Publicité
Publicité
Commentaire : http://www.cjoint.com/c/FAEuSGSQOoo
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:27-01-2016
Executado por Wlader (administrador) em GAMER (30-01-2016 18:36:52)
Executando a partir de C:\Users\Wlader\Downloads
Perfis Carregados: Wlader (Perfis Disponíveis: Wlader)
Platform: Windows 8.1 Enterprise (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(RayDl) C:\Program Files (x86)\RayDld\ihpmServer.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(TU-Funs LIMITED) C:\ProgramData\6WdM6\WdMan.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\bavhm.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(BigGay installer) C:\Program Files (x86)\SpaceSondPro_v53.12547\SpaceSondPro_Service.exe
(bitchplease updater) C:\Program Files (x86)\SpaceSondPro_v53.12547\ioproduct.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bav.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009\vnsqEDE5.tmp
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Wlader\Downloads\FRST64 (1).exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [RemoteControl11] => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [234792 2011-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe [1997296 2015-10-19] (Baidu, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe [126976 2015-12-31] (wefwfw)
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe [1571296 2015-12-28] (Tencent)
HKLM-x32\...\Run: [gmsd_br_005010223] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\RunOnce: [IOPROTECT] => C:\Program Files (x86)\SpaceSondPro_v53.12547\ioproduct_service.bat [164 2016-01-30] ()
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [36776 2016-01-04] (Glarysoft Ltd)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe [126976 2015-12-31] (wefwfw)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1907200 2016-01-20] ()
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\MountPoints2: {cd48d20f-1d20-11e5-8256-002522c04102} - "K:\setup.exe"
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\KeyStream\DIWYSV64.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\ProgramData\KeyStream\DIWYSV32.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2015-10-19] (Baidu, Inc.)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{15037A74-A17B-4F4E-A642-C2AFA69EDDDD}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> DefaultScope {CA2DDBAC-5E9F-4D58-9E3F-CA5D615B8AEB} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {2609078A-D534-44B2-9606-F4C02E0636D3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {CA2DDBAC-5E9F-4D58-9E3F-CA5D615B8AEB} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default
FF Homepage: hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=6b869bfe15a35912c0ac0faaa2c8a96d
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mysites123.xml [2016-01-30]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omniboxes.xml [2016-01-30]
FF Extension: Desprotetor de Links - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\desprotetordelinks@claudio-silva.com.xpi [2015-11-14]
FF Extension: Sem Nome - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\deskCutv2@gmail.com [2016-01-30] [não assinado]
FF Extension: Sem Nome - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\yahooprotected@gmail.com [não encontrado (a)]
FF Extension: Adblock Plus - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}] - C:\Program Files\shopperz300120161802\Firefox\{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\deskCutv2@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}] - C:\Program Files\shopperz300120161802\Firefox\{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\yahooprotected@gmail.com => não encontrado (a)
Chrome:
=======
CHR Profile: C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30]
CHR Extension: (Google Docs) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-30]
CHR Extension: (Google Drive) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-30]
CHR Extension: (YouTube) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-30]
CHR Extension: (Google Search) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-30]
CHR Extension: (Documentos Google off-line) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-30]
CHR Extension: (Skype) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-30]
CHR Extension: (Gmail) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
Opera:
=======
OPR StartupUrls: "hxxp://maisdowns.com"
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe [2572928 2015-10-19] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdSandboxSrv64.exe [490528 2015-03-05] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe [531232 2015-10-19] (Baidu, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [265960 2016-01-29] (RayDl)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Arquivo não assinado]
R2 ValhallaUpdateHlp; C:\Windows\SysWOW64\activealias.dll [414456 2015-01-27] ()
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-06-03] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
R2 WdMan; C:\ProgramData\6WdM6\WdMan.exe [794376 2016-01-30] (TU-Funs LIMITED)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
S2 MPCProtectService; "D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X]
S2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-09-30] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2015-08-17] ()
U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdApiUtil64.sys [116936 2015-10-19] (Baidu, Inc.)
R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] ()
U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdCameraProtect64.sys [25032 2015-10-19] (Baidu, Inc.)
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2015-10-19] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-10-19] (Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-10-19] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2015-10-19] (Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bnmon64.sys [82376 2015-10-19] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2015-10-19] (Baidu, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-01-30] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-27] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-05] (Glarysoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-03] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2015-08-17] ()
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-01-30] (DotC United Inc)
R2 msizhandler; C:\Windows\system32\drivers\appaskdetech.sys [140952 2015-11-04] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-01-30] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink Corp.)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X]
S1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X]
S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-30 18:36 - 2016-01-30 18:37 - 00023290 _____ C:\Users\Wlader\Downloads\FRST.txt
2016-01-30 18:36 - 2016-01-30 18:36 - 00000000 ____D C:\FRST
2016-01-30 18:35 - 2016-01-30 18:35 - 02370560 _____ (Farbar) C:\Users\Wlader\Downloads\FRST64 (1).exe
2016-01-30 18:34 - 2016-01-30 18:34 - 02370560 _____ (Farbar) C:\Users\Wlader\Downloads\FRST64.exe
2016-01-30 17:22 - 2016-01-30 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-01-30 17:08 - 2016-01-30 17:08 - 00000000 ____D C:\Windows\system32\log
2016-01-30 17:07 - 2016-01-30 17:21 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2016-01-30 17:07 - 2016-01-30 17:07 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Elex-tech
2016-01-30 17:06 - 2016-01-30 17:07 - 27989848 _____ (Elex do Brasil Participações Ltda) C:\Users\Wlader\Downloads\yet_another_cleaner_sk_8052088.exe
2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\ASPackage
2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Program Files (x86)\03000200-1454177148-0500-0006-000700080009
2016-01-30 15:50 - 2016-01-30 17:21 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-01-30 15:50 - 2016-01-30 16:50 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\WeatherTool
2016-01-30 15:50 - 2016-01-30 15:53 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.12547
2016-01-30 15:50 - 2016-01-30 15:50 - 00000008 _____ C:\END
2016-01-30 15:39 - 2016-01-30 15:39 - 00000000 _____ C:\autoexec.bat
2016-01-30 15:38 - 2016-01-30 15:38 - 00003324 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-01-30 15:38 - 2016-01-30 15:38 - 00000000 ____D C:\sh4ldr
2016-01-30 15:37 - 2016-01-30 17:12 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-01-30 15:37 - 2016-01-30 15:37 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Wlader\Downloads\SpyHunter-Installer.exe
2016-01-30 15:37 - 2016-01-30 15:37 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-01-30 15:07 - 2016-01-30 18:12 - 00000356 ____H C:\Windows\Tasks\NVXUUDBSGNMGMJGC.job
2016-01-30 15:07 - 2016-01-30 15:07 - 00003366 _____ C:\Windows\System32\Tasks\NVXUUDBSGNMGMJGC
2016-01-30 14:58 - 2016-01-30 14:58 - 00003014 _____ C:\Windows\System32\Tasks\ttwifi
2016-01-30 14:58 - 2016-01-30 14:58 - 00002910 _____ C:\Windows\System32\Tasks\osTip
2016-01-30 14:58 - 2016-01-30 14:58 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-01-30 14:58 - 2016-01-30 14:58 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-01-30 14:57 - 2016-01-30 18:02 - 00000356 ____H C:\Windows\Tasks\QTSCJDOLRMBKUQGF.job
2016-01-30 14:57 - 2016-01-30 15:07 - 00000000 ____D C:\Users\Todos os Usuários\Service0561
2016-01-30 14:57 - 2016-01-30 15:07 - 00000000 ____D C:\ProgramData\Service0561
2016-01-30 14:57 - 2016-01-30 14:57 - 00003366 _____ C:\Windows\System32\Tasks\QTSCJDOLRMBKUQGF
2016-01-30 14:57 - 2016-01-30 14:57 - 00000000 ____D C:\Users\Todos os Usuários\12db864551ae4c578eb17db1a9f5d3cf
2016-01-30 14:57 - 2016-01-30 14:57 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
2016-01-30 14:42 - 2016-01-30 14:42 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\kingsoft
2016-01-30 14:37 - 2016-01-30 18:34 - 00000346 _____ C:\Windows\Tasks\PPTAssistantNotifyTask_Wlader.job
2016-01-30 14:37 - 2016-01-30 18:02 - 00000616 _____ C:\Windows\Tasks\PPTAssistantUpdateTask_Wlader.job
2016-01-30 14:37 - 2016-01-30 14:43 - 00003566 _____ C:\Windows\System32\Tasks\PPTAssistantUpdateTask_Wlader
2016-01-30 14:37 - 2016-01-30 14:37 - 00003296 _____ C:\Windows\System32\Tasks\PPTAssistantNotifyTask_Wlader
2016-01-30 14:36 - 2016-01-30 15:18 - 00000000 ____D C:\Users\Wlader\AppData\Local\PPTAssist
2016-01-30 14:36 - 2016-01-30 14:48 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\pptassist
2016-01-30 14:36 - 2016-01-30 14:42 - 00000000 ____D C:\Users\Todos os Usuários\kingsoft
2016-01-30 14:36 - 2016-01-30 14:42 - 00000000 ____D C:\ProgramData\kingsoft
2016-01-30 14:36 - 2016-01-30 14:36 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-01-30 14:35 - 2016-01-30 15:05 - 00000000 ____D C:\Program Files (x86)\ppt
2016-01-30 14:28 - 2016-01-30 14:29 - 00000000 ____D C:\Users\Todos os Usuários\6WdM6
2016-01-30 14:28 - 2016-01-30 14:29 - 00000000 ____D C:\ProgramData\6WdM6
2016-01-30 14:28 - 2016-01-30 14:28 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-01-30 14:28 - 2016-01-30 14:28 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-01-30 14:27 - 2013-08-22 11:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-01-30 14:26 - 2016-01-30 18:23 - 00000000 ____D C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009
2016-01-30 14:24 - 2016-01-30 14:24 - 00003340 _____ C:\Windows\System32\Tasks\Uumoejuk
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\Company
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\uninst
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Program Files (x86)\RayDld
2016-01-30 14:05 - 2016-01-30 14:24 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys
2016-01-29 20:03 - 2016-01-29 20:14 - 00000000 ____D C:\Users\Wlader\Downloads\Rise.Of.The.Tomb.Raider.Steam.Preload.Unlocker
2016-01-29 20:02 - 2016-01-29 20:02 - 00018884 _____ C:\Users\Wlader\Downloads\Rise.Of.The.Tomb.Raider.Steam.Preload.Unlocker.torrent
2016-01-28 17:15 - 2016-01-28 17:15 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Sun
2016-01-28 17:15 - 2016-01-28 17:15 - 00000000 ____D C:\Users\Wlader\.oracle_jre_usage
2016-01-28 17:13 - 2016-01-28 17:13 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\Oracle
2016-01-19 15:52 - 2016-01-19 16:50 - 00000000 ____D C:\Users\Wlader\Downloads\[R.G. Mechanics] Darksiders II Deathinitive Edition
2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\IDMComp
2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\Users\Todos os Usuários\IDMComp
2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\ProgramData\IDMComp
2016-01-16 17:27 - 2016-01-16 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit
2016-01-16 17:27 - 2016-01-16 17:27 - 00000000 ____D C:\Program Files\IDM Computer Solutions
2016-01-16 17:26 - 2016-01-16 17:26 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\AIMP
2016-01-16 17:25 - 2016-01-16 17:27 - 47612488 _____ C:\Users\Wlader\Downloads\Mozilla_Firefox_(64bit)_v43.0.4.exe
2016-01-16 17:25 - 2016-01-16 17:26 - 133051672 _____ (Apple Inc.) C:\Users\Wlader\Downloads\iTunes_(64bit)_v12.3.2.exe
2016-01-16 17:24 - 2016-01-16 17:25 - 54701056 _____ (IDM Computer Solutions, Inc.) C:\Users\Wlader\Downloads\UltraEdit(64bit)_v22.20.exe
2016-01-16 17:24 - 2016-01-16 17:25 - 24531104 _____ (Baidu, Inc.) C:\Users\Wlader\Downloads\Baidu_Antivirus_v5.4.3.148966.exe
2016-01-16 17:24 - 2016-01-16 17:24 - 15300128 _____ C:\Users\Wlader\Downloads\Glary_Utilities_v5.42.0.62.exe
2016-01-16 17:24 - 2016-01-16 17:24 - 08567416 _____ (AIMP DevTeam) C:\Users\Wlader\Downloads\AIMP_v4.00_Build_1683.exe
2016-01-16 17:24 - 2016-01-16 17:24 - 08115632 _____ (AIMP DevTeam) C:\Users\Wlader\Downloads\AIMP_v4.00_Build_1670_RC_2.exe
2016-01-16 17:09 - 2016-01-16 17:09 - 03017216 _____ (Vitzo) C:\Users\Wlader\Downloads\VDownloader.exe
2016-01-16 15:00 - 2016-01-16 21:09 - 00000000 ____D C:\Users\Wlader\Downloads\Dragons Dogma Dark Arisen-SKIDROWCRACK
2016-01-16 14:58 - 2016-01-16 14:58 - 00682699 _____ C:\Users\Wlader\Downloads\[kat.cr]dragon.s.dogma.dark.arisen.cracked.sc.torrent
2016-01-13 12:45 - 2015-12-11 02:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 12:45 - 2015-12-11 02:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 12:45 - 2015-12-11 01:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 12:45 - 2015-12-11 01:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 12:45 - 2015-12-11 01:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 12:45 - 2015-12-11 01:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 12:45 - 2015-12-11 01:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 12:45 - 2015-12-11 01:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-13 12:45 - 2015-12-11 01:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 12:45 - 2015-12-11 01:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 12:45 - 2015-12-11 00:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 12:45 - 2015-12-11 00:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 12:45 - 2015-12-11 00:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-13 12:45 - 2015-12-11 00:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 12:45 - 2015-12-11 00:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 12:45 - 2015-12-11 00:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 12:45 - 2015-12-11 00:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 12:45 - 2015-12-11 00:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 12:45 - 2015-12-11 00:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 12:45 - 2015-12-11 00:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 12:45 - 2015-12-11 00:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 12:43 - 2015-12-02 13:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 12:43 - 2015-12-02 13:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-13 12:42 - 2015-12-03 15:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 12:42 - 2015-12-03 14:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 12:41 - 2015-12-30 17:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 12:41 - 2015-12-30 17:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 12:41 - 2015-12-30 17:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 12:41 - 2015-12-09 22:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 12:41 - 2015-12-07 08:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 01798480 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 12:41 - 2015-12-04 13:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 12:41 - 2015-12-03 17:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-13 12:41 - 2015-12-03 17:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-13 12:41 - 2015-12-03 17:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 12:41 - 2015-12-03 17:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-13 12:41 - 2015-12-03 17:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 12:41 - 2015-12-03 16:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-13 12:41 - 2015-12-03 16:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 12:41 - 2015-12-03 16:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-13 12:41 - 2015-12-03 16:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 12:41 - 2015-12-03 16:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 12:41 - 2015-12-03 16:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 12:41 - 2015-12-03 16:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 12:41 - 2015-12-03 16:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 12:41 - 2015-12-03 16:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 12:41 - 2015-12-03 16:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 12:41 - 2015-12-03 15:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 12:41 - 2015-12-03 15:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-13 12:41 - 2015-12-03 15:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 12:41 - 2015-12-03 15:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 12:41 - 2015-12-03 15:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 12:41 - 2015-12-03 15:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 12:41 - 2015-12-03 15:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 12:41 - 2015-12-03 15:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 12:41 - 2015-12-03 15:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-13 12:41 - 2015-12-03 15:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 12:41 - 2015-12-03 15:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 12:41 - 2015-12-03 15:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 12:41 - 2015-12-03 15:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 12:41 - 2015-12-03 14:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 12:41 - 2015-12-03 14:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 12:41 - 2015-11-17 19:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 12:40 - 2015-12-08 17:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 12:40 - 2015-12-08 17:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-11 12:12 - 2016-01-16 17:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-11 12:12 - 2016-01-11 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-11 12:11 - 2016-01-11 12:11 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Wlader\Downloads\SkypeSetup.exe
2016-01-10 17:42 - 2016-01-10 17:42 - 06698008 _____ (Tribo Gamer Brasil®) C:\Users\Wlader\Downloads\ff13_br-v1.01[].exe
2016-01-10 17:41 - 2016-01-10 17:41 - 00979424 _____ (Internet ) C:\Users\Wlader\Downloads\ff13_br-v1.01[www.tribogamer.com].exe
2016-01-10 11:59 - 2016-01-30 14:48 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\uTorrent
2016-01-09 21:11 - 2016-01-09 22:05 - 00000000 ____D C:\Users\Wlader\Downloads\Hércules (2014) BRrip 1080p 6 Ch Dublado - AndreTPF
2016-01-09 16:16 - 2016-01-09 16:28 - 00000000 ____D C:\Users\Wlader\Downloads\Dragon Ball Z - A Batalha Dos Deuses (2013) BDrip 1080p Dublado - AndreTPF
2016-01-09 15:59 - 2016-01-09 15:59 - 00023159 _____ C:\Users\Wlader\Downloads\Darksiders.II.Deathinitive.Edition.torrent
2016-01-07 09:03 - 2016-01-07 09:25 - 00000000 ____D C:\Users\Wlader\Downloads\Batman - O Cavaleiro Das Trevas (2008)
2016-01-07 02:40 - 2016-01-07 02:40 - 00000000 ____D C:\Users\Wlader\Documents\Modelos Personalizados do Office
2016-01-05 23:24 - 2016-01-05 23:37 - 00000000 ____D C:\Users\Wlader\Downloads\Batman-O Cavaleiro Das Trevas Ressurge
2016-01-05 23:18 - 2016-01-06 15:14 - 00000000 ____D C:\Users\Wlader\Downloads\Birdman - A Inesperada Virtude Da Ignorância (2015) BRrip Blu-Ray 1080p 5.1 Ch Dublado - AndreTPF
2016-01-05 01:27 - 2016-01-05 12:43 - 00000000 ____D C:\Users\Wlader\Downloads\Vingadores.Era.de.Ultron.2015.1080p.BluRay.Dual-WOLVERDONFILMES.COM
2016-01-04 17:03 - 2016-01-30 17:27 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-01-04 17:03 - 2016-01-04 17:03 - 00001024 _____ C:\.rnd
2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ____D C:\Program Files\Diebold
2016-01-04 17:03 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-01-04 17:00 - 2016-01-30 17:27 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-04 17:00 - 2016-01-05 16:13 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-04 17:00 - 2016-01-05 16:13 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-04 17:00 - 2016-01-04 17:00 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-01-04 17:00 - 2016-01-04 17:00 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-01-04 10:47 - 2016-01-30 18:23 - 00000000 ____D C:\Users\Todos os Usuários\BavSvc_exe
2016-01-04 10:47 - 2016-01-30 18:23 - 00000000 ____D C:\ProgramData\BavSvc_exe
2016-01-02 14:36 - 2016-01-02 14:36 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-01-01 13:51 - 2015-07-30 12:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-01 13:51 - 2015-07-30 11:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-01 13:26 - 2014-06-09 20:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-01-01 13:26 - 2014-06-09 20:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-12-31 21:39 - 2015-12-31 21:39 - 00000000 ____D C:\Users\Wlader\Documents\Aspyr
2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-31 17:47 - 2015-12-31 17:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-31 17:47 - 2015-12-31 17:47 - 00000000 ____D C:\Program Files\MSBuild
2015-12-31 17:36 - 2013-08-03 02:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-12-31 17:33 - 2013-08-03 02:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-12-31 17:18 - 2015-12-31 17:18 - 00000773 _____ C:\Users\Wlader\Desktop\Star Wars The Force Unleashed.lnk
2015-12-31 16:46 - 2015-12-31 16:46 - 00000000 ____D C:\Users\Wlader\AppData\Local\Aspyr
2015-12-31 10:55 - 2015-12-31 11:38 - 00000000 ____D C:\Users\Wlader\Downloads\Missão Impossível - Protocolo Fantasma (2011) 720p BrRip (Dual Audio)
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-30 18:25 - 2015-09-19 16:27 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Skype
2016-01-30 18:20 - 2015-11-29 12:18 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-30 18:15 - 2015-08-16 14:38 - 00000964 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-30 17:43 - 2015-09-25 19:48 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-30 17:32 - 2015-06-02 21:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1433210940-3313559613-2812674987-1001
2016-01-30 17:27 - 2015-11-29 12:18 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-30 17:27 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-30 17:26 - 2015-06-04 17:14 - 00000292 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Wlader.job
2016-01-30 17:26 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-30 17:24 - 2015-06-04 17:14 - 00002394 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Wlader
2016-01-30 17:21 - 2015-12-21 13:37 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Baidu
2016-01-30 17:21 - 2015-10-19 16:59 - 00000000 ____D C:\Users\Todos os Usuários\Baidu
2016-01-30 17:21 - 2015-10-19 16:59 - 00000000 ____D C:\ProgramData\Baidu
2016-01-30 15:38 - 2015-10-13 00:38 - 00000278 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
2016-01-30 15:38 - 2015-06-02 21:16 - 00000000 ____D C:\Users\Wlader
2016-01-30 15:31 - 2015-06-03 11:20 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-01-30 15:31 - 2015-06-03 11:20 - 00000000 ____D C:\ProgramData\IObit
2016-01-30 15:19 - 2015-06-02 21:16 - 00000000 ____D C:\Users\Wlader\AppData\Local\Packages
2016-01-30 14:48 - 2015-06-04 18:16 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\uTorrent
2016-01-30 14:31 - 2015-08-22 10:06 - 00000952 _____ C:\Users\Public\Desktop\The Witcher Enhanced Edition Director's Cut.lnk
2016-01-30 14:31 - 2015-06-08 21:51 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-30 14:31 - 2015-06-03 11:12 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-30 14:31 - 2015-06-02 21:17 - 00001434 _____ C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-30 14:25 - 2015-08-15 09:37 - 00001146 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
2016-01-28 17:36 - 2015-06-03 11:44 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-01-28 17:36 - 2015-06-03 11:44 - 00000000 ____D C:\ProgramData\Oracle
2016-01-28 17:16 - 2015-06-03 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-28 17:16 - 2015-06-03 11:44 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-28 17:14 - 2015-06-03 11:45 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-27 19:20 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-01-27 19:19 - 2015-07-05 13:40 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-01-26 18:24 - 2015-06-03 11:20 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-01-26 18:24 - 2015-06-03 11:20 - 00000000 ____D C:\ProgramData\ProductData
2016-01-25 12:54 - 2015-06-04 17:40 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\vlc
2016-01-25 12:52 - 2015-06-11 22:56 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\dvdcss
2016-01-21 22:49 - 2015-06-04 23:48 - 00000000 ____D C:\Users\Wlader\Documents\The Witcher 3
2016-01-20 12:43 - 2015-09-25 19:48 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 12:43 - 2015-08-16 14:38 - 00003924 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-16 17:42 - 2015-08-01 15:47 - 00000000 ____D C:\Users\Wlader\Documents\samsung
2016-01-16 17:42 - 2015-06-08 22:04 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Mozilla
2016-01-16 17:42 - 2015-06-03 11:11 - 00000000 ____D C:\Users\Wlader\AppData\Local\Google
2016-01-16 17:42 - 2015-06-03 11:11 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-16 17:42 - 2015-06-03 09:14 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-01-16 17:42 - 2015-06-03 09:14 - 00000000 ____D C:\ProgramData\Adobe
2016-01-16 17:28 - 2015-07-05 13:40 - 00003306 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2016-01-16 17:28 - 2015-07-05 13:40 - 00002968 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2016-01-16 17:28 - 2015-07-05 13:40 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-01-16 17:27 - 2015-07-30 14:59 - 00000000 ____D C:\Program Files (x86)\AIMP3
2016-01-15 08:29 - 2015-06-09 21:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 08:27 - 2015-06-09 21:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 20:20 - 2015-08-22 10:07 - 00000000 ____D C:\Users\Wlader\AppData\Local\The Witcher
2016-01-14 09:09 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache
2016-01-13 22:46 - 2014-03-18 08:32 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-13 22:46 - 2014-03-18 07:45 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2016-01-13 22:46 - 2014-03-18 07:45 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2016-01-13 13:58 - 2015-11-27 20:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 13:58 - 2015-11-27 20:58 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-13 13:06 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-13 13:04 - 2015-10-12 15:34 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:00 - 2015-10-12 15:34 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-12 19:30 - 2015-09-20 11:40 - 00000000 ____D C:\Users\Wlader\Documents\WB Games
2016-01-11 12:12 - 2015-09-19 16:26 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-01-11 12:12 - 2015-09-19 16:26 - 00000000 ____D C:\ProgramData\Skype
2016-01-07 01:21 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\NDF
2016-01-05 18:04 - 2015-11-27 21:13 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 18:04 - 2015-11-27 21:13 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-05 16:13 - 2013-08-22 12:44 - 00482456 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-04 17:05 - 2015-12-23 12:52 - 00000000 ____D C:\Users\Wlader\AppData\Local\VirtualStore
2016-01-04 17:04 - 2015-06-03 10:21 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-01-04 17:04 - 2015-06-03 10:21 - 00000000 ____D C:\ProgramData\Temp
2015-12-31 19:28 - 2015-06-03 11:41 - 00000000 __SHD C:\Users\Wlader\AppData\LocalLow\EmieUserList
2015-12-31 18:56 - 2015-08-22 10:11 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2015-12-31 18:56 - 2015-08-22 10:11 - 00000000 ____D C:\Program Files (x86)\GameVicio
2015-12-31 17:48 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-12-31 17:48 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\MUI
==================== Arquivos na raiz de alguns diretórios =======
2015-09-13 15:26 - 2015-09-13 15:26 - 0004608 _____ () C:\Users\Wlader\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-04 20:50 - 2015-11-04 20:50 - 0140952 _____ () C:\ProgramData\appaskdetech.sys
2015-11-04 20:50 - 2015-11-04 20:50 - 0414456 _____ () C:\ProgramData\FAODDGLCSSPE.dat
2016-01-30 14:28 - 2016-01-30 14:28 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FAODDGLCSSPE.dat
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\FAODDGLCSSPE.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
Alguns arquivos em TEMP:
====================
C:\Users\Wlader\AppData\Local\Temp\0YLG829TIG.exe
C:\Users\Wlader\AppData\Local\Temp\1454181713.exe
C:\Users\Wlader\AppData\Local\Temp\30CF.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\355F.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\37DC.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\45B9.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\69AA.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\760C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\7CF7.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\A38C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\A502.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\A9EA.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\atdl.exe
C:\Users\Wlader\AppData\Local\Temp\C463.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\CA5C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\CB07.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\CE4C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\D4A5.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\D4A9.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\D698.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DB0C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DD30.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DEC0.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DOABUOFC2N.exe
C:\Users\Wlader\AppData\Local\Temp\E9EA.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\EBE2.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\EF44.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\FF93.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\ICReinstall_760C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Wlader\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe
C:\Users\Wlader\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74672_Silence.exe
C:\Users\Wlader\AppData\Local\Temp\set.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-27 19:44
==================== Fim de FRST.txt ============================
Executado por Wlader (administrador) em GAMER (30-01-2016 18:36:52)
Executando a partir de C:\Users\Wlader\Downloads
Perfis Carregados: Wlader (Perfis Disponíveis: Wlader)
Platform: Windows 8.1 Enterprise (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(RayDl) C:\Program Files (x86)\RayDld\ihpmServer.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(TU-Funs LIMITED) C:\ProgramData\6WdM6\WdMan.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\bavhm.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(BigGay installer) C:\Program Files (x86)\SpaceSondPro_v53.12547\SpaceSondPro_Service.exe
(bitchplease updater) C:\Program Files (x86)\SpaceSondPro_v53.12547\ioproduct.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bav.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009\vnsqEDE5.tmp
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Wlader\Downloads\FRST64 (1).exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [RemoteControl11] => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [234792 2011-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe [1997296 2015-10-19] (Baidu, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe [126976 2015-12-31] (wefwfw)
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe [1571296 2015-12-28] (Tencent)
HKLM-x32\...\Run: [gmsd_br_005010223] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\RunOnce: [IOPROTECT] => C:\Program Files (x86)\SpaceSondPro_v53.12547\ioproduct_service.bat [164 2016-01-30] ()
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [36776 2016-01-04] (Glarysoft Ltd)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe [126976 2015-12-31] (wefwfw)
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1907200 2016-01-20] ()
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\MountPoints2: {cd48d20f-1d20-11e5-8256-002522c04102} - "K:\setup.exe"
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\KeyStream\DIWYSV64.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\ProgramData\KeyStream\DIWYSV32.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2015-10-19] (Baidu, Inc.)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{15037A74-A17B-4F4E-A642-C2AFA69EDDDD}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> DefaultScope {CA2DDBAC-5E9F-4D58-9E3F-CA5D615B8AEB} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {2609078A-D534-44B2-9606-F4C02E0636D3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {CA2DDBAC-5E9F-4D58-9E3F-CA5D615B8AEB} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default
FF Homepage: hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=6b869bfe15a35912c0ac0faaa2c8a96d
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mysites123.xml [2016-01-30]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omniboxes.xml [2016-01-30]
FF Extension: Desprotetor de Links - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\desprotetordelinks@claudio-silva.com.xpi [2015-11-14]
FF Extension: Sem Nome - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\deskCutv2@gmail.com [2016-01-30] [não assinado]
FF Extension: Sem Nome - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\yahooprotected@gmail.com [não encontrado (a)]
FF Extension: Adblock Plus - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Firefox\Extensions: [{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}] - C:\Program Files\shopperz300120161802\Firefox\{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\deskCutv2@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}] - C:\Program Files\shopperz300120161802\Firefox\{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\yahooprotected@gmail.com => não encontrado (a)
Chrome:
=======
CHR Profile: C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30]
CHR Extension: (Google Docs) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-30]
CHR Extension: (Google Drive) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-30]
CHR Extension: (YouTube) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-30]
CHR Extension: (Google Search) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-30]
CHR Extension: (Documentos Google off-line) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-30]
CHR Extension: (Skype) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-30]
CHR Extension: (Gmail) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
Opera:
=======
OPR StartupUrls: "hxxp://maisdowns.com"
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe [2572928 2015-10-19] (Baidu, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdSandboxSrv64.exe [490528 2015-03-05] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe [531232 2015-10-19] (Baidu, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] ()
S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [265960 2016-01-29] (RayDl)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Arquivo não assinado]
R2 ValhallaUpdateHlp; C:\Windows\SysWOW64\activealias.dll [414456 2015-01-27] ()
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-06-03] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA)
R2 WdMan; C:\ProgramData\6WdM6\WdMan.exe [794376 2016-01-30] (TU-Funs LIMITED)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
S2 MPCProtectService; "D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X]
S2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-09-30] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2015-08-17] ()
U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdApiUtil64.sys [116936 2015-10-19] (Baidu, Inc.)
R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] ()
U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdCameraProtect64.sys [25032 2015-10-19] (Baidu, Inc.)
S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2015-10-19] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-10-19] (Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-10-19] (Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2015-10-19] (Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bnmon64.sys [82376 2015-10-19] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2015-10-19] (Baidu, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-01-30] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-27] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-05] (Glarysoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-03] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2015-08-17] ()
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-01-30] (DotC United Inc)
R2 msizhandler; C:\Windows\system32\drivers\appaskdetech.sys [140952 2015-11-04] ()
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-01-30] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink Corp.)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X]
S1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X]
S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-30 18:36 - 2016-01-30 18:37 - 00023290 _____ C:\Users\Wlader\Downloads\FRST.txt
2016-01-30 18:36 - 2016-01-30 18:36 - 00000000 ____D C:\FRST
2016-01-30 18:35 - 2016-01-30 18:35 - 02370560 _____ (Farbar) C:\Users\Wlader\Downloads\FRST64 (1).exe
2016-01-30 18:34 - 2016-01-30 18:34 - 02370560 _____ (Farbar) C:\Users\Wlader\Downloads\FRST64.exe
2016-01-30 17:22 - 2016-01-30 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-01-30 17:08 - 2016-01-30 17:08 - 00000000 ____D C:\Windows\system32\log
2016-01-30 17:07 - 2016-01-30 17:21 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2016-01-30 17:07 - 2016-01-30 17:07 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Elex-tech
2016-01-30 17:06 - 2016-01-30 17:07 - 27989848 _____ (Elex do Brasil Participações Ltda) C:\Users\Wlader\Downloads\yet_another_cleaner_sk_8052088.exe
2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\ASPackage
2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Program Files (x86)\03000200-1454177148-0500-0006-000700080009
2016-01-30 15:50 - 2016-01-30 17:21 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-01-30 15:50 - 2016-01-30 16:50 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\WeatherTool
2016-01-30 15:50 - 2016-01-30 15:53 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.12547
2016-01-30 15:50 - 2016-01-30 15:50 - 00000008 _____ C:\END
2016-01-30 15:39 - 2016-01-30 15:39 - 00000000 _____ C:\autoexec.bat
2016-01-30 15:38 - 2016-01-30 15:38 - 00003324 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-01-30 15:38 - 2016-01-30 15:38 - 00000000 ____D C:\sh4ldr
2016-01-30 15:37 - 2016-01-30 17:12 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-01-30 15:37 - 2016-01-30 15:37 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Wlader\Downloads\SpyHunter-Installer.exe
2016-01-30 15:37 - 2016-01-30 15:37 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-01-30 15:07 - 2016-01-30 18:12 - 00000356 ____H C:\Windows\Tasks\NVXUUDBSGNMGMJGC.job
2016-01-30 15:07 - 2016-01-30 15:07 - 00003366 _____ C:\Windows\System32\Tasks\NVXUUDBSGNMGMJGC
2016-01-30 14:58 - 2016-01-30 14:58 - 00003014 _____ C:\Windows\System32\Tasks\ttwifi
2016-01-30 14:58 - 2016-01-30 14:58 - 00002910 _____ C:\Windows\System32\Tasks\osTip
2016-01-30 14:58 - 2016-01-30 14:58 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-01-30 14:58 - 2016-01-30 14:58 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-01-30 14:57 - 2016-01-30 18:02 - 00000356 ____H C:\Windows\Tasks\QTSCJDOLRMBKUQGF.job
2016-01-30 14:57 - 2016-01-30 15:07 - 00000000 ____D C:\Users\Todos os Usuários\Service0561
2016-01-30 14:57 - 2016-01-30 15:07 - 00000000 ____D C:\ProgramData\Service0561
2016-01-30 14:57 - 2016-01-30 14:57 - 00003366 _____ C:\Windows\System32\Tasks\QTSCJDOLRMBKUQGF
2016-01-30 14:57 - 2016-01-30 14:57 - 00000000 ____D C:\Users\Todos os Usuários\12db864551ae4c578eb17db1a9f5d3cf
2016-01-30 14:57 - 2016-01-30 14:57 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
2016-01-30 14:42 - 2016-01-30 14:42 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\kingsoft
2016-01-30 14:37 - 2016-01-30 18:34 - 00000346 _____ C:\Windows\Tasks\PPTAssistantNotifyTask_Wlader.job
2016-01-30 14:37 - 2016-01-30 18:02 - 00000616 _____ C:\Windows\Tasks\PPTAssistantUpdateTask_Wlader.job
2016-01-30 14:37 - 2016-01-30 14:43 - 00003566 _____ C:\Windows\System32\Tasks\PPTAssistantUpdateTask_Wlader
2016-01-30 14:37 - 2016-01-30 14:37 - 00003296 _____ C:\Windows\System32\Tasks\PPTAssistantNotifyTask_Wlader
2016-01-30 14:36 - 2016-01-30 15:18 - 00000000 ____D C:\Users\Wlader\AppData\Local\PPTAssist
2016-01-30 14:36 - 2016-01-30 14:48 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\pptassist
2016-01-30 14:36 - 2016-01-30 14:42 - 00000000 ____D C:\Users\Todos os Usuários\kingsoft
2016-01-30 14:36 - 2016-01-30 14:42 - 00000000 ____D C:\ProgramData\kingsoft
2016-01-30 14:36 - 2016-01-30 14:36 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-01-30 14:35 - 2016-01-30 15:05 - 00000000 ____D C:\Program Files (x86)\ppt
2016-01-30 14:28 - 2016-01-30 14:29 - 00000000 ____D C:\Users\Todos os Usuários\6WdM6
2016-01-30 14:28 - 2016-01-30 14:29 - 00000000 ____D C:\ProgramData\6WdM6
2016-01-30 14:28 - 2016-01-30 14:28 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-01-30 14:28 - 2016-01-30 14:28 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-01-30 14:27 - 2013-08-22 11:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-01-30 14:26 - 2016-01-30 18:23 - 00000000 ____D C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009
2016-01-30 14:24 - 2016-01-30 14:24 - 00003340 _____ C:\Windows\System32\Tasks\Uumoejuk
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\Company
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\uninst
2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Program Files (x86)\RayDld
2016-01-30 14:05 - 2016-01-30 14:24 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys
2016-01-29 20:03 - 2016-01-29 20:14 - 00000000 ____D C:\Users\Wlader\Downloads\Rise.Of.The.Tomb.Raider.Steam.Preload.Unlocker
2016-01-29 20:02 - 2016-01-29 20:02 - 00018884 _____ C:\Users\Wlader\Downloads\Rise.Of.The.Tomb.Raider.Steam.Preload.Unlocker.torrent
2016-01-28 17:15 - 2016-01-28 17:15 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Sun
2016-01-28 17:15 - 2016-01-28 17:15 - 00000000 ____D C:\Users\Wlader\.oracle_jre_usage
2016-01-28 17:13 - 2016-01-28 17:13 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\Oracle
2016-01-19 15:52 - 2016-01-19 16:50 - 00000000 ____D C:\Users\Wlader\Downloads\[R.G. Mechanics] Darksiders II Deathinitive Edition
2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\IDMComp
2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\Users\Todos os Usuários\IDMComp
2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\ProgramData\IDMComp
2016-01-16 17:27 - 2016-01-16 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit
2016-01-16 17:27 - 2016-01-16 17:27 - 00000000 ____D C:\Program Files\IDM Computer Solutions
2016-01-16 17:26 - 2016-01-16 17:26 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\AIMP
2016-01-16 17:25 - 2016-01-16 17:27 - 47612488 _____ C:\Users\Wlader\Downloads\Mozilla_Firefox_(64bit)_v43.0.4.exe
2016-01-16 17:25 - 2016-01-16 17:26 - 133051672 _____ (Apple Inc.) C:\Users\Wlader\Downloads\iTunes_(64bit)_v12.3.2.exe
2016-01-16 17:24 - 2016-01-16 17:25 - 54701056 _____ (IDM Computer Solutions, Inc.) C:\Users\Wlader\Downloads\UltraEdit(64bit)_v22.20.exe
2016-01-16 17:24 - 2016-01-16 17:25 - 24531104 _____ (Baidu, Inc.) C:\Users\Wlader\Downloads\Baidu_Antivirus_v5.4.3.148966.exe
2016-01-16 17:24 - 2016-01-16 17:24 - 15300128 _____ C:\Users\Wlader\Downloads\Glary_Utilities_v5.42.0.62.exe
2016-01-16 17:24 - 2016-01-16 17:24 - 08567416 _____ (AIMP DevTeam) C:\Users\Wlader\Downloads\AIMP_v4.00_Build_1683.exe
2016-01-16 17:24 - 2016-01-16 17:24 - 08115632 _____ (AIMP DevTeam) C:\Users\Wlader\Downloads\AIMP_v4.00_Build_1670_RC_2.exe
2016-01-16 17:09 - 2016-01-16 17:09 - 03017216 _____ (Vitzo) C:\Users\Wlader\Downloads\VDownloader.exe
2016-01-16 15:00 - 2016-01-16 21:09 - 00000000 ____D C:\Users\Wlader\Downloads\Dragons Dogma Dark Arisen-SKIDROWCRACK
2016-01-16 14:58 - 2016-01-16 14:58 - 00682699 _____ C:\Users\Wlader\Downloads\[kat.cr]dragon.s.dogma.dark.arisen.cracked.sc.torrent
2016-01-13 12:45 - 2015-12-11 02:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 12:45 - 2015-12-11 02:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 12:45 - 2015-12-11 01:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 12:45 - 2015-12-11 01:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 12:45 - 2015-12-11 01:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 12:45 - 2015-12-11 01:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 12:45 - 2015-12-11 01:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 12:45 - 2015-12-11 01:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-13 12:45 - 2015-12-11 01:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 12:45 - 2015-12-11 01:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 12:45 - 2015-12-11 00:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 12:45 - 2015-12-11 00:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 12:45 - 2015-12-11 00:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-13 12:45 - 2015-12-11 00:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 12:45 - 2015-12-11 00:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 12:45 - 2015-12-11 00:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 12:45 - 2015-12-11 00:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 12:45 - 2015-12-11 00:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 12:45 - 2015-12-11 00:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 12:45 - 2015-12-11 00:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 12:45 - 2015-12-11 00:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 12:43 - 2015-12-02 13:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 12:43 - 2015-12-02 13:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 12:42 - 2015-12-05 03:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 12:42 - 2015-12-05 03:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-13 12:42 - 2015-12-03 15:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 12:42 - 2015-12-03 14:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 12:41 - 2015-12-30 17:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 12:41 - 2015-12-30 17:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 12:41 - 2015-12-30 17:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 12:41 - 2015-12-09 22:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 12:41 - 2015-12-07 08:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 01798480 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 12:41 - 2015-12-05 03:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 12:41 - 2015-12-05 03:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 12:41 - 2015-12-04 13:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 12:41 - 2015-12-03 17:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-13 12:41 - 2015-12-03 17:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-13 12:41 - 2015-12-03 17:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 12:41 - 2015-12-03 17:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-13 12:41 - 2015-12-03 17:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 12:41 - 2015-12-03 16:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-13 12:41 - 2015-12-03 16:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 12:41 - 2015-12-03 16:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-13 12:41 - 2015-12-03 16:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 12:41 - 2015-12-03 16:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 12:41 - 2015-12-03 16:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 12:41 - 2015-12-03 16:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 12:41 - 2015-12-03 16:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 12:41 - 2015-12-03 16:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 12:41 - 2015-12-03 16:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 12:41 - 2015-12-03 15:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 12:41 - 2015-12-03 15:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-13 12:41 - 2015-12-03 15:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 12:41 - 2015-12-03 15:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 12:41 - 2015-12-03 15:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 12:41 - 2015-12-03 15:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 12:41 - 2015-12-03 15:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 12:41 - 2015-12-03 15:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 12:41 - 2015-12-03 15:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-13 12:41 - 2015-12-03 15:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 12:41 - 2015-12-03 15:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 12:41 - 2015-12-03 15:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 12:41 - 2015-12-03 15:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 12:41 - 2015-12-03 14:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 12:41 - 2015-12-03 14:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 12:41 - 2015-11-17 19:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 12:41 - 2015-11-17 19:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 12:40 - 2015-12-08 17:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 12:40 - 2015-12-08 17:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-11 12:12 - 2016-01-16 17:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-11 12:12 - 2016-01-11 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-11 12:11 - 2016-01-11 12:11 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Wlader\Downloads\SkypeSetup.exe
2016-01-10 17:42 - 2016-01-10 17:42 - 06698008 _____ (Tribo Gamer Brasil®) C:\Users\Wlader\Downloads\ff13_br-v1.01[].exe
2016-01-10 17:41 - 2016-01-10 17:41 - 00979424 _____ (Internet ) C:\Users\Wlader\Downloads\ff13_br-v1.01[www.tribogamer.com].exe
2016-01-10 11:59 - 2016-01-30 14:48 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\uTorrent
2016-01-09 21:11 - 2016-01-09 22:05 - 00000000 ____D C:\Users\Wlader\Downloads\Hércules (2014) BRrip 1080p 6 Ch Dublado - AndreTPF
2016-01-09 16:16 - 2016-01-09 16:28 - 00000000 ____D C:\Users\Wlader\Downloads\Dragon Ball Z - A Batalha Dos Deuses (2013) BDrip 1080p Dublado - AndreTPF
2016-01-09 15:59 - 2016-01-09 15:59 - 00023159 _____ C:\Users\Wlader\Downloads\Darksiders.II.Deathinitive.Edition.torrent
2016-01-07 09:03 - 2016-01-07 09:25 - 00000000 ____D C:\Users\Wlader\Downloads\Batman - O Cavaleiro Das Trevas (2008)
2016-01-07 02:40 - 2016-01-07 02:40 - 00000000 ____D C:\Users\Wlader\Documents\Modelos Personalizados do Office
2016-01-05 23:24 - 2016-01-05 23:37 - 00000000 ____D C:\Users\Wlader\Downloads\Batman-O Cavaleiro Das Trevas Ressurge
2016-01-05 23:18 - 2016-01-06 15:14 - 00000000 ____D C:\Users\Wlader\Downloads\Birdman - A Inesperada Virtude Da Ignorância (2015) BRrip Blu-Ray 1080p 5.1 Ch Dublado - AndreTPF
2016-01-05 01:27 - 2016-01-05 12:43 - 00000000 ____D C:\Users\Wlader\Downloads\Vingadores.Era.de.Ultron.2015.1080p.BluRay.Dual-WOLVERDONFILMES.COM
2016-01-04 17:03 - 2016-01-30 17:27 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-01-04 17:03 - 2016-01-04 17:03 - 00001024 _____ C:\.rnd
2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ____D C:\Program Files\Diebold
2016-01-04 17:03 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-01-04 17:00 - 2016-01-30 17:27 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-04 17:00 - 2016-01-05 16:13 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-04 17:00 - 2016-01-05 16:13 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-04 17:00 - 2016-01-04 17:00 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-01-04 17:00 - 2016-01-04 17:00 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-01-04 10:47 - 2016-01-30 18:23 - 00000000 ____D C:\Users\Todos os Usuários\BavSvc_exe
2016-01-04 10:47 - 2016-01-30 18:23 - 00000000 ____D C:\ProgramData\BavSvc_exe
2016-01-02 14:36 - 2016-01-02 14:36 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-01-01 13:51 - 2015-07-30 12:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-01 13:51 - 2015-07-30 11:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-01 13:26 - 2014-06-09 20:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-01-01 13:26 - 2014-06-09 20:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-12-31 21:39 - 2015-12-31 21:39 - 00000000 ____D C:\Users\Wlader\Documents\Aspyr
2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-31 17:47 - 2015-12-31 17:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-31 17:47 - 2015-12-31 17:47 - 00000000 ____D C:\Program Files\MSBuild
2015-12-31 17:36 - 2013-08-03 02:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-12-31 17:33 - 2013-08-03 02:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-12-31 17:18 - 2015-12-31 17:18 - 00000773 _____ C:\Users\Wlader\Desktop\Star Wars The Force Unleashed.lnk
2015-12-31 16:46 - 2015-12-31 16:46 - 00000000 ____D C:\Users\Wlader\AppData\Local\Aspyr
2015-12-31 10:55 - 2015-12-31 11:38 - 00000000 ____D C:\Users\Wlader\Downloads\Missão Impossível - Protocolo Fantasma (2011) 720p BrRip (Dual Audio)
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-30 18:25 - 2015-09-19 16:27 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Skype
2016-01-30 18:20 - 2015-11-29 12:18 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-30 18:15 - 2015-08-16 14:38 - 00000964 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-30 17:43 - 2015-09-25 19:48 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-30 17:32 - 2015-06-02 21:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1433210940-3313559613-2812674987-1001
2016-01-30 17:27 - 2015-11-29 12:18 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-30 17:27 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-30 17:26 - 2015-06-04 17:14 - 00000292 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Wlader.job
2016-01-30 17:26 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-30 17:24 - 2015-06-04 17:14 - 00002394 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Wlader
2016-01-30 17:21 - 2015-12-21 13:37 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Baidu
2016-01-30 17:21 - 2015-10-19 16:59 - 00000000 ____D C:\Users\Todos os Usuários\Baidu
2016-01-30 17:21 - 2015-10-19 16:59 - 00000000 ____D C:\ProgramData\Baidu
2016-01-30 15:38 - 2015-10-13 00:38 - 00000278 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
2016-01-30 15:38 - 2015-06-02 21:16 - 00000000 ____D C:\Users\Wlader
2016-01-30 15:31 - 2015-06-03 11:20 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-01-30 15:31 - 2015-06-03 11:20 - 00000000 ____D C:\ProgramData\IObit
2016-01-30 15:19 - 2015-06-02 21:16 - 00000000 ____D C:\Users\Wlader\AppData\Local\Packages
2016-01-30 14:48 - 2015-06-04 18:16 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\uTorrent
2016-01-30 14:31 - 2015-08-22 10:06 - 00000952 _____ C:\Users\Public\Desktop\The Witcher Enhanced Edition Director's Cut.lnk
2016-01-30 14:31 - 2015-06-08 21:51 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-30 14:31 - 2015-06-03 11:12 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-30 14:31 - 2015-06-02 21:17 - 00001434 _____ C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-30 14:25 - 2015-08-15 09:37 - 00001146 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
2016-01-28 17:36 - 2015-06-03 11:44 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-01-28 17:36 - 2015-06-03 11:44 - 00000000 ____D C:\ProgramData\Oracle
2016-01-28 17:16 - 2015-06-03 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-28 17:16 - 2015-06-03 11:44 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-28 17:14 - 2015-06-03 11:45 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-27 19:20 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-01-27 19:19 - 2015-07-05 13:40 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-01-26 18:24 - 2015-06-03 11:20 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-01-26 18:24 - 2015-06-03 11:20 - 00000000 ____D C:\ProgramData\ProductData
2016-01-25 12:54 - 2015-06-04 17:40 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\vlc
2016-01-25 12:52 - 2015-06-11 22:56 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\dvdcss
2016-01-21 22:49 - 2015-06-04 23:48 - 00000000 ____D C:\Users\Wlader\Documents\The Witcher 3
2016-01-20 12:43 - 2015-09-25 19:48 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-20 12:43 - 2015-08-16 14:38 - 00003924 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-16 17:42 - 2015-08-01 15:47 - 00000000 ____D C:\Users\Wlader\Documents\samsung
2016-01-16 17:42 - 2015-06-08 22:04 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Mozilla
2016-01-16 17:42 - 2015-06-03 11:11 - 00000000 ____D C:\Users\Wlader\AppData\Local\Google
2016-01-16 17:42 - 2015-06-03 11:11 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-16 17:42 - 2015-06-03 09:14 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-01-16 17:42 - 2015-06-03 09:14 - 00000000 ____D C:\ProgramData\Adobe
2016-01-16 17:28 - 2015-07-05 13:40 - 00003306 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2016-01-16 17:28 - 2015-07-05 13:40 - 00002968 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2016-01-16 17:28 - 2015-07-05 13:40 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-01-16 17:27 - 2015-07-30 14:59 - 00000000 ____D C:\Program Files (x86)\AIMP3
2016-01-15 08:29 - 2015-06-09 21:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 08:27 - 2015-06-09 21:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 20:20 - 2015-08-22 10:07 - 00000000 ____D C:\Users\Wlader\AppData\Local\The Witcher
2016-01-14 09:09 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache
2016-01-13 22:46 - 2014-03-18 08:32 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-13 22:46 - 2014-03-18 07:45 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2016-01-13 22:46 - 2014-03-18 07:45 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2016-01-13 13:58 - 2015-11-27 20:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 13:58 - 2015-11-27 20:58 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-13 13:06 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-13 13:04 - 2015-10-12 15:34 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:00 - 2015-10-12 15:34 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-12 19:30 - 2015-09-20 11:40 - 00000000 ____D C:\Users\Wlader\Documents\WB Games
2016-01-11 12:12 - 2015-09-19 16:26 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-01-11 12:12 - 2015-09-19 16:26 - 00000000 ____D C:\ProgramData\Skype
2016-01-07 01:21 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\NDF
2016-01-05 18:04 - 2015-11-27 21:13 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 18:04 - 2015-11-27 21:13 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-05 16:13 - 2013-08-22 12:44 - 00482456 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-04 17:05 - 2015-12-23 12:52 - 00000000 ____D C:\Users\Wlader\AppData\Local\VirtualStore
2016-01-04 17:04 - 2015-06-03 10:21 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-01-04 17:04 - 2015-06-03 10:21 - 00000000 ____D C:\ProgramData\Temp
2015-12-31 19:28 - 2015-06-03 11:41 - 00000000 __SHD C:\Users\Wlader\AppData\LocalLow\EmieUserList
2015-12-31 18:56 - 2015-08-22 10:11 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2015-12-31 18:56 - 2015-08-22 10:11 - 00000000 ____D C:\Program Files (x86)\GameVicio
2015-12-31 17:48 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-12-31 17:48 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\MUI
==================== Arquivos na raiz de alguns diretórios =======
2015-09-13 15:26 - 2015-09-13 15:26 - 0004608 _____ () C:\Users\Wlader\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-04 20:50 - 2015-11-04 20:50 - 0140952 _____ () C:\ProgramData\appaskdetech.sys
2015-11-04 20:50 - 2015-11-04 20:50 - 0414456 _____ () C:\ProgramData\FAODDGLCSSPE.dat
2016-01-30 14:28 - 2016-01-30 14:28 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FAODDGLCSSPE.dat
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\FAODDGLCSSPE.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
Alguns arquivos em TEMP:
====================
C:\Users\Wlader\AppData\Local\Temp\0YLG829TIG.exe
C:\Users\Wlader\AppData\Local\Temp\1454181713.exe
C:\Users\Wlader\AppData\Local\Temp\30CF.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\355F.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\37DC.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\45B9.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\69AA.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\760C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\7CF7.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\A38C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\A502.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\A9EA.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\atdl.exe
C:\Users\Wlader\AppData\Local\Temp\C463.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\CA5C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\CB07.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\CE4C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\D4A5.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\D4A9.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\D698.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DB0C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DD30.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DEC0.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\DOABUOFC2N.exe
C:\Users\Wlader\AppData\Local\Temp\E9EA.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\EBE2.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\EF44.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\FF93.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\ICReinstall_760C.tmp.exe
C:\Users\Wlader\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Wlader\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe
C:\Users\Wlader\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74672_Silence.exe
C:\Users\Wlader\AppData\Local\Temp\set.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-27 19:44
==================== Fim de FRST.txt ============================