-12-12 10:47 - 2014-07-28 11:42 - 00000906 _____ E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2662280489-2615740208-2487742208-1000Core.job
2015-12-12 10:05 - 2014-01-18 03:00 - 00000000 ____D E:\Users\JD_LC
2015-12-12 10:05 - 2009-07-14 01:20 - 00000000 ___HD E:\Windows\system32\GroupPolicyUsers
2015-12-12 00:34 - 2015-07-01 00:44 - 00003958 _____ E:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-12 00:34 - 2014-01-18 04:07 - 00796864 _____ (Adobe Systems Incorporated) E:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-12 00:34 - 2014-01-18 04:07 - 00142528 _____ (Adobe Systems Incorporated) E:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-12 00:34 - 2014-01-18 04:07 - 00003840 _____ E:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-11 23:28 - 2009-07-14 02:45 - 05055096 _____ E:\Windows\system32\FNTCACHE.DAT
2015-12-11 17:46 - 2014-01-18 05:17 - 00000000 ____D E:\Windows\system32\MRT
2015-12-11 17:37 - 2014-01-18 05:17 - 140158008 _____ (Microsoft Corporation) E:\Windows\system32\MRT.exe
2015-12-11 12:05 - 2014-02-01 17:36 - 00000000 ____D E:\Users\Todos os Usuários\ProductData
2015-12-11 12:05 - 2014-02-01 17:36 - 00000000 ____D E:\ProgramData\ProductData
2015-12-10 10:27 - 2014-04-20 21:57 - 58675200 _____ E:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-12-09 23:33 - 2015-07-04 00:04 - 00000000 ____D E:\Program Files (x86)\Cisco
2015-12-09 23:33 - 2015-07-01 02:07 - 00000000 ____D E:\Program Files (x86)\Portforward
2015-12-09 23:33 - 2015-05-01 15:48 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2015-12-09 23:33 - 2015-01-23 22:41 - 00000000 ____D E:\Users\JD_LC\Desktop\Todos
2015-12-09 23:16 - 2014-07-27 17:45 - 00000000 ____D E:\Program Files (x86)\Microsoft SDKs
2015-12-09 23:14 - 2014-02-18 00:00 - 00000000 ____D E:\Program Files (x86)\DSP-worx
2015-12-07 21:15 - 2009-07-14 15:55 - 00705798 _____ E:\Windows\system32\prfh0416.dat
2015-12-07 21:15 - 2009-07-14 15:55 - 00147638 _____ E:\Windows\system32\prfc0416.dat
2015-12-07 21:15 - 2009-07-14 03:13 - 01635826 _____ E:\Windows\system32\PerfStringBackup.INI
2015-12-06 03:26 - 2015-02-26 00:14 - 00000000 ____D E:\Users\JD_LC\Downloads\Programas
2015-12-06 02:57 - 2014-01-18 05:09 - 00000000 ____D E:\Users\JD_LC\AppData\Roaming\DVDVideoSoft
2015-12-06 01:54 - 2014-02-01 17:35 - 00000000 ____D E:\Users\Todos os Usuários\IObit
2015-12-06 01:54 - 2014-02-01 17:35 - 00000000 ____D E:\ProgramData\IObit
2015-12-03 22:58 - 2014-01-18 03:48 - 00004066 _____ E:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 22:58 - 2014-01-18 03:48 - 00003814 _____ E:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 00:11 - 2015-01-20 13:57 - 00000000 __SHD E:\Users\JD_LC\AppData\LocalLow\EmieUserList
2015-12-03 00:11 - 2015-01-20 13:57 - 00000000 __SHD E:\Users\JD_LC\AppData\LocalLow\EmieBrowserModeList
2015-12-03 00:11 - 2014-06-22 14:58 - 00000000 __SHD E:\Users\JD_LC\AppData\LocalLow\EmieSiteList
2015-12-03 00:07 - 2014-01-18 04:01 - 00000000 ____D E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-30 06:18 - 2014-02-14 21:00 - 00000000 ____D E:\Users\JD_LC\Documents\Arquivos do Outlook
2015-11-27 09:34 - 2009-07-14 03:09 - 00000000 ____D E:\Windows\System32\Tasks\WPD
2015-11-15 14:23 - 2015-11-14 14:03 - 00000000 ____D E:\Users\JD_LC\Downloads\Homem-Formiga (2015) 720p 2.0Ch Dublado - Alan_680

==================== Arquivos na raiz de alguns diretórios =======

2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\5gK5b8k9C94Ih5u2H7budJR
2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\6tqZYGen5lQPUeHn
2015-04-19 10:20 - 2015-04-19 10:20 - 0005872 _____ () E:\Users\JD_LC\AppData\Roaming\a7um5ggOFMx
2015-04-19 10:20 - 2015-11-09 22:33 - 0000626 _____ () E:\Users\JD_LC\AppData\Roaming\BTboIchqPOP7iuN5C
2015-04-19 10:20 - 2015-11-09 22:35 - 0000626 _____ () E:\Users\JD_LC\AppData\Roaming\DLEbF0CvNNcdIAow8eCYB12V0t
2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\GtIdbkbXX
2015-04-19 10:20 - 2015-04-19 10:20 - 0005872 _____ () E:\Users\JD_LC\AppData\Roaming\jOzK2RlIwr
2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\Km9mdMI3
2014-01-18 04:57 - 2015-05-22 06:43 - 0023988 _____ () E:\Users\JD_LC\AppData\Roaming\Notepad2.ini
2015-04-19 10:20 - 2015-11-09 22:34 - 0000626 _____ () E:\Users\JD_LC\AppData\Roaming\O3ECSoeQhE43
2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\pjVRprj2tz6WOYwdKAHW5lS
2015-04-19 10:20 - 2015-04-19 10:20 - 0005872 _____ () E:\Users\JD_LC\AppData\Roaming\tAGPQFUTFBowBHpg0HMe6Zx
2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\TgUaBK4mUePZ9kfA47OL948T
2014-01-28 00:26 - 2014-01-28 00:26 - 0000056 _____ () E:\Users\JD_LC\AppData\Roaming\WB.CFG
2015-04-14 14:28 - 2015-04-14 14:28 - 0004387 _____ () E:\Users\JD_LC\AppData\Roaming\yY6trHPhB2xG
2015-04-19 10:20 - 2015-04-19 10:20 - 0005872 _____ () E:\Users\JD_LC\AppData\Roaming\ZxOvWCF7LI1yYDnReod
2015-03-22 01:36 - 2015-03-22 01:36 - 0000000 ____H () E:\Users\JD_LC\AppData\Local\BITA2A9.tmp
2015-11-08 20:05 - 2015-11-08 20:05 - 0333506 _____ (AnySend.com) E:\Users\JD_LC\AppData\Local\nsx1358.tmp
2014-12-17 12:51 - 2015-06-30 23:56 - 0007604 _____ () E:\Users\JD_LC\AppData\Local\Resmon.ResmonCfg
2014-08-06 01:31 - 2014-08-06 01:31 - 0000000 _____ () E:\Users\JD_LC\AppData\Local\{254EC9FE-33E7-4B70-8DCA-DEFEB71BB13B}
2014-08-16 23:15 - 2014-08-16 23:15 - 0000000 _____ () E:\Users\JD_LC\AppData\Local\{7418C77E-8D02-4165-A30E-A12027A4E08D}
2014-12-04 21:58 - 2014-12-04 21:59 - 0000000 _____ () E:\Users\JD_LC\AppData\Local\{952E44A0-0518-40B2-A934-931CFD24972A}
2015-03-22 01:35 - 2015-03-22 01:36 - 0000000 _____ () E:\Users\JD_LC\AppData\Local\{D52F8CA6-6BBA-4D0A-B5C3-07E85A4EABFE}
2015-12-03 11:07 - 2015-12-02 15:40 - 1308162 _____ ( ) E:\ProgramData\carss---.exe
2015-12-04 14:57 - 2013-12-30 18:23 - 0001816 _____ () E:\ProgramData\carssb.exe
2015-11-27 09:40 - 2015-11-26 07:58 - 4127064 _____ () E:\ProgramData\ch_dl_url
2014-01-15 03:15 - 2014-01-15 03:15 - 0167784 _____ (Baidu, Inc.) E:\ProgramData\FileSplitUpLoad.dll
2015-12-05 23:49 - 2013-12-30 18:23 - 0001816 _____ () E:\ProgramData\tops.exe
2015-11-11 14:42 - 2015-11-02 10:19 - 1202560 _____ (Beijing Fantasy Game Network Technology Co., Ltd.) E:\ProgramData\upcinst.exe
2015-11-09 14:45 - 2015-10-16 06:43 - 1762304 _____ (TODO: <公司名>) E:\ProgramData\upgsvr.exe
2015-11-26 10:40 - 2015-11-26 10:40 - 0004313 _____ () E:\ProgramData\webad.xml
2015-11-26 11:36 - 2015-11-30 12:53 - 0000322 _____ () E:\ProgramData\xcgui_debug.txt
2015-12-07 13:44 - 2015-12-10 15:43 - 0600312 _____ () E:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2015-11-09 21:56 - 2015-11-10 23:26 - 0000098 _____ () E:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Arquivos para serem movidos ou deletados:
====================
E:\ProgramData\carss---.exe
E:\ProgramData\carssb.exe
E:\ProgramData\FileSplitUpLoad.dll
E:\ProgramData\tops.exe
E:\ProgramData\upcinst.exe
E:\ProgramData\upgsvr.exe
E:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
E:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
E:\Users\Todos os Usuários\carss---.exe
E:\Users\Todos os Usuários\carssb.exe
E:\Users\Todos os Usuários\FileSplitUpLoad.dll
E:\Users\Todos os Usuários\tops.exe
E:\Users\Todos os Usuários\upcinst.exe
E:\Users\Todos os Usuários\upgsvr.exe
E:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
E:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Alguns arquivos em TEMP:
====================
E:\Users\JD_LC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfbdfss.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

E:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
E:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
E:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
E:\Windows\explorer.exe => O arquivo é assinado digitalmente
E:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
E:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
E:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
E:\Windows\system32\services.exe => O arquivo é assinado digitalmente
E:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
E:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
E:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
E:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
E:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
E:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
E:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
E:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-12-11 15:32

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité