cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:27-02-2016
Executado por vinicius (administrador) em VINICIUS-PC (27-02-2016 20:35:19)
Executando a partir de C:\Users\vinicius\Downloads
Perfis Carregados: vinicius (Perfis Disponíveis: vinicius)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Users\vinicius\AppData\Roaming\ACEStream\updater\ace_update.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Users\vinicius\AppData\Roaming\ACEStream\engine\ace_engine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe [1571296 2015-12-28] (Tencent)
HKLM-x32\...\Run: [HomePageHelper] => C:\ProgramData\HomePage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [LightGate] => C:\ProgramData\LightGate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Run: [AceStream] => C:\Users\vinicius\AppData\Roaming\ACEStream\engine\ace_engine.exe [27000 2015-12-25] ()
HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT
HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME)
HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-09] ()
HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vinicius\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{63624BAC-619F-4FDB-A7C4-E74C8C1AB83D}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=288911f2dbbbe3aecddfc0e861dba709
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://minilua.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://minilua.com/
HKU\S-1-5-21-462682576-571085668-2278026942-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-462682576-571085668-2278026942-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://minilua.com/
HKU\S-1-5-21-462682576-571085668-2278026942-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://minilua.com/
HKU\S-1-5-21-462682576-571085668-2278026942-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://minilua.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-462682576-571085668-2278026942-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\vinicius\AppData\Roaming\Mozilla\Firefox\Profiles\6bbdn1rv.default
FF SelectedSearchEngine: mysites123
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1455725194&z=3bde0789926f15a9a14e1fag2zew5wfm5o3w3oae4g&from=tt4u&uid=ST500LT012-9WS142_W0VAZMT4XXXXW0VAZMT4
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-462682576-571085668-2278026942-1000: @acestream.net/acestreamplugin,version=3.1.0 -> C:\Users\vinicius\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)
FF user.js: detected! => C:\Users\vinicius\AppData\Roaming\Mozilla\Firefox\Profiles\6bbdn1rv.default\user.js [2016-02-27]
FF Extension: Cookies Export/import - C:\Users\vinicius\AppData\Roaming\Mozilla\Firefox\Profiles\6bbdn1rv.default\Extensions\CookiesIE@yahoo.com.xpi [2015-10-16]
FF HKU\S-1-5-21-462682576-571085668-2278026942-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\vinicius\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: Ace Stream Web Extension - C:\Users\vinicius\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2015-12-18]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mysites123.com/?type=hp&ts=1455725194&z=3bde0789926f15a9a14e1fag2zew5wfm5o3w3oae4g&from=tt4u&uid=ST500LT012-9WS142_W0VAZMT4XXXXW0VAZMT4
CHR DefaultSearchURL: Default -> hxxp://mysites123.com/web?type=ds&ts=1455725194&z=3bde0789926f15a9a14e1fag2zew5wfm5o3w3oae4g&from=tt4u&uid=ST500LT012-9WS142_W0VAZMT4XXXXW0VAZMT4&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mysites123
CHR Profile: C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-05]
CHR Extension: (Google Drive) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Google Search) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Documentos Google off-line) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-05]
CHR Extension: (NewTabTVPlus) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfkehjclaeiedfhhbjndggmjgiaieef [2015-11-01] [UpdateUrl: hxxps://clients2.googlee.com/service/update2/crx] <==== ATENÇÃO
CHR Extension: (Gmail) - C:\Users\vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-05]
CHR HKU\S-1-5-21-462682576-571085668-2278026942-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-20] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-12] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-03] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [Arquivo não assinado]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-27] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [179456 2016-02-27] (Intel Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-02-17] (SlimWare Utilities, Inc.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-27 20:35 - 2016-02-27 20:35 - 04161536 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-02-27 20:35 - 2016-02-27 20:35 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-02-27 20:35 - 2016-02-27 20:35 - 00070744 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-02-27 20:35 - 2016-02-27 20:35 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-02-27 20:34 - 2016-02-27 20:35 - 00000000 ____D C:\Windows\LastGood
2016-02-27 20:34 - 2016-02-27 20:34 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2016-02-27 20:34 - 2016-02-27 20:34 - 00179456 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-02-27 20:34 - 2016-02-27 20:34 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-02-27 20:34 - 2016-02-27 20:34 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-02-27 20:34 - 2016-02-27 20:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-02-27 20:02 - 2016-02-27 20:02 - 55582720 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-02-27 20:02 - 2016-02-27 20:02 - 41213952 _____ C:\Windows\system32\config\components.iobit
2016-02-27 20:02 - 2016-02-27 20:02 - 00184320 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-02-27 20:02 - 2016-02-27 20:02 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2016-02-27 20:02 - 2016-02-27 20:02 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-02-27 19:54 - 2016-02-27 19:54 - 00003196 _____ C:\Windows\System32\Tasks\SmartDefrag4_Startup
2016-02-27 19:54 - 2016-02-27 19:54 - 00003194 _____ C:\Windows\System32\Tasks\SmartDefrag4_Update
2016-02-27 19:54 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\SysWOW64\IObitSmartDefragExtension.dll
2016-02-27 19:54 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-02-27 19:54 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-02-27 19:54 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2016-02-27 19:53 - 2016-02-27 20:31 - 00002256 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-02-27 19:53 - 2016-02-27 19:53 - 00003192 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-02-27 19:53 - 2016-02-27 19:53 - 00002880 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_vinicius
2016-02-27 19:53 - 2016-02-27 19:53 - 00001170 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2016-02-27 19:53 - 2016-02-27 19:53 - 00000000 ____D C:\Users\Todos os Usuários\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-27 19:53 - 2016-02-27 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2016-02-27 19:53 - 2016-02-27 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-02-27 19:53 - 2016-02-27 19:53 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-27 19:51 - 2016-02-27 19:53 - 00002152 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-02-27 19:51 - 2016-02-27 19:51 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-02-27 19:51 - 2016-02-27 19:51 - 00003254 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-02-27 19:51 - 2016-02-27 19:51 - 00002916 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_vinicius
2016-02-27 19:51 - 2016-02-27 19:51 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (vinicius)
2016-02-27 19:51 - 2016-02-27 19:51 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-02-27 19:51 - 2016-02-27 19:51 - 00001354 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\Users\Todos os Usuários\BDLogging
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\Users\Todos os Usuários\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\Users\Todos os Usuários\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\ProgramData\BDLogging
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-02-27 19:51 - 2016-02-27 19:51 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-02-27 19:47 - 2016-02-27 19:54 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-02-27 19:47 - 2016-02-27 19:54 - 00000000 ____D C:\ProgramData\ProductData
2016-02-27 19:47 - 2016-02-27 19:47 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\ProductData
2016-02-27 19:46 - 2016-02-27 19:53 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\IObit
2016-02-27 19:46 - 2016-02-27 19:53 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-27 19:46 - 2016-02-27 19:51 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-02-27 19:46 - 2016-02-27 19:51 - 00000000 ____D C:\ProgramData\IObit
2016-02-27 19:46 - 2016-02-27 19:47 - 00000000 ____D C:\Users\vinicius\AppData\LocalLow\IObit
2016-02-27 19:46 - 2016-02-27 19:46 - 00001173 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-02-27 19:46 - 2016-02-27 19:46 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\Apple Computer
2016-02-27 19:46 - 2016-02-27 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-02-27 19:45 - 2016-02-27 19:45 - 29611802 _____ C:\Users\vinicius\Downloads\IObit Malware Fighter Pro 3.3.0.8 DC 07.08.2015.rar
2016-02-27 19:28 - 2016-02-27 20:35 - 00015861 _____ C:\Users\vinicius\Downloads\FRST.txt
2016-02-27 19:28 - 2016-02-27 19:31 - 00034273 _____ C:\Users\vinicius\Downloads\Addition.txt
2016-02-27 19:27 - 2016-02-27 20:35 - 00000000 ____D C:\FRST
2016-02-27 19:27 - 2016-02-27 19:27 - 02371072 _____ (Farbar) C:\Users\vinicius\Downloads\FRST64.exe
2016-02-27 19:26 - 2016-02-27 19:26 - 01722368 _____ (Farbar) C:\Users\vinicius\Downloads\FRST.exe
2016-02-27 19:26 - 2016-02-27 19:26 - 01722368 _____ (Farbar) C:\Users\vinicius\Downloads\FRST (1).exe
2016-02-17 14:35 - 2016-02-17 14:35 - 00003174 _____ C:\Windows\System32\Tasks\{93A4C8D9-B672-4317-9E6F-0C11CC18DD96}
2016-02-17 14:33 - 2016-02-17 14:33 - 00003174 _____ C:\Windows\System32\Tasks\{2E2086A1-9C7D-4974-AD3C-F48BF469E9B1}
2016-02-17 14:25 - 2016-02-17 14:25 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\wps
2016-02-17 14:23 - 2016-02-27 20:31 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2016-02-17 14:22 - 2016-02-17 14:36 - 00000000 ____D C:\Users\vinicius\AppData\Local\kingsoft
2016-02-17 14:17 - 2016-02-17 14:17 - 00003126 _____ C:\Windows\System32\Tasks\{9CD50BDD-C14C-43ED-B0C6-AE3EA8C3BD05}
2016-02-17 13:36 - 2016-02-17 13:36 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\LightGate
2016-02-17 13:17 - 2016-02-27 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DailyPCClean
2016-02-17 13:06 - 2016-02-17 13:06 - 00003346 _____ C:\Windows\System32\Tasks\Rifazy
2016-02-17 12:44 - 2016-02-17 12:44 - 00009441 _____ C:\Users\vinicius\AppData\Roaming\webad.xml
2016-02-17 12:35 - 2016-02-17 13:06 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\systweak
2016-02-17 12:25 - 2016-02-17 14:04 - 00001192 _____ C:\Users\vinicius\Desktop\Continue Last version Installation.lnk
2016-02-16 19:54 - 2016-02-16 19:54 - 00000161 _____ C:\Users\vinicius\AppData\Roaming\xcgui_debug.txt
2016-02-16 19:51 - 2016-02-16 19:51 - 00000046 _____ C:\Users\vinicius\AppData\Roaming\WB.CFG
2016-02-16 19:06 - 2016-02-17 14:25 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\kingsoft
2016-02-16 19:00 - 2016-02-17 14:28 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\Baidu
2016-02-16 19:00 - 2016-02-17 14:28 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-02-16 19:00 - 2016-02-17 14:28 - 00000000 ____D C:\ProgramData\baidu
2016-02-16 19:00 - 2016-02-17 13:27 - 00000000 ____D C:\Users\vinicius\AppData\LocalLow\Company
2016-02-16 19:00 - 2016-02-17 13:05 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\CecbeWew
2016-02-16 19:00 - 2016-02-16 19:01 - 00000000 ____D C:\Users\vinicius\AppData\Local\Tempfolder
2016-02-16 19:00 - 2016-02-16 19:00 - 00003346 _____ C:\Windows\System32\Tasks\Cipraa
2016-02-16 19:00 - 2016-02-16 19:00 - 00000000 ____D C:\Windows\system32\rozc
2016-02-16 19:00 - 2016-02-16 19:00 - 00000000 ____D C:\uninst
2016-02-16 18:58 - 2016-02-16 18:58 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\Tencent
2016-02-16 18:58 - 2016-02-16 18:58 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-02-16 18:58 - 2016-02-16 18:58 - 00000000 ____D C:\ProgramData\Tencent
2016-02-16 18:51 - 2016-02-16 18:51 - 00000000 ____D C:\Users\vinicius\AppData\Local\Setup2880879776
2016-02-16 18:49 - 2016-02-16 18:52 - 00000000 ____D C:\Users\vinicius\AppData\Local\lome
2016-02-16 18:49 - 2016-02-16 18:49 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-16 18:49 - 2016-02-16 18:49 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-02-16 18:49 - 2016-02-16 18:49 - 00000176 _____ C:\Users\vinicius\Desktop\Play Games Online.url
2016-02-16 18:49 - 2016-02-16 18:49 - 00000176 _____ C:\Users\vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2016-02-16 18:48 - 2016-02-16 18:48 - 05892175 _____ (MediaDownloader ) C:\Users\vinicius\Downloads\MediaDownloader.exe
2016-02-16 18:45 - 2016-02-16 18:52 - 00000000 ____D C:\Users\vinicius\AppData\Local\Setup Wizard
2016-02-16 18:45 - 2016-02-16 18:45 - 00001631 ____R C:\Yeabeats Browser.lnk
2016-02-16 18:45 - 2016-02-16 18:45 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\Macromedia
2016-02-16 18:44 - 2016-02-16 18:44 - 00003030 _____ C:\Windows\System32\Tasks\ttwifi
2016-02-16 18:44 - 2016-02-16 18:44 - 00002926 _____ C:\Windows\System32\Tasks\osTip
2016-02-16 18:44 - 2015-12-10 14:43 - 00600312 _____ C:\Users\vinicius\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-02-16 18:44 - 2015-11-25 14:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-02-16 18:44 - 2015-11-25 14:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-02-16 18:43 - 2016-02-17 14:05 - 00001777 ____R C:\Users\vinicius\Desktop\Yeabeats Browser.lnk
2016-02-16 18:43 - 2016-02-17 13:05 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-02-16 18:43 - 2016-02-17 13:05 - 00000000 ____D C:\ProgramData\Windows Update
2016-02-16 18:43 - 2016-02-16 18:44 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-16 18:43 - 2016-02-16 18:44 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-16 18:43 - 2016-02-16 18:43 - 00009441 _____ C:\Users\Todos os Usuários\webad.xml
2016-02-16 18:43 - 2016-02-16 18:43 - 00009441 _____ C:\ProgramData\webad.xml
2016-02-16 18:43 - 2016-02-16 18:43 - 00000000 ____D C:\Program Files (x86)\osTip
2016-02-16 18:43 - 2015-12-10 14:43 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2016-02-16 18:43 - 2015-12-10 14:43 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-02-16 18:43 - 2015-12-04 12:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-02-16 18:43 - 2015-12-04 12:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-02-16 18:43 - 2015-11-25 14:31 - 01100288 _____ C:\Users\vinicius\AppData\Roaming\HomePage.exe
2016-02-16 18:42 - 2016-02-16 18:40 - 00001253 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-02-16 18:41 - 2016-02-16 18:41 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-16 18:40 - 2016-02-16 18:41 - 00002976 _____ C:\Windows\System32\Tasks\svchost
2016-02-16 18:40 - 2016-02-16 18:40 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-16 18:40 - 2016-02-16 18:40 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-02-16 18:38 - 2016-02-17 14:36 - 00000000 ____D C:\Users\Todos os Usuários\kingsoft
2016-02-16 18:38 - 2016-02-17 14:36 - 00000000 ____D C:\ProgramData\kingsoft
2016-02-16 18:37 - 2016-02-17 13:27 - 00000000 ____D C:\Program Files (x86)\ppt
2016-02-14 18:42 - 2016-02-27 20:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-14 18:42 - 2016-02-14 18:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-14 18:42 - 2016-02-14 18:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-14 18:42 - 2016-02-14 18:42 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-14 18:42 - 2016-02-14 18:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-02-14 18:42 - 2016-02-14 18:42 - 00000000 ____D C:\Windows\system32\Macromed
2016-02-14 18:38 - 2016-02-14 18:38 - 00838236 _____ C:\Users\vinicius\Downloads\megacubo_setup.zip
2016-02-03 18:27 - 2016-02-03 18:27 - 00000031 _____ C:\Users\vinicius\Downloads\Conversa do WhatsApp com Iramaia.txt
2016-01-30 16:10 - 2016-01-30 16:11 - 38654410 _____ C:\Users\vinicius\Downloads\marcelo d2 canta bezerra.rar
2016-01-30 15:47 - 2016-01-30 16:10 - 275773771 _____ C:\Users\vinicius\Downloads\DJ GUGUINHA 2016 - SWINGUEIRA - FUNK - PAGODE - FORRO - AXE -CARNAVAL - IVETE - WESLEY SAFADAO - BEL MARQUES - TRIO DA HUANA - MARILIA MENDONCA - CHICLETE COM BANANA - PSIRICO.rar
2016-01-30 15:47 - 2016-01-30 15:59 - 58050259 _____ C:\Users\vinicius\Downloads\CD - Funk - Janeiro - 2016.rar
2016-01-30 15:47 - 2016-01-30 15:55 - 86348359 _____ C:\Users\vinicius\Downloads\Funk 2016.rar
2016-01-30 15:47 - 2016-01-30 15:48 - 03891853 _____ C:\Users\vinicius\Downloads\Nego do BorelJanela aberta - Baixar música funk atualizado 2016____.rar
2016-01-30 15:46 - 2016-01-30 16:08 - 83955922 _____ C:\Users\vinicius\Downloads\Marcelo D2 - Acústico MTV.rar
2016-01-30 15:46 - 2016-01-30 16:04 - 175088625 _____ C:\Users\vinicius\Downloads\Sertanejo Automotivo - 2016 - Dj Tiago Albuquerque.rar
2016-01-30 15:46 - 2016-01-30 15:52 - 51131013 _____ C:\Users\vinicius\Downloads\SELEÇÃO ARRIBA SAIA.rar
2016-01-30 15:45 - 2016-01-30 16:00 - 97579590 _____ C:\Users\vinicius\Downloads\ARLINDO CRUZ - As Melhores.rar

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-27 20:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-02-27 20:31 - 2015-11-14 19:27 - 00000000 ____D C:\Users\vinicius\Desktop\WinLov2.0.9
2016-02-27 20:31 - 2015-10-14 14:54 - 00000000 ____D C:\Users\vinicius\Desktop\Age of Empires II C
2016-02-27 20:31 - 2015-09-04 00:33 - 00000000 ____D C:\Windows\Panther
2016-02-27 20:23 - 2015-09-30 22:44 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-27 20:09 - 2009-07-14 01:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-27 20:09 - 2009-07-14 01:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-27 03:23 - 2015-09-30 22:44 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-26 19:57 - 2015-11-01 15:56 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\.ACEStream
2016-02-26 19:39 - 2011-04-12 11:20 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-02-24 19:57 - 2011-04-12 10:40 - 00706776 _____ C:\Windows\system32\prfh0416.dat
2016-02-24 19:57 - 2011-04-12 10:40 - 00148074 _____ C:\Windows\system32\prfc0416.dat
2016-02-24 19:57 - 2009-07-14 02:13 - 01638020 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-20 14:28 - 2015-09-30 22:51 - 00000416 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-02-19 19:25 - 2015-09-30 22:46 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-18 13:45 - 2015-09-30 22:44 - 00058016 _____ C:\Users\vinicius\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-17 14:28 - 2015-09-30 22:51 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-02-17 14:28 - 2015-09-30 22:51 - 00002848 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2016-02-17 14:28 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-17 14:28 - 2009-07-14 01:45 - 00268184 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-17 14:05 - 2015-10-16 21:27 - 00001207 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-17 14:05 - 2015-10-16 21:27 - 00001195 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-17 14:05 - 2015-09-30 22:46 - 00002229 ____R C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-17 14:04 - 2015-11-30 18:34 - 00001864 _____ C:\Users\Public\Desktop\Dedicated Server.lnk
2016-02-17 14:04 - 2015-11-30 18:32 - 00001848 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2016-02-17 14:04 - 2015-11-01 15:25 - 00002033 _____ C:\Users\vinicius\Desktop\Ace Stream Media Center.lnk
2016-02-17 14:04 - 2015-11-01 15:25 - 00001929 _____ C:\Users\vinicius\Desktop\Ace Player.lnk
2016-02-17 14:04 - 2015-10-14 19:12 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-17 14:04 - 2015-10-14 18:47 - 00002627 _____ C:\Users\vinicius\Desktop\µTorrent.lnk
2016-02-17 14:04 - 2015-10-14 18:45 - 00001064 _____ C:\Users\vinicius\Desktop\MEGAsync.lnk
2016-02-17 14:04 - 2015-10-04 18:50 - 00002038 _____ C:\Users\vinicius\Desktop\Popcorn Time.lnk
2016-02-17 14:04 - 2015-09-30 23:02 - 00000694 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2016-02-17 14:04 - 2015-09-30 22:51 - 00002461 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2016-02-17 14:04 - 2015-09-30 22:33 - 00001389 _____ C:\Users\vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-17 14:04 - 2015-09-30 22:33 - 00000879 _____ C:\Users\vinicius\Desktop\Downloads.lnk
2016-02-17 14:04 - 2015-09-30 22:33 - 00000359 _____ C:\Users\vinicius\Desktop\RecentPlaces.lnk
2016-02-17 14:04 - 2015-09-04 00:35 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-02-17 14:04 - 2015-09-04 00:35 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-02-17 14:04 - 2009-07-14 02:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-02-17 14:04 - 2009-07-14 01:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-17 14:04 - 2009-07-14 01:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-02-17 14:04 - 2009-07-14 01:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-02-17 14:04 - 2009-07-14 01:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-02-17 14:04 - 2009-07-14 01:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-02-17 14:02 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\Performance
2016-02-17 13:49 - 2015-10-14 19:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-17 13:09 - 2015-09-30 22:50 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-17 13:09 - 2015-09-30 22:50 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-17 13:06 - 2009-07-13 23:34 - 00000505 _____ C:\Windows\win.ini
2016-02-17 12:25 - 2015-10-04 13:52 - 00000000 ____D C:\Users\vinicius\AppData\Local\Popcorn-Time
2016-02-16 20:04 - 2015-10-04 13:52 - 00000000 ____D C:\Users\vinicius\AppData\Local\Popcorn Time
2016-02-16 18:49 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-02-16 18:49 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-16 18:40 - 2015-09-30 22:33 - 00000000 ____D C:\Users\vinicius\AppData\Roaming\Adobe
2016-02-16 18:40 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-02-08 14:31 - 2015-11-08 10:46 - 00000291 _____ C:\Users\vinicius\Desktop\Novo Documento de Texto (2).txt
2016-02-02 02:18 - 2015-09-30 22:44 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 02:18 - 2015-09-30 22:44 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Arquivos na raiz de alguns diretórios =======

2016-02-16 18:43 - 2015-11-25 14:31 - 1100288 _____ () C:\Users\vinicius\AppData\Roaming\HomePage.exe
2016-02-16 19:51 - 2016-02-16 19:51 - 0000046 _____ () C:\Users\vinicius\AppData\Roaming\WB.CFG
2016-02-17 12:44 - 2016-02-17 12:44 - 0009441 _____ () C:\Users\vinicius\AppData\Roaming\webad.xml
2016-02-16 19:54 - 2016-02-16 19:54 - 0000161 _____ () C:\Users\vinicius\AppData\Roaming\xcgui_debug.txt
2016-02-16 18:44 - 2015-12-10 14:43 - 0600312 _____ () C:\Users\vinicius\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2015-09-30 23:12 - 2015-09-30 23:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-16 18:44 - 2015-11-25 14:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-02-16 18:43 - 2015-12-04 12:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-02-16 18:43 - 2016-02-16 18:43 - 0009441 _____ () C:\ProgramData\webad.xml
2016-02-16 18:43 - 2015-12-10 14:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2015-09-30 22:50 - 2016-02-17 13:09 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll
[2015-09-03 15:18] - [2015-09-03 15:18] - 0357888 ____A (Microsoft Corporation) D81E287EC853FDD9F005A72FA91CE30F

C:\Windows\SysWOW64\dnsapi.dll
[2015-09-03 15:18] - [2015-09-03 15:18] - 0270336 ____A (Microsoft Corporation) C630813F959D3E67D33BB7207E4A328D

C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-02-17 23:20

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité