cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:27-01-2016
Executado por Carol (administrador) em NOTE-ACER (31-01-2016 18:36:37)
Executando a partir de D:\Carol\Desktop
Perfis Carregados: Carol (Perfis Disponíveis: Carol & Sérgio)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Goobzo) C:\Program Files (x86)\YTDownloader\BrowserHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2031232 2016-01-25] (Hola Networks Ltd.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LightGate] => C:\Users\S�io\AppData\Local\Temp\LightGate.exe <===== ATENÇÃO
HKLM-x32\...\Run: [HomePageHelper] => C:\ProgramData\HomePage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME)
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\A3FB110AD80824E309242083833A556D.dll Start /DEFAULT
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{7DC0C224-A0A0-4E57-8B9A-5EEED53745AD}: [DhcpNameServer] 192.168.25.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CtAtBtDtCtB0DzztAyBtN0D0Tzu0StCyEzytCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyE0B0A0D0FtAzyyEtGtDtA0B0EtGyByEtDtCtGtDzz0F0CtGtD0DyByEtAyBzzyEzyyByEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtBzz0CzzzytCtCtGtDyEtDtCtGyEzyyC0AtG0AyD0CzztGzz0F0DtCzzyEtD0C0D0FzytB2QtN0A0LzuyE%26cr%3D866995575%26a%3Dwbf_nwmeddnld_16_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CtAtBtDtCtB0DzztAyBtN0D0Tzu0StCyEzytCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyE0B0A0D0FtAzyyEtGtDtA0B0EtGyByEtDtCtGtDzz0F0CtGtD0DyByEtAyBzzyEzyyByEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtBzz0CzzzytCtCtGtDyEtDtCtGyEzyyC0AtG0AyD0CzztGzz0F0DtCzzyEtD0C0D0FzytB2QtN0A0LzuyE%26cr%3D866995575%26a%3Dwbf_nwmeddnld_16_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-2999380129-4172000163-3070118981-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2999380129-4172000163-3070118981-1000 -> DefaultScope {3EF6198D-00B4-4A41-9C8F-87A58A41974D} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2999380129-4172000163-3070118981-1000 -> {3EF6198D-00B4-4A41-9C8F-87A58A41974D} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-06-15] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-06-15] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-06-15] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-06-15] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Carol\AppData\Roaming\Mozilla\Firefox\Profiles\gtz52ocd.default
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFPlgn => não encontrado (a)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo
CHR Profile: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Google Drive) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Planilhas do Google) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-31]
CHR Extension: (Documentos Google off-line) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-31]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-31]
CHR Extension: (Gmail) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2016-01-31]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2016-01-31]
StartMenuInternet: Google Chrome - chrome.exe

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BrsHelper; C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-01-31] (TODO: ) [Arquivo não assinado]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8126592 2016-01-25] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8126592 2016-01-25] (Hola Networks Ltd.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [244664 2016-01-31] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [Arquivo não assinado]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-10-22] (YTDownloader)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-31 18:36 - 2016-01-31 18:36 - 00000000 ____D C:\FRST
2016-01-31 18:25 - 2016-01-31 18:30 - 00000000 ____D C:\Users\Carol\AppData\Local\BrowserHelper
2016-01-31 18:24 - 2016-01-31 18:24 - 00000000 ____D C:\Program Files\WajaNetEn
2016-01-31 18:24 - 2016-01-31 18:24 - 00000000 ____D C:\Program Files (x86)\version09CheckMeUp
2016-01-31 18:24 - 2016-01-31 18:24 - 00000000 ____D C:\Program Files (x86)\Uniblue
2016-01-31 18:24 - 2016-01-31 18:24 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-01-31 17:56 - 2016-01-31 17:56 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2016-01-31 17:56 - 2016-01-31 17:56 - 00000000 ____D C:\Users\Todos os Usuários\Norton
2016-01-31 17:56 - 2016-01-31 17:56 - 00000000 ____D C:\ProgramData\Norton
2016-01-31 17:56 - 2016-01-31 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2016-01-31 17:56 - 2016-01-31 17:56 - 00000000 ____D C:\Program Files (x86)\Norton Security
2016-01-31 17:55 - 2016-01-31 17:55 - 00000000 ____D C:\Users\Todos os Usuários\NortonInstaller
2016-01-31 17:55 - 2016-01-31 17:55 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-01-31 17:55 - 2016-01-31 17:55 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-01-31 17:53 - 2016-01-31 17:53 - 00000000 ____D C:\Users\Carol\AppData\Local\Chromium
2016-01-31 17:53 - 2016-01-31 17:53 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-01-31 17:50 - 2016-01-31 17:54 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Mozilla
2016-01-31 17:50 - 2016-01-31 17:50 - 00000000 ____D C:\Users\Carol\AppData\Local\Mozilla
2016-01-31 17:49 - 2016-01-31 17:49 - 00003436 _____ C:\Windows\System32\Tasks\Niwevsor
2016-01-31 17:49 - 2016-01-31 17:49 - 00000000 ____D C:\Users\Carol\AppData\Local\WebShield
2016-01-31 17:48 - 2016-01-31 17:48 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2016-01-31 17:48 - 2016-01-31 17:48 - 00000000 ____D C:\ProgramData\ByteFence
2016-01-31 17:47 - 2016-01-31 17:47 - 00003484 _____ C:\Windows\System32\Tasks\Varredura ByteFence
2016-01-31 17:47 - 2016-01-31 17:47 - 00003342 _____ C:\Windows\System32\Tasks\ByteFence
2016-01-31 17:46 - 2016-01-31 17:56 - 00000000 ____D C:\ProfessionalCleaningSoftware
2016-01-31 17:46 - 2016-01-31 17:46 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-31 17:46 - 2016-01-31 17:46 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-01-31 17:45 - 2016-01-31 18:00 - 00000000 ____D C:\Program Files\ByteFence
2016-01-31 17:45 - 2016-01-31 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2016-01-31 17:45 - 2016-01-31 17:45 - 00000000 ____D C:\Program Files (x86)\Pro PC Cleaner
2016-01-31 17:42 - 2016-01-31 17:42 - 00000000 ____D C:\Users\Carol\AppData\Local\VS Revo Group
2016-01-31 17:37 - 2016-01-31 17:37 - 00000000 ____D C:\Users\Carol\AppData\Roaming\LightGate
2016-01-31 17:35 - 2016-01-31 17:35 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Baidu
2016-01-31 17:28 - 2016-01-31 17:28 - 00000000 ____D C:\Google
2016-01-31 17:24 - 2016-01-31 18:26 - 00001171 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-31 17:24 - 2016-01-31 18:26 - 00001159 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-31 17:24 - 2016-01-31 17:31 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Mozilla
2016-01-31 17:24 - 2016-01-31 17:25 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Mozilla
2016-01-31 17:24 - 2016-01-31 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-31 17:24 - 2016-01-31 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-31 17:01 - 2016-01-31 18:26 - 00002294 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-31 17:01 - 2016-01-31 18:26 - 00002265 ____R C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-31 17:00 - 2016-01-31 18:25 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-31 17:00 - 2016-01-31 18:05 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-31 17:00 - 2016-01-31 17:00 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-31 17:00 - 2016-01-31 17:00 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 16:59 - 2016-01-31 17:00 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Deployment
2016-01-31 16:59 - 2016-01-31 16:59 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Apps\2.0
2016-01-31 16:25 - 2016-01-31 18:23 - 00001115 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-01-31 16:25 - 2016-01-31 16:25 - 00000000 ____D C:\Users\Todos os Usuários\VS Revo Group
2016-01-31 16:25 - 2016-01-31 16:25 - 00000000 ____D C:\Users\Sérgio\AppData\Local\VS Revo Group
2016-01-31 16:25 - 2016-01-31 16:25 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-01-31 16:25 - 2016-01-31 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-01-31 16:25 - 2016-01-31 16:25 - 00000000 ____D C:\Program Files\VS Revo Group
2016-01-31 16:25 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2016-01-31 16:20 - 2016-01-31 16:20 - 00003132 _____ C:\Windows\System32\Tasks\{118CB0F2-9EE7-408C-B4EE-9D556A1F0D21}
2016-01-31 15:48 - 2016-01-31 18:23 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-31 15:48 - 2016-01-31 17:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-31 15:48 - 2016-01-31 15:48 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-01-31 15:48 - 2016-01-31 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-31 15:48 - 2016-01-31 15:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-31 15:48 - 2016-01-31 15:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-31 15:48 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-31 15:48 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-31 15:48 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-31 15:42 - 2016-01-31 17:35 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-01-31 15:42 - 2016-01-31 17:35 - 00000000 ____D C:\ProgramData\baidu
2016-01-31 15:41 - 2016-01-31 15:41 - 00000000 ____D C:\Windows\system32\suh
2016-01-31 15:40 - 2016-01-31 16:17 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\GenwXyere
2016-01-31 15:40 - 2016-01-31 15:41 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Tempfolder
2016-01-31 15:40 - 2016-01-31 15:40 - 00003342 _____ C:\Windows\System32\Tasks\Iageud
2016-01-31 15:39 - 2016-01-31 15:45 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\LightGate
2016-01-31 15:39 - 2016-01-31 15:40 - 00000008 _____ C:\END
2016-01-31 15:38 - 2016-01-31 18:23 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-01-31 15:38 - 2016-01-31 18:23 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-01-31 15:38 - 2016-01-31 18:23 - 00000000 ____D C:\Program Files (x86)\osTip
2016-01-31 15:38 - 2016-01-31 15:38 - 01736192 _____ C:\Users\Todos os Usuários\upgsvr.exe
2016-01-31 15:38 - 2016-01-31 15:38 - 01736192 _____ C:\ProgramData\upgsvr.exe
2016-01-31 15:38 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-01-31 15:38 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-01-31 15:37 - 2016-01-31 15:38 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-01-31 15:37 - 2016-01-31 15:38 - 00000000 ____D C:\ProgramData\Windows Update
2016-01-31 15:37 - 2016-01-31 15:37 - 00009441 _____ C:\Users\Todos os Usuários\webad.xml
2016-01-31 15:37 - 2016-01-31 15:37 - 00009441 _____ C:\ProgramData\webad.xml
2016-01-31 15:37 - 2015-12-10 15:43 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2016-01-31 15:37 - 2015-12-10 15:43 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-01-31 15:37 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-01-31 15:37 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-01-31 15:36 - 2016-01-31 16:18 - 00001383 _____ C:\Users\Sérgio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-31 15:35 - 2016-01-31 17:38 - 00000000 ____D C:\Users\Sérgio\AppData\LocalLow\Company
2016-01-31 15:35 - 2016-01-31 15:35 - 00003342 _____ C:\Windows\System32\Tasks\Amycdal
2016-01-31 15:30 - 2016-01-31 15:27 - 00000967 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-01-31 15:29 - 2016-01-31 17:38 - 00000000 ____D C:\Program Files (x86)\7C8D40E8-1454261399-E111-8420-DC0EA1C32012
2016-01-31 15:29 - 2016-01-31 15:29 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-01-31 15:29 - 2016-01-31 15:29 - 00000000 ____D C:\Windows\system32\Macromed
2016-01-31 15:26 - 2016-01-31 15:27 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Chromium
2016-01-30 15:48 - 2016-01-31 18:23 - 00001109 _____ C:\Users\Public\Desktop\B1 Free Archiver.lnk
2016-01-30 15:48 - 2016-01-30 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B1 Free Archiver
2016-01-30 15:46 - 2016-01-31 16:35 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-01-30 15:46 - 2016-01-31 16:35 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-30 15:45 - 2016-01-31 14:16 - 00000000 ____D C:\Program Files (x86)\B1 Free Archiver
2016-01-29 15:56 - 2016-01-30 18:53 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Skype
2016-01-28 23:04 - 2016-01-31 18:24 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-01-28 23:04 - 2016-01-31 18:23 - 00000965 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-01-28 23:04 - 2016-01-28 23:05 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-01-28 22:58 - 2016-01-29 00:36 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Audacity
2016-01-28 22:58 - 2016-01-28 22:58 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Audacity
2016-01-25 21:31 - 2016-01-25 21:38 - 00000000 ____D C:\Users\Sérgio\AppData\Local\SkypePlugin
2016-01-25 21:22 - 2016-01-25 21:22 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Hola
2016-01-25 21:22 - 2016-01-25 21:22 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Hola
2016-01-25 21:22 - 2016-01-25 21:22 - 00000000 ____D C:\Users\S\u00c3
2016-01-25 21:22 - 2016-01-25 21:22 - 00000000 ____D C:\Users\S
2016-01-25 21:21 - 2016-01-31 18:24 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-01-25 21:21 - 2016-01-25 21:21 - 00000000 ____D C:\Program Files\Hola
2016-01-25 21:19 - 2016-01-25 21:19 - 00003158 _____ C:\Windows\System32\Tasks\{76D1320C-5C58-4A65-B476-FB5230F1A710}
2016-01-24 17:08 - 2016-01-24 17:08 - 00003160 _____ C:\Windows\System32\Tasks\{9EC8A845-FF93-4CA2-B955-E8E89865FB66}
2016-01-21 11:05 - 2016-01-21 11:05 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Apple Computer
2016-01-14 11:50 - 2016-01-31 16:18 - 00002601 _____ C:\Users\Sérgio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-01-14 11:50 - 2016-01-30 21:55 - 00000000 ____D C:\Users\Sérgio\AppData\LocalLow\uTorrent
2016-01-14 11:47 - 2016-01-31 01:26 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\uTorrent
2016-01-06 22:41 - 2016-01-06 22:41 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Microsoft Help
2015-12-07 04:33 - 2016-01-12 11:21 - 00000000 ____D C:\Users\Carol\AppData\LocalLow\uTorrent
2015-12-05 16:19 - 2015-12-05 16:19 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Media Player Classic
2015-12-05 12:55 - 2015-12-05 12:55 - 00000000 ____D C:\Program Files\fotos polaka xxx
2015-12-05 10:08 - 2015-12-05 10:08 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Apple
2015-11-25 13:32 - 2015-11-25 13:32 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Adobe
2015-11-25 13:32 - 2015-11-25 13:32 - 00000000 ____D C:\Users\Sérgio\AppData\LocalLow\Adobe
2015-11-25 13:32 - 2015-11-25 13:32 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Adobe
2015-11-25 13:08 - 2016-01-21 11:06 - 00000000 ____D C:\Users\Sérgio\AppData\Roaming\Apple Computer
2015-11-22 02:06 - 2015-11-22 02:06 - 00116940 ____H C:\Windows\system32\mlfcache.dat
2015-11-22 01:50 - 2015-11-22 02:03 - 00000000 ____D C:\Users\Carol\AppData\Roaming\WindSolutions
2015-11-22 01:50 - 2015-11-22 01:53 - 00000000 ____D C:\Users\Todos os Usuários\WindSolutions
2015-11-22 01:50 - 2015-11-22 01:53 - 00000000 ____D C:\ProgramData\WindSolutions
2015-11-22 01:50 - 2015-11-22 01:50 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-11-22 00:50 - 2016-01-31 18:26 - 00000000 ___RD C:\Users\Carol\iCloudDrive
2015-11-22 00:50 - 2015-11-22 00:50 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2015-11-22 00:50 - 2015-11-22 00:50 - 00000000 ____D C:\Users\Carol\AppData\Local\Apple Inc
2015-11-22 00:27 - 2015-11-22 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-11-21 22:42 - 2016-01-31 18:23 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-21 22:42 - 2015-11-22 01:01 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Apple Computer
2015-11-21 22:42 - 2015-11-22 00:28 - 00000000 ____D C:\Users\Carol\AppData\Local\Apple Computer
2015-11-21 22:42 - 2015-11-21 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-21 22:41 - 2015-11-21 22:42 - 00000000 ____D C:\Program Files\iTunes
2015-11-21 22:41 - 2015-11-21 22:41 - 00000000 ____D C:\Users\Todos os Usuários\Apple Computer
2015-11-21 22:41 - 2015-11-21 22:41 - 00000000 ____D C:\ProgramData\Apple Computer
2015-11-21 22:41 - 2015-11-21 22:41 - 00000000 ____D C:\Program Files\iPod
2015-11-21 22:41 - 2015-11-21 22:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-21 22:40 - 2016-01-31 18:24 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-21 22:40 - 2015-11-22 00:55 - 00000000 ____D C:\Users\Carol\AppData\Local\Apple
2015-11-21 22:40 - 2015-11-21 22:40 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-11-21 22:40 - 2015-11-21 22:40 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-11-21 22:39 - 2015-11-21 22:39 - 00000000 ____D C:\Program Files\Bonjour
2015-11-21 22:39 - 2015-11-21 22:39 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-11-21 22:38 - 2015-11-22 00:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-21 22:38 - 2015-11-21 22:39 - 00000000 ____D C:\Users\Todos os Usuários\Apple
2015-11-21 22:38 - 2015-11-21 22:39 - 00000000 ____D C:\ProgramData\Apple
2015-11-11 23:06 - 2016-01-07 18:22 - 00000000 ____D C:\Windows\system32\appmgmt
2015-11-10 00:36 - 2015-11-10 00:36 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Adobe
2015-11-10 00:36 - 2015-11-10 00:36 - 00000000 ____D C:\Users\Carol\AppData\LocalLow\Adobe
2015-11-10 00:36 - 2015-11-10 00:36 - 00000000 ____D C:\Users\Carol\AppData\Local\Adobe
2015-11-09 18:37 - 2015-11-09 18:37 - 00000000 ____D C:\Users\Carol\Tracing
2015-11-07 14:02 - 2015-11-07 14:10 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2015-11-07 14:02 - 2015-11-07 14:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-11-07 14:02 - 2015-11-07 14:02 - 00000000 ____D C:\Users\Carol\AppData\Local\Bluestacks
2015-11-05 18:14 - 2016-01-13 16:41 - 00000000 ____D C:\Users\Sérgio\AppData\Local\ElevatedDiagnostics
2015-11-04 19:48 - 2015-11-04 19:48 - 00000000 ____D C:\Users\Todos os Usuários\AMMYY
2015-11-04 19:48 - 2015-11-04 19:48 - 00000000 ____D C:\ProgramData\AMMYY
2015-11-02 00:17 - 2015-11-02 00:17 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Media Player Classic

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-31 18:33 - 2009-07-14 02:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-31 18:33 - 2009-07-14 02:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-31 18:26 - 2015-10-07 23:22 - 00002898 _____ C:\Windows\System32\Tasks\AutoKMS
2016-01-31 18:26 - 2015-10-07 23:22 - 00000268 _____ C:\Windows\Tasks\AutoKMS.job
2016-01-31 18:25 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-31 18:24 - 2015-10-23 21:07 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-31 18:24 - 2015-10-07 20:12 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-01-31 18:24 - 2015-10-07 20:12 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-01-31 18:24 - 2009-07-14 02:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-31 18:24 - 2009-07-14 02:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-01-31 18:24 - 2009-07-14 02:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-01-31 18:24 - 2009-07-14 02:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-01-31 18:24 - 2009-07-14 02:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-01-31 18:23 - 2015-11-01 23:57 - 00002596 _____ C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-01-31 18:23 - 2015-10-23 21:12 - 00000622 _____ C:\Users\Carol\Desktop\Brasfoot2015.lnk
2016-01-31 18:23 - 2015-10-23 21:07 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-01-31 18:23 - 2015-10-23 18:51 - 00000874 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2016-01-31 18:23 - 2015-10-07 20:35 - 00001423 _____ C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-31 18:23 - 2015-10-07 20:35 - 00001389 _____ C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-01-31 18:23 - 2009-07-14 03:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-01-31 18:23 - 2009-07-14 02:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-01-31 18:19 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\AppCompat
2016-01-31 17:45 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-31 17:45 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-01-31 17:38 - 2015-10-08 21:19 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Google
2016-01-31 17:01 - 2015-10-07 23:46 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-31 16:18 - 2015-10-23 21:12 - 00000622 _____ C:\Users\Sérgio\Desktop\Brasfoot2015.lnk
2016-01-31 16:18 - 2015-10-08 21:20 - 00001389 _____ C:\Users\Sérgio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-01-31 15:31 - 2009-07-14 00:34 - 00000505 _____ C:\Windows\win.ini
2016-01-30 18:57 - 2015-10-08 20:50 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-01-30 18:57 - 2015-10-08 20:50 - 00000000 ____D C:\ProgramData\Skype
2016-01-24 16:24 - 2011-04-12 11:40 - 00703580 _____ C:\Windows\system32\prfh0416.dat
2016-01-24 16:24 - 2011-04-12 11:40 - 00146366 _____ C:\Windows\system32\prfc0416.dat
2016-01-24 16:24 - 2009-07-14 03:13 - 01628224 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-24 16:24 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-13 17:14 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-13 14:44 - 2015-10-25 15:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-13 05:10 - 2015-11-01 23:56 - 00000000 ____D C:\Users\Carol\AppData\Roaming\uTorrent
2016-01-11 19:02 - 2015-10-08 20:52 - 00000000 ____D C:\Users\Carol\AppData\Roaming\Skype
2016-01-11 16:59 - 2015-10-08 20:53 - 00000000 ____D C:\Users\Carol\AppData\Local\Skype
2016-01-08 15:09 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-07 13:52 - 2015-10-13 20:20 - 00000000 ____D C:\Users\Sérgio\AppData\Local\Skype
2016-01-06 22:41 - 2015-10-07 22:56 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help

==================== Arquivos na raiz de alguns diretórios =======

2016-01-31 15:38 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-01-31 15:37 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-01-31 15:38 - 2016-01-31 15:38 - 1736192 _____ () C:\ProgramData\upgsvr.exe
2016-01-31 15:37 - 2016-01-31 15:37 - 0009441 _____ () C:\ProgramData\webad.xml
2016-01-31 15:37 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\upgsvr.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\upgsvr.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe


Alguns arquivos em TEMP:
====================
C:\Users\Carol\AppData\Local\Temp\1454268923.exe
C:\Users\Sérgio\AppData\Local\Temp\Hola-Setup-x64-1.11.399.exe
C:\Users\Sérgio\AppData\Local\Temp\LightGate.exe
C:\Users\Sérgio\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sérgio\AppData\Local\Temp\tmpE927.tmp.exe
C:\Users\Sérgio\AppData\Local\Temp\upgsvr.exe
C:\Users\Sérgio\AppData\Local\Temp\YeaPlayer_br_IBD_Bundle.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll
[2015-10-16 00:12] - [2015-10-16 00:12] - 0357888 ____A (Microsoft Corporation) 2DE23366A42CFDA8F5A986CB0412EC05

C:\Windows\SysWOW64\dnsapi.dll
[2015-10-16 00:12] - [2015-10-16 00:12] - 0270336 ____A (Microsoft Corporation) 616F432355FFC62A47ECE8E351F1198B

C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-01-19 02:09

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité