cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Cristiano (administrator) on CRISTIANO-PC (08-02-2016 23:57:57)
Running from C:\Users\Cristiano\Downloads
Loaded Profiles: Cristiano (Available Profiles: Cristiano)
Platform: Windows 8.1 Pro (X64) Language: Inglês (Estados Unidos)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\03000200-1454909871-0500-0006-000700080009\knsq8B2C.tmp
(TU-Funs LIMITED) C:\ProgramData\DWdMD\WdMan.exe
(Ares Development Group) D:\NÃO CONFERIDO\Program Files\Ares\Ares.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(BitTorrent Inc.) C:\Users\Cristiano\AppData\Roaming\uTorrent\uTorrent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BitTorrent Inc.) C:\Users\Cristiano\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(BitTorrent Inc.) C:\Users\Cristiano\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [sun7] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-08] (AVAST Software)
HKLM-x32\...\Run: [gmsd_br_005010232] => [X]
HKLM-x32\...\Run: [mbot_en_037050232] => [X]
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\...\Run: [ares] => D:\NÃO CONFERIDO\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-04] ()
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\...\Run: [CrashService] => C:\Users\Cristiano\AppData\Local\BoBrowser\Application\crash_service.exe [328824 2016-01-12] ()
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\...\Run: [BoBrowser] => C:\Users\Cristiano\AppData\Local\BoBrowser\Application\bobrowser.exe [604784 2016-01-12] (The BoBrowser Authors)
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\...\Run: [uTorrent] => C:\Users\Cristiano\AppData\Roaming\uTorrent\uTorrent.exe [2065944 2016-02-02] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2016-02-08]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{498C585A-3695-48C2-BED5-86E6936C0F1F}: [DhcpNameServer] 192.168.25.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzzzyyE0FyCyE0E0ByEtD0ByE0ByDyBtN0D0Tzu0StCyEzyzytN1L2XzutAtFtCzztFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDzz0Bzy0EyCtByEtGtAtBtA0FtGzz0BtAtAtGtC0B0AtAtGyBzztAyEtA0D0DyE0A0DtDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyEyCyCzzyD0C0CtGtCyC0CyEtGyEyC0AtCtG0AtAtB0DtG0B0F0BzyzztCyD0D0B0E0AyD2QtN0A0LzuyE%26cr%3D1848522720%26a%3Dwbf_nwmeddnld_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=211&b=3&installkey=EDG1SvTVwKqwP4zJudok
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=211&b=3&installkey=EDG1SvTVwKqwP4zJudok
HKU\S-1-5-21-2526742568-2190155826-1277195383-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzzzyyE0FyCyE0E0ByEtD0ByE0ByDyBtN0D0Tzu0StCyEzyzytN1L2XzutAtFtCzztFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDzz0Bzy0EyCtByEtGtAtBtA0FtGzz0BtAtAtGtC0B0AtAtGyBzztAyEtA0D0DyE0A0DtDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyEyCyCzzyD0C0CtGtCyC0CyEtGyEyC0AtCtG0AtAtB0DtG0B0F0BzyzztCyD0D0B0E0AyD2QtN0A0LzuyE%26cr%3D1848522720%26a%3Dwbf_nwmeddnld_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_16_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzzzyyE0FyCyE0E0ByEtD0ByE0ByDyBtN0D0Tzu0StCyEzyzytN1L2XzutAtFtCzztFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyD0EzztAtAzy0CzytGtCyE0FyDtG0E0C0EtAtGtD0DtB0CtGtDyB0BtDtAyByDyBtBzzyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyEyCyCzzyD0C0CtGtCyC0CyEtGyEyC0AtCtG0AtAtB0DtG0B0F0BzyzztCyD0D0B0E0AyD2QtN0A0LzuyE%26cr%3D1499365467%26a%3Dwncy_fs_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2526742568-2190155826-1277195383-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2526742568-2190155826-1277195383-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2526742568-2190155826-1277195383-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_06¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzzzyyE0FyCyE0E0ByEtD0ByE0ByDyBtN0D0Tzu0StCyEzyzytN1L2XzutAtFtCzztFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDzz0Bzy0EyCtByEtGtAtBtA0FtGzz0BtAtAtGtC0B0AtAtGyBzztAyEtA0D0DyE0A0DtDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyEyCyCzzyD0C0CtGtCyC0CyEtGyEyC0AtCtG0AtAtB0DtG0B0F0BzyzztCyD0D0B0E0AyD2QtN0A0LzuyE%26cr%3D1848522720%26a%3Dwbf_nwmeddnld_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2526742568-2190155826-1277195383-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2526742568-2190155826-1277195383-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.globasearch.com/?serie=211&installkey=EDG1SvTVwKqwP4zJudok&b=3&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-08] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-08] (AVAST Software)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{AB780B20-35CA-46AF-8F5C-65C276B1B473}] - C:\Program Files\shopperz080220160557\Firefox\{AB780B20-35CA-46AF-8F5C-65C276B1B473}.xpi
FF Extension: shopperz080220160557 - C:\Program Files\shopperz080220160557\Firefox\{AB780B20-35CA-46AF-8F5C-65C276B1B473}.xpi [2016-02-08] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-08]
FF HKLM-x32\...\Firefox\Extensions: [{AB780B20-35CA-46AF-8F5C-65C276B1B473}] - C:\Program Files\shopperz080220160557\Firefox\{AB780B20-35CA-46AF-8F5C-65C276B1B473}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-08]
CHR Extension: (Google Drive) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-08]
CHR Extension: (Google Search) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-08]
CHR Extension: (Documentos Google off-line) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-08]
CHR Extension: (Avast Online Security) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-08]
CHR Extension: (Yahoo!) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijepgjdjkdbopbnaopmlmobimmhjklhd [2016-02-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-08]
CHR Extension: (Gmail) - C:\Users\Cristiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-08]
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-08] (AVAST Software)
R2 kicivosezbt; C:\Program Files (x86)\03000200-1454909871-0500-0006-000700080009\knsq8B2C.tmp [354816 2016-02-08] () [File not signed]
S2 WajaNetEn Monitor; C:\Program Files\WajaNetEn\cb2b2d7bd36e2fd0e0eaba8c23271aeb.exe [3280896 2016-02-05] () [File not signed]
R2 WdMan; C:\ProgramData\DWdMD\WdMan.exe [794376 2016-02-08] (TU-Funs LIMITED)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 BrsHelper; C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-08] (AVAST Software)
R3 AtcL001; C:\Windows\system32\DRIVERS\l160x64.sys [65024 2013-06-18] (Atheros Communications, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [34712 2016-02-08] ()
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-02-08] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
R2 sbmntr; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-08 23:57 - 2016-02-08 23:58 - 00015757 _____ C:\Users\Cristiano\Downloads\FRST.txt
2016-02-08 23:57 - 2016-02-08 23:57 - 00000000 ____D C:\FRST
2016-02-08 23:56 - 2016-02-08 23:56 - 02370560 _____ (Farbar) C:\Users\Cristiano\Downloads\FRST64.exe
2016-02-08 23:55 - 2016-02-08 23:56 - 01721344 _____ (Farbar) C:\Users\Cristiano\Downloads\FRST.exe
2016-02-08 19:14 - 2016-02-08 20:15 - 00000000 ____D C:\Users\Cristiano\AppData\LocalLow\uTorrent
2016-02-08 19:11 - 2016-02-08 19:11 - 00000017 _____ C:\Users\Cristiano\AppData\Local\resmon.resmoncfg
2016-02-08 19:04 - 2016-02-08 19:04 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-08 18:55 - 2016-02-08 18:55 - 00003110 _____ C:\Windows\System32\Tasks\{1E494985-4B70-40F5-9DFC-757FD8D5606C}
2016-02-08 16:22 - 2016-02-08 16:22 - 00000000 ____D C:\Users\Cristiano\AppData\Local\com
2016-02-08 16:20 - 2016-02-08 16:20 - 00000000 ____D C:\Users\Cristiano\AppData\Local\WebShield
2016-02-08 14:21 - 2016-02-08 14:16 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8522.tmp
2016-02-08 14:21 - 2016-02-08 14:16 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-08 14:21 - 2016-02-08 14:16 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8523.tmp
2016-02-08 14:21 - 2016-02-08 14:16 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8534.tmp
2016-02-08 14:21 - 2016-02-08 14:16 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8511.tmp
2016-02-08 14:21 - 2016-02-08 14:16 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw84E0.tmp
2016-02-08 14:21 - 2016-02-08 14:16 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8512.tmp
2016-02-08 14:21 - 2016-02-08 14:16 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw84E1.tmp
2016-02-08 14:21 - 2016-02-08 14:15 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\asw84B0.tmp
2016-02-08 14:17 - 2016-02-08 14:17 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\AVAST Software
2016-02-08 14:16 - 2016-02-08 14:21 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-08 14:16 - 2016-02-08 14:16 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-08 14:16 - 2016-02-08 14:16 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-08 14:16 - 2016-02-08 14:16 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-08 14:16 - 2016-02-08 14:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-08 14:16 - 2016-02-08 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-08 14:16 - 2016-02-08 14:15 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-08 14:13 - 2016-02-08 14:13 - 00022408 _____ C:\Windows\System32\Tasks\{04097D47-0A08-090B-7E11-0F0D0508110E}
2016-02-08 14:13 - 2016-02-08 14:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-08 14:13 - 2016-02-08 14:13 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-08 14:12 - 2016-02-08 14:13 - 05066104 _____ (AVAST Software) C:\Users\Cristiano\Downloads\avast_free_antivirus_setup_online_bxk_a.exe
2016-02-08 14:12 - 2016-02-08 14:12 - 00000000 ____D C:\ProgramData\bf1c497a-6ef7-1
2016-02-08 14:12 - 2016-02-08 14:12 - 00000000 ____D C:\ProgramData\bf1c497a-2631-0
2016-02-08 14:08 - 2016-02-08 14:08 - 00281312 _____ C:\Windows\Minidump\020816-19750-01.dmp
2016-02-08 12:25 - 2016-02-08 16:40 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\systweak
2016-02-08 12:25 - 2015-11-20 19:27 - 00019888 _____ () C:\Windows\system32\roboot64.exe
2016-02-08 12:10 - 2016-02-08 16:13 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\yoursearching
2016-02-08 12:10 - 2016-02-08 12:11 - 00000000 ____D C:\ProgramData\DWdMD
2016-02-08 12:10 - 2016-02-08 12:10 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-08 12:09 - 2016-02-08 14:09 - 00000332 _____ C:\Windows\Tasks\Price Fountain.job
2016-02-08 12:07 - 2016-02-08 12:07 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\PriceFountain
2016-02-08 11:58 - 2016-02-08 11:58 - 00003464 _____ C:\Windows\System32\Tasks\CristianoBrocketsConcussV2
2016-02-08 11:53 - 2016-02-08 16:40 - 00000000 ____D C:\Users\Cristiano\AppData\Local\BrocketsConcuss
2016-02-08 11:52 - 2016-02-08 11:52 - 00000000 ____D C:\Users\Cristiano\AppData\Local\teti
2016-02-08 11:52 - 2016-02-08 11:52 - 00000000 ____D C:\Users\Cristiano\AppData\Local\Setup899390
2016-02-08 11:52 - 2016-02-08 11:51 - 05892175 _____ (MediaDownloader ) C:\Users\Cristiano\Downloads\MediaDownloader.exe
2016-02-08 11:47 - 2016-02-08 16:12 - 00003118 _____ C:\Windows\System32\Tasks\CGN
2016-02-08 11:46 - 2016-02-08 11:46 - 00000000 ____D C:\Users\Cristiano\AppData\Local\mixvideoplayer
2016-02-08 11:46 - 2016-02-08 11:46 - 00000000 ____D C:\ProgramData\Claaureurvlug
2016-02-08 11:45 - 2016-02-08 11:45 - 00000044 _____ C:\Users\Cristiano\AppData\Roaming\WB.CFG
2016-02-08 11:44 - 2016-02-08 11:45 - 00000000 ____D C:\Users\Cristiano\AppData\Local\BrowserHelper
2016-02-08 11:44 - 2016-02-08 11:44 - 00003084 _____ C:\Windows\System32\Tasks\MixVideoPlayer Update
2016-02-08 11:44 - 2016-02-08 11:44 - 00000000 ____D C:\Users\Cristiano\AppData\Local\BrowserWeb
2016-02-08 11:44 - 2016-02-08 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-02-08 11:43 - 2016-02-08 11:55 - 00000000 ____D C:\Users\Cristiano\AppData\Local\SunnyDay7
2016-02-08 11:43 - 2016-02-08 11:43 - 00003598 _____ C:\Windows\System32\Tasks\YTDownloader
2016-02-08 11:43 - 2016-02-08 11:43 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2016-02-08 11:39 - 2016-02-08 18:50 - 00002391 _____ C:\Users\Cristiano\Desktop\Facebook.lnk
2016-02-08 11:39 - 2016-02-08 18:50 - 00002385 _____ C:\Users\Cristiano\Desktop\Youtube.lnk
2016-02-08 04:04 - 2016-02-08 04:04 - 00034712 _____ () C:\Windows\system32\Drivers\bsdriver.sys
2016-02-08 04:03 - 2016-02-08 04:03 - 00003176 _____ C:\Windows\System32\Tasks\Run_Bobby_Browser
2016-02-08 04:02 - 2016-02-08 04:03 - 00000000 ____D C:\Users\Cristiano\AppData\Local\BoBrowser
2016-02-08 04:02 - 2016-02-08 04:02 - 00003208 _____ C:\Windows\System32\Tasks\crash_service
2016-02-08 04:02 - 2016-02-08 04:02 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BoBrowser
2016-02-08 04:01 - 2016-02-08 23:45 - 00000000 ____D C:\Program Files\shopperz080220160557
2016-02-08 04:01 - 2016-02-08 04:01 - 00003346 _____ C:\Windows\System32\Tasks\Cutukou
2016-02-08 04:01 - 2016-02-08 04:01 - 00000000 ____D C:\Users\Cristiano\AppData\LocalLow\Company
2016-02-08 04:01 - 2016-02-08 04:01 - 00000000 ____D C:\Users\Cristiano\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-02-08 03:57 - 2016-02-08 03:57 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Uniblue
2016-02-08 03:57 - 2016-02-08 03:57 - 00000000 ____D C:\Program Files\WajaNetEn
2016-02-08 03:56 - 2016-02-08 14:11 - 00000000 ____D C:\Users\Cristiano\AppData\Local\Setup Wizard
2016-02-08 03:50 - 2016-02-08 14:26 - 00000000 ____D C:\ProgramData\Updata
2016-02-08 03:50 - 2016-02-08 03:50 - 00002930 _____ C:\Windows\System32\Tasks\osTip
2016-02-08 03:50 - 2016-02-08 03:50 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-08 03:49 - 2016-02-08 03:49 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\WeatherTool
2016-02-08 03:45 - 2016-02-08 23:45 - 00000310 _____ C:\Windows\Tasks\UpdateTask.job
2016-02-08 03:45 - 2016-02-08 03:45 - 00002648 _____ C:\Windows\System32\Tasks\UpdateTask
2016-02-08 03:45 - 2016-02-08 03:45 - 00000000 ___HD C:\Users\Cristiano\AppData\Roaming\GoldenGate
2016-02-08 03:45 - 2016-02-08 03:45 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Macromedia
2016-02-08 03:44 - 2016-02-08 17:07 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Gameo
2016-02-08 03:44 - 2016-02-08 16:37 - 00000000 ____D C:\Users\Cristiano\AppData\Local\Gameo
2016-02-08 03:44 - 2016-02-08 12:04 - 00000344 __RSH C:\ProgramData\ntuser.pol
2016-02-08 03:44 - 2016-02-08 03:44 - 00001083 _____ C:\Users\Cristiano\Desktop\Format Factory.lnk
2016-02-08 03:44 - 2016-02-08 03:44 - 00000177 _____ C:\Users\Cristiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2016-02-08 03:44 - 2016-02-08 03:44 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-02-08 03:44 - 2016-02-08 03:44 - 00000000 ____D C:\FFOutput
2016-02-08 03:44 - 2016-02-08 03:44 - 00000000 _____ C:\Windows\SysWOW64\track
2016-02-08 03:43 - 2016-02-08 03:44 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-02-08 03:40 - 2016-02-08 03:48 - 00003262 _____ C:\Windows\System32\Tasks\DailyPCClean Schedule
2016-02-08 03:40 - 2016-02-08 03:40 - 00000000 ____D C:\Users\Cristiano\Documents\DailyPCClean
2016-02-08 03:40 - 2016-02-08 03:40 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\DailyPCClean
2016-02-08 03:40 - 2016-02-08 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DailyPCClean
2016-02-08 03:39 - 2016-02-08 16:39 - 00000000 ____D C:\Users\Cristiano\AppData\Local\03000200-1454902773-0500-0006-000700080009
2016-02-08 03:39 - 2016-02-08 14:27 - 00000000 ____D C:\Users\Cristiano\AppData\Local\DailyPcClean Support
2016-02-08 03:38 - 2016-02-08 03:37 - 00000967 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-02-08 03:37 - 2016-02-08 19:56 - 00000000 ____D C:\Program Files (x86)\03000200-1454909871-0500-0006-000700080009
2016-02-08 03:31 - 2016-02-08 03:37 - 00003358 _____ C:\Windows\System32\Tasks\Format Factory
2016-02-08 02:00 - 2016-02-08 04:01 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys
2016-02-08 00:25 - 2015-12-09 01:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-02-07 23:09 - 2016-02-07 23:09 - 00281256 _____ C:\Windows\Minidump\020716-12734-01.dmp
2016-02-03 20:32 - 2016-02-03 20:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-03 03:11 - 2016-02-08 03:24 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\vlc
2016-02-03 03:10 - 2016-02-03 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-02 20:41 - 2016-02-02 20:41 - 00000000 ____D C:\Users\Cristiano\Desktop\My Shared Folder
2016-02-02 20:41 - 2016-02-02 20:41 - 00000000 ____D C:\Users\Cristiano\AppData\Local\Ares
2016-02-02 20:26 - 2016-02-08 14:08 - 263820670 _____ C:\Windows\MEMORY.DMP
2016-02-02 20:26 - 2016-02-08 14:08 - 00000000 ____D C:\Windows\Minidump
2016-02-02 20:26 - 2016-02-02 20:26 - 00281256 _____ C:\Windows\Minidump\020216-11140-01.dmp
2016-02-02 20:26 - 2016-02-02 20:24 - 00328354 _____ C:\Windows\system32\prfi0416.dat
2016-02-02 20:25 - 2016-02-08 23:32 - 00746010 _____ C:\Windows\system32\prfh0416.dat
2016-02-02 20:25 - 2016-02-08 23:32 - 00150642 _____ C:\Windows\system32\prfc0416.dat
2016-02-02 20:25 - 2016-02-02 20:24 - 00040752 _____ C:\Windows\system32\prfd0416.dat
2016-02-02 20:06 - 2016-02-02 20:06 - 00002665 _____ C:\Users\Cristiano\Desktop\µTorrent.lnk
2016-02-02 20:04 - 2016-02-08 23:57 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\uTorrent
2016-02-02 20:01 - 2016-02-08 19:24 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-02 20:01 - 2016-02-08 19:24 - 00002231 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-02 20:01 - 2016-02-02 20:40 - 00000674 _____ C:\Users\Cristiano\Desktop\Downloads.lnk
2016-02-02 19:59 - 2016-02-08 23:04 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-02 19:59 - 2016-02-08 19:14 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-02 19:59 - 2016-02-03 10:32 - 00000651 _____ C:\Users\Cristiano\Desktop\Filmes.lnk
2016-02-02 19:59 - 2016-02-02 20:50 - 00000000 ____D C:\Users\Cristiano\AppData\Local\Google
2016-02-02 19:59 - 2016-02-02 20:11 - 00000630 _____ C:\Users\Cristiano\Desktop\Fotos.lnk
2016-02-02 19:59 - 2016-02-02 20:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-02 19:59 - 2016-02-02 19:59 - 00004072 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 19:59 - 2016-02-02 19:59 - 00003836 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 19:59 - 2016-02-02 19:59 - 00000784 _____ C:\Users\Cristiano\Desktop\Músicas.lnk
2016-02-02 19:40 - 2016-02-08 20:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2526742568-2190155826-1277195383-1001
2016-02-02 19:39 - 2016-02-08 23:32 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-02 19:35 - 2016-02-08 16:13 - 00001434 _____ C:\Users\Cristiano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-02 19:35 - 2016-02-02 19:36 - 00000000 ____D C:\Users\Cristiano\AppData\Local\Packages
2016-02-02 19:35 - 2016-02-02 19:35 - 00000000 ____D C:\Users\Cristiano\AppData\Roaming\Adobe
2016-02-02 19:35 - 2016-02-02 19:35 - 00000000 ____D C:\Users\Cristiano\AppData\Local\VirtualStore
2016-02-02 19:34 - 2016-02-05 01:08 - 00000000 ____D C:\Users\Cristiano
2016-02-02 19:34 - 2016-02-02 19:34 - 00000020 ___SH C:\Users\Cristiano\ntuser.ini
2016-02-02 19:34 - 2016-02-02 19:34 - 00000000 _SHDL C:\Users\Cristiano\My Documents
2016-02-02 19:34 - 2016-02-02 19:34 - 00000000 _SHDL C:\Users\Cristiano\Documents\My Videos
2016-02-02 19:34 - 2016-02-02 19:34 - 00000000 _SHDL C:\Users\Cristiano\Documents\My Pictures
2016-02-02 19:34 - 2016-02-02 19:34 - 00000000 _SHDL C:\Users\Cristiano\Documents\My Music
2016-02-02 19:32 - 2016-02-02 19:32 - 00000000 ____D C:\Windows\CSC
2016-02-02 19:32 - 2013-08-22 03:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-02-02 19:12 - 2016-02-02 19:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-02-02 19:11 - 2016-02-02 19:35 - 00000000 ____D C:\Windows\Panther

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-08 23:32 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-02-08 19:27 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-08 19:14 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-08 03:51 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-08 03:44 - 2013-08-22 13:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-02-08 03:44 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-08 00:23 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-06 12:00 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache
2016-02-02 20:35 - 2013-08-22 13:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-02 20:26 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-02 20:25 - 2013-08-22 17:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\system32\winrm
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\system32\WCN
2016-02-02 20:25 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\system32\slmgr
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\WinStore
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\IME
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-02 20:25 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-02 20:25 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-02-02 20:25 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-02-02 20:25 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-02-02 20:25 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\oobe
2016-02-02 20:25 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\Dism
2016-02-02 20:25 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\servicing
2016-02-02 20:24 - 2013-08-22 17:09 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-02-02 20:24 - 2013-08-22 13:36 - 00000000 ___SD C:\Windows\system32\dsc
2016-02-02 20:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-02-02 20:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\Com
2016-02-02 20:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Help
2016-02-02 20:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\FileManager
2016-02-02 19:41 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-02 19:35 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Camera
2016-02-02 19:35 - 2013-08-22 12:45 - 00000000 ____D C:\Windows\Setup
2016-02-02 19:11 - 2013-08-22 13:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories =======

2016-02-08 11:45 - 2016-02-08 11:45 - 0000044 _____ () C:\Users\Cristiano\AppData\Roaming\WB.CFG
2016-02-08 19:11 - 2016-02-08 19:11 - 0000017 _____ () C:\Users\Cristiano\AppData\Local\resmon.resmoncfg
2016-02-08 12:10 - 2016-02-08 12:10 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Cristiano\AppData\Local\Temp\setup.tmp.exe
C:\Users\Cristiano\AppData\Local\Temp\tu17p84.exe
C:\Users\Cristiano\AppData\Local\Temp\Uninstall.exe
C:\Users\Cristiano\AppData\Local\Temp\UninstallModule.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-02 19:20

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité