Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:05-03-2016 01
Executado por Branco (administrador) em BRANCO-PC (23-03-2016 11:33:05)
Executando a partir de C:\Users\Branco\Downloads
Perfis Carregados: Branco (Perfis Disponíveis: Branco)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\SysOptEngineSvc.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\FasterNow.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Primary Color\updatePrimaryColor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Baidu PC Faster 5.1.0.0] => C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe [2333152 2015-05-07] (Baidu, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12205784 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [Baidu PC Faster 4.0.0.0] => C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe [2333152 2015-05-07] (Baidu, Inc.)
HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM\...\Run: [win_en_77] => "C:\Program Files\win_en_77\win_en_77.exe"
HKLM\...\Run: [sun21] => [X]
HKLM\...\Run: [un] => C:\Users\Branco\AppData\Local\Temp\un.exe /start <===== ATENÇÃO
HKLM\...\Run: [rec_en_221] => "C:\Program Files\rec_en_221\rec_en_221.exe"
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM\...\Run: [RazerCortex] => C:\Program Files\Razer\Razer Cortex\RazerCortex.exe [2265928 2016-02-26] (Razer Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [uTorrent] => C:\Users\Branco\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-02-25] (BitTorrent Inc.)
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Branco\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [YeaInstaller] => C:\Users\Branco\AppData\Local\Temp\CU6BHY8P8\CU6BHY8P8.exe [1968128 2016-03-11] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [msiql] => C:\ProgramData\msiql.exe [1888256 2016-03-02] ()
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\F9A8B7D3FAB1BD35CB5A96050ADC2F9F.dll Start /DEFAULT
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [Pritc] => C:\Windows\TEMP\is-IOVE3.tmp\print.exe [2960896 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\MountPoints2: {05f79673-dc03-11e5-bee0-e89a8fd68ab6} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Branco\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Branco\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Branco\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{003CC5E5-C234-45BA-8D54-E401CC2B2EEB}: [DhcpNameServer] 192.168.25.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-219047011-488505859-3757021965-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Windows\system32\config\systemprofile\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-06-18] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Branco\AppData\Roaming\Mozilla\Firefox\Profiles\tlaymlb8.default
FF Homepage: search.mpc.am
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-20] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-03] [não assinado]
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> MPC Safe Search
CHR Profile: C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16]
CHR Extension: (Google Docs) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16]
CHR Extension: (Google Drive) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-14]
CHR Extension: (YouTube) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-14]
CHR Extension: (Google Search) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-14]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2016-03-22]
CHR Extension: (Planilhas do Google) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16]
CHR Extension: (Documentos Google off-line) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Super Animes) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\glokngbimckbfigmglafekkfcaflbaef [2016-02-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-14]
CHR Extension: (Gmail) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-14]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 AppMgr3.57.4713165; C:\ProgramData\AppMgr3.57.4713165\AppMgr.exe [488360 2016-03-23] ()
S4 BASSVC; C:\Program Files\Baidu Security\MoboMarket\1.3.7.5967\bassvc.exe [208928 2015-04-22] (Baidu, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082232 2016-01-15] (Disc Soft Ltd)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-01-11] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-03-16] (TODO: ) [Arquivo não assinado]
S2 IpOverUsbSvc; C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
S2 MiniService; C:\Users\Branco\AppData\Local\MiniService\MiniService.exe [106296 2016-03-16] (Baidu Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [3621784 2015-12-15] (INCA Internet Co., Ltd.)
R2 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448 2015-05-07] (Baidu, Inc.)
S2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [190120 2016-01-29] ()
S2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [132864 2016-02-26] (Razer Inc.)
R2 Update Primary Color; C:\Program Files\Primary Color\updatePrimaryColor.exe [660904 2016-03-23] ()
S2 Util Primary Color; C:\Program Files\Primary Color\bin\utilPrimaryColor.exe [660904 2016-03-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 XapcnPhoneService; C:\Program Files\爱应用PC版\wp8svc.exe [34776 2014-05-21] () [Arquivo não assinado]
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [X]
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S2 Update Web Amplified; "C:\Program Files\Web Amplified\updateWebAmplified.exe" [X]
S2 Util Web Amplified; "C:\Program Files\Web Amplified\bin\utilWebAmplified.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [46440 2015-03-31] (Baidu, Inc.)
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [113992 2015-03-31] (Baidu, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [49408 2016-03-11] (Cherimoya Ltd) [Arquivo não assinado]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-02-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-02-25] (Disc Soft Ltd)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [489832 2013-11-21] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-11-21] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 1999-12-31] (Qualcomm Atheros Co., Ltd.)
R3 PCFApiUtil; C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [118152 2015-03-31] (Baidu, Inc.)
R2 SPDRIVER_1.42.1.10650; C:\Program Files\ShopperPro3\JSDriver\1.42.1.10650\jsdrv.sys [32256 2016-03-13] () [Arquivo não assinado]
R1 {333b9599-10bc-4dd6-bf9d-3e9ff9ed1474}Gw; C:\Windows\System32\drivers\{333b9599-10bc-4dd6-bf9d-3e9ff9ed1474}Gw.sys [43112 2016-03-10] (StdLib)
R1 {786e1909-a881-43dd-a702-77d1bd01d1fb}Gw; C:\Windows\System32\drivers\{786e1909-a881-43dd-a702-77d1bd01d1fb}Gw.sys [42824 2016-03-23] (StdLib)
R0 MPCBase; System32\drivers\MPCBase.sys [X]
R1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
S2 rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [X]
S2 rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-23 11:33 - 2016-03-23 11:33 - 00015262 _____ C:\Users\Branco\Downloads\FRST.txt
2016-03-23 11:32 - 2016-03-23 11:33 - 00000000 ____D C:\FRST
2016-03-23 11:31 - 2016-03-23 11:31 - 01725440 _____ (Farbar) C:\Users\Branco\Downloads\FRST.exe
2016-03-23 11:02 - 2016-03-23 11:02 - 00000000 ____D C:\Users\Todos os Usuários\6534aa3a-6df1-0
2016-03-23 11:02 - 2016-03-23 11:02 - 00000000 ____D C:\ProgramData\6534aa3a-6df1-0
2016-03-23 10:32 - 2016-03-23 10:32 - 00000000 ____D C:\Users\Branco\AppData\Roaming\MCorp
2016-03-23 10:31 - 2016-03-23 03:07 - 00042824 _____ (StdLib) C:\Windows\system32\Drivers\{786e1909-a881-43dd-a702-77d1bd01d1fb}Gw.sys
2016-03-23 10:29 - 2016-03-23 10:29 - 00000000 ____D C:\Users\Todos os Usuários\6534aa3a-5b73-1
2016-03-23 10:29 - 2016-03-23 10:29 - 00000000 ____D C:\ProgramData\6534aa3a-5b73-1
2016-03-23 07:18 - 2016-03-23 07:19 - 00000000 ____D C:\Users\Todos os Usuários\AppMgr3.57.4713165
2016-03-23 07:18 - 2016-03-23 07:19 - 00000000 ____D C:\ProgramData\AppMgr3.57.4713165
2016-03-23 07:17 - 2016-03-23 11:03 - 00000000 ____D C:\Program Files\Primary Color
2016-03-23 07:16 - 2016-03-23 11:02 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\uTorrent
2016-03-23 07:15 - 2016-03-23 11:25 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-03-22 15:52 - 2016-03-22 15:53 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Mozilla
2016-03-22 15:52 - 2016-03-22 15:52 - 00000000 ____D C:\Users\Branco\AppData\Local\Mozilla
2016-03-22 15:51 - 2016-03-23 11:03 - 00001165 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 15:51 - 2016-03-23 11:03 - 00001153 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-22 15:51 - 2016-03-22 15:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-22 15:49 - 2016-03-22 15:50 - 43499792 _____ C:\Users\Branco\Downloads\Firefox Setup 45.0.exe
2016-03-22 15:31 - 2016-03-22 22:34 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-22 15:31 - 2016-03-22 22:34 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-22 15:28 - 2016-03-23 11:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 15:28 - 2016-03-22 15:28 - 00001226 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-22 15:28 - 2015-03-31 03:22 - 00113992 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BprotectEx.sys
2016-03-22 15:28 - 2015-03-31 03:22 - 00046440 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bhbase.sys
2016-03-20 14:42 - 2016-03-20 14:45 - 00000000 ____D C:\Users\Branco\Desktop\SkyrimConfigBackup
2016-03-20 14:42 - 2016-03-20 14:42 - 00000000 ____D C:\Users\Branco\Downloads\ULG4S
2016-03-20 14:29 - 2016-03-20 15:32 - 00000000 ____D C:\Users\Branco\AppData\Local\ULG
2016-03-20 14:15 - 2016-03-20 14:15 - 00919786 _____ C:\Users\Branco\Downloads\ULG Installer - 4S-17137-4-0.zip
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Sun
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Sun
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Users\Branco\.oracle_jre_usage
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-20 14:07 - 2016-03-20 14:07 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-03-20 14:07 - 2016-03-20 14:07 - 00000000 ____D C:\ProgramData\Oracle
2016-03-20 14:07 - 2016-03-20 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-20 14:06 - 2016-03-20 14:06 - 00916058 _____ C:\Users\Branco\Downloads\ULG Installer - 5S-17137-5-0.zip
2016-03-20 14:06 - 2016-03-20 14:06 - 00000000 ____D C:\Program Files\Java
2016-03-20 14:05 - 2016-03-20 14:05 - 00735328 _____ (Oracle Corporation) C:\Users\Branco\Downloads\chromeinstall-8u73.exe
2016-03-20 14:05 - 2016-03-20 14:05 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Oracle
2016-03-20 10:49 - 2015-11-11 08:57 - 00121741 _____ C:\Users\Branco\Desktop\ULGX.jar
2016-03-18 10:27 - 2016-03-18 10:27 - 00118995 _____ C:\Users\Branco\Downloads\ULGX Beta-17137-10-0b11.zip
2016-03-18 10:23 - 2016-03-18 10:24 - 00000000 ____D C:\Users\Branco\Documents\Nexus Mod Manager
2016-03-18 10:23 - 2016-03-18 10:23 - 00000000 ____D C:\Users\Branco\AppData\Local\Black_Tree_Gaming
2016-03-18 10:11 - 2016-03-18 10:11 - 01424328 _____ (Microsoft Corporation) C:\Users\Branco\Downloads\NDP461-KB3102438-Web.exe
2016-03-18 10:10 - 2016-03-18 10:10 - 00001043 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-03-18 10:10 - 2016-03-18 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-03-18 10:10 - 2016-03-18 10:10 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-03-18 10:08 - 2016-03-18 10:08 - 05495448 _____ (Black Tree Gaming ) C:\Users\Branco\Downloads\Nexus Mod Manager-0.61.14.exe
2016-03-17 23:49 - 2016-03-18 00:06 - 00000000 ____D C:\Users\Branco\Downloads\Curso de Japonês
2016-03-16 16:02 - 2016-03-16 16:02 - 00000000 ____D C:\Users\Branco\Tracing
2016-03-16 15:58 - 2016-03-23 11:05 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Skype
2016-03-16 15:58 - 2016-03-16 15:58 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-16 15:58 - 2016-03-16 15:58 - 00000000 ___RD C:\Program Files\Skype
2016-03-16 15:58 - 2016-03-16 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-16 15:58 - 2016-03-16 15:58 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-16 15:57 - 2016-03-16 15:58 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-03-16 15:57 - 2016-03-16 15:58 - 00000000 ____D C:\ProgramData\Skype
2016-03-16 15:56 - 2016-03-16 15:56 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Branco\Downloads\SkypeSetup.exe
2016-03-16 15:29 - 2016-03-16 15:29 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Adobe
2016-03-16 15:02 - 2016-03-16 15:30 - 00000000 ____D C:\Users\Branco\AppData\Local\Adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Thinstall
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Branco\AppData\Local\Thinstall
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\ProgramData\Adobe
2016-03-16 15:01 - 2014-04-23 21:58 - 00000000 ____D C:\Users\Branco\Desktop\Photoshop CS5 Portable [Portugues]
2016-03-16 15:00 - 2016-03-16 15:01 - 167729172 _____ C:\Users\Branco\Downloads\Photoshop CS5 Portable [Portugues].rar
2016-03-16 09:29 - 2016-03-16 09:32 - 85159399 _____ C:\Users\Branco\Downloads\Rayman_Fiesta_Run_v1.0.0.17-Winphonehub.xap
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\Program Files\ShopperPro3
2016-03-16 08:11 - 2016-03-23 10:28 - 00897677 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-03-16 08:11 - 2016-03-23 10:28 - 00897677 _____ C:\ProgramData\YSIns.exe
2016-03-16 08:11 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-03-16 08:11 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-03-16 08:11 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-03-16 08:11 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-03-16 08:10 - 2016-03-23 11:27 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-16 08:10 - 2016-03-23 11:27 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-16 08:10 - 2016-03-23 11:02 - 00015482 _____ C:\Users\Todos os Usuários\webad.xml
2016-03-16 08:10 - 2016-03-23 11:02 - 00015482 _____ C:\ProgramData\webad.xml
2016-03-16 08:10 - 2016-03-16 08:10 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-03-16 08:10 - 2016-03-16 08:10 - 00000000 ____D C:\ProgramData\Windows Update
2016-03-16 08:10 - 2016-03-02 10:49 - 01888256 _____ C:\Users\Todos os Usuários\msiql.exe
2016-03-16 08:10 - 2016-03-02 10:49 - 01888256 _____ C:\ProgramData\msiql.exe
2016-03-16 08:10 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-03-16 08:10 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-03-15 11:08 - 2016-03-15 11:08 - 00000000 _____ C:\Users\Branco\AppData\Local\{EC0EB707-A8AC-4AF6-819D-DF690771905D}
2016-03-14 20:52 - 2016-03-14 20:52 - 00001203 _____ C:\Users\Branco\Desktop\Stardew Valley - Atalho.lnk
2016-03-14 20:39 - 2016-03-20 18:28 - 00000000 ____D C:\Users\Branco\AppData\Roaming\StardewValley
2016-03-14 20:37 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-03-14 20:37 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-03-14 20:37 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-03-14 20:37 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-03-14 20:37 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-14 20:37 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-03-14 20:36 - 2016-03-14 20:36 - 00000000 ____D C:\Program Files\Microsoft XNA
2016-03-14 20:34 - 2016-03-14 20:52 - 00000000 ____D C:\Users\Branco\Desktop\IGG-StardeValleyv1.051
2016-03-14 20:33 - 2016-03-14 20:34 - 302262929 _____ C:\Users\Branco\Downloads\IGG-StardeValleyv1.051.rar
2016-03-14 15:11 - 2016-03-14 15:11 - 00001074 _____ C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\爱应用PC版.lnk
2016-03-14 15:11 - 2016-03-14 15:11 - 00000000 ____D C:\Users\Branco\AppData\Roaming\XapcnClient
2016-03-14 15:11 - 2016-03-14 15:11 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱应用PC版
2016-03-14 15:10 - 2016-03-14 15:39 - 00000000 ____D C:\Program Files\爱应用PC版
2016-03-14 15:10 - 2016-03-14 15:10 - 00001050 _____ C:\Users\Branco\Desktop\爱应用PC版.lnk
2016-03-14 15:09 - 2016-03-14 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 7.1
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sdk7.1
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\Program Files\sdk7.1
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2016-03-14 14:13 - 2016-03-14 14:13 - 00000000 ____D C:\Users\Branco\Downloads\Windows Phone - Other hardware - WinUsb Device
2016-03-14 13:41 - 2016-03-14 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-03-14 13:38 - 2016-03-14 13:38 - 00000000 ____D C:\Program Files\Windows Phone Silverlight Kits
2016-03-14 13:36 - 2016-03-14 15:10 - 00000000 ____D C:\Program Files\Microsoft XDE
2016-03-14 13:36 - 2016-03-14 15:09 - 00000000 ____D C:\Program Files\Windows Phone Kits
2016-03-14 13:36 - 2016-03-14 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-03-14 13:36 - 2016-03-14 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2016-03-14 13:30 - 2015-06-04 11:02 - 00000000 ____D C:\Users\Branco\Desktop\WP8.1 SDK Tools Lite Setup Av1.20
2016-03-14 13:20 - 2016-03-14 13:26 - 00000000 ____D C:\Windows\system32\appmgmt
2016-03-14 13:08 - 2016-03-14 15:44 - 00000104 ____H C:\Users\Branco\AppData\Roaming\WPVXAP.setting
2016-03-14 12:41 - 2016-03-14 12:41 - 00000000 ____D C:\Users\Branco\Downloads\Windows Kits
2016-03-14 12:38 - 2016-03-14 12:38 - 00000000 ____D C:\Program Files\Windows Kits
2016-03-14 12:20 - 2016-03-17 12:00 - 00000000 ____D C:\Program Files\Microsoft SDKs
2016-03-14 11:50 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Todos os Usuários\service.exe
2016-03-14 11:50 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Branco\AppData\Roaming\service.exe
2016-03-14 11:50 - 2016-01-11 15:49 - 01734656 _____ C:\ProgramData\service.exe
2016-03-13 20:24 - 2015-12-15 04:58 - 03621784 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
2016-03-13 20:24 - 2004-12-30 09:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\npptNT2.sys
2016-03-13 20:24 - 2003-07-15 18:17 - 00005174 _____ C:\Windows\system32\nppt9x.vxd
2016-03-13 20:23 - 2016-03-13 20:23 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-03-13 19:10 - 2016-03-13 21:14 - 00000737 _____ C:\Users\Public\Desktop\Ragnarok.lnk
2016-03-13 19:10 - 2016-03-13 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up
2016-03-13 18:51 - 2016-03-13 18:51 - 00000000 ____D C:\Level Up
2016-03-13 18:16 - 2016-03-13 18:35 - 1862719622 ____R (Level Up! Games ) C:\Users\Branco\Downloads\Instalador_Client_Ragnarok_20150422.exe
2016-03-12 16:05 - 2016-03-12 16:05 - 00001523 _____ C:\Users\Branco\Desktop\GrandChase - Atalho.lnk
2016-03-12 16:01 - 2016-03-12 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Chase History
2016-03-12 15:33 - 2016-03-12 16:23 - 00000000 ____D C:\Program Files\Grand Chase History
2016-03-12 11:39 - 2016-03-12 12:35 - 00000000 ____D C:\Users\Branco\Documents\DragonNest
2016-03-12 10:25 - 2016-03-12 13:09 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-11 09:38 - 2016-03-11 09:38 - 00081768 ____R (Microsoft Corporation) C:\Windows\xinput1_3.dll
2016-03-11 09:36 - 2016-03-11 09:36 - 01892184 ____R (Microsoft Corporation) C:\Windows\d3dx9_42.dll
2016-03-11 09:33 - 2016-03-11 09:33 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-03-11 09:33 - 2016-03-11 09:33 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-03-11 09:32 - 2016-03-11 09:32 - 00000000 ____D C:\Users\Branco\AppData\Local\macpromosoft
2016-03-11 09:16 - 2016-03-11 09:16 - 00000000 ____D C:\Program Files\Tencent
2016-03-11 09:15 - 2016-03-11 09:16 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-03-11 09:15 - 2016-03-11 09:16 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Tencent
2016-03-11 09:15 - 2016-03-11 09:16 - 00000000 ____D C:\ProgramData\Tencent
2016-03-11 09:14 - 2016-03-11 09:14 - 00000000 ____D C:\Users\Branco\AppData\Local\rec_en_221
2016-03-11 09:14 - 2016-03-11 09:10 - 00000967 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-03-11 09:13 - 2016-03-11 09:35 - 00000000 ____D C:\Program Files\64F5BFA8-1457698412-FC40-B9EE-E89A8FD68AB6
2016-03-11 09:12 - 2016-03-11 09:13 - 00000000 ___HD C:\Users\Branco\Documents\Panda StickyNotes
2016-03-11 09:11 - 2016-03-10 06:30 - 00043112 _____ (StdLib) C:\Windows\system32\Drivers\{333b9599-10bc-4dd6-bf9d-3e9ff9ed1474}Gw.sys
2016-03-11 09:09 - 2016-03-11 09:09 - 00000000 ____D C:\Users\Branco\AppData\Roaming\UG
2016-03-11 09:08 - 2016-03-11 09:33 - 00000000 ____D C:\Program Files\UPCleaner
2016-03-11 09:07 - 2016-03-11 09:07 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Company
2016-03-11 09:07 - 2016-03-11 09:07 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-03-11 09:07 - 2016-03-11 09:07 - 00000000 ____D C:\uninst
2016-03-11 09:06 - 2016-03-11 09:10 - 00000000 ____D C:\Program Files\Sound+
2016-03-11 09:06 - 2016-03-11 09:06 - 00000000 ____D C:\Users\Branco\AppData\Local\win_en_77
2016-03-11 08:45 - 2016-03-11 08:45 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-03-11 08:45 - 2016-03-11 08:45 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-03-11 08:45 - 2016-03-11 08:45 - 00000000 ____D C:\ProgramData\TEMP
2016-03-11 08:45 - 2015-02-17 11:20 - 00018992 _____ (Dll-Files.com) C:\Windows\system32\roboot.exe
2016-03-11 08:35 - 2016-03-18 10:29 - 00000000 ____D C:\Users\Branco\AppData\Local\Skyrim
2016-03-11 08:35 - 2016-03-11 08:35 - 00000000 ____D C:\Users\Branco\Documents\My Games
2016-03-11 07:57 - 2016-03-11 09:07 - 00049408 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2016-03-10 18:36 - 2016-03-10 18:36 - 00001800 _____ C:\Users\Branco\Desktop\Play The Elder Scrolls V Skyrim.lnk
2016-03-10 06:44 - 2016-03-18 10:24 - 00000000 ____D C:\Games
2016-03-09 22:28 - 2016-03-09 23:53 - 00000000 ____D C:\Users\Branco\Downloads\The Elder Scrolls V Skyrim PC full game + DLC ^^nosTEAM^^
2016-03-08 19:54 - 2016-03-08 19:54 - 00000000 ____D C:\Users\Branco\Documents\Modelos Personalizados do Office
2016-03-08 19:15 - 2016-03-08 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-08 19:15 - 2016-03-08 19:15 - 00002901 _____ C:\Users\Branco\Desktop\Word 2013.lnk
2016-03-08 19:13 - 2016-03-08 19:13 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-03-08 19:10 - 2016-03-08 19:10 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-03-08 19:10 - 2016-03-08 19:10 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-08 19:09 - 2016-03-22 15:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-08 19:09 - 2016-03-08 19:11 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-03-08 19:09 - 2016-03-08 19:09 - 00000000 ____D C:\Windows\PCHEALTH
2016-03-08 19:03 - 2016-03-08 19:03 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-03-08 19:02 - 2016-03-08 19:23 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-08 19:02 - 2016-03-08 19:09 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-08 19:02 - 2016-03-08 19:02 - 00000000 ____D C:\Users\Branco\AppData\Local\Microsoft Help
2016-03-08 18:38 - 2016-03-08 18:44 - 681619456 _____ C:\Users\Branco\Downloads\OfficeProfessionalPlus_x86_pt-br.img
2016-03-08 10:03 - 2016-03-08 12:02 - 00000000 ____D C:\Users\Branco\Documents\MEGAsync Downloads
2016-03-08 10:03 - 2016-03-08 10:03 - 00000000 ___RD C:\Users\Branco\Documents\MEGA
2016-03-08 10:01 - 2016-03-08 10:01 - 00000000 ____D C:\Users\Branco\AppData\Local\Mega Limited
2016-03-07 19:47 - 2016-03-07 19:47 - 00088280 ____H C:\Windows\system32\mlfcache.dat
2016-03-07 10:35 - 2016-03-07 10:52 - 00000000 ____D C:\Wooxy
2016-03-07 10:35 - 2016-03-07 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wooxy
2016-03-04 11:30 - 2016-03-05 13:23 - 00000000 ____D C:\Users\Branco\Downloads\euescuto.com.br - Gorillaz
2016-03-04 11:12 - 2016-03-04 11:27 - 191333281 _____ C:\Users\Branco\Downloads\euescuto.com.br_-_Gorillaz.zip
2016-03-01 22:10 - 2016-03-01 22:10 - 01144750 _____ C:\Users\Branco\Downloads\12734846_1699190990296083_1740417283_n.mp4
2016-02-28 17:16 - 2016-02-28 17:16 - 00001196 _____ C:\Users\Branco\Desktop\_Launcher - Atalho.lnk
2016-02-28 15:15 - 2016-03-11 09:09 - 00001734 _____ C:\Users\Branco\Desktop\GrandFantasiaPT.lnk
2016-02-28 15:15 - 2016-02-28 15:15 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-02-28 15:03 - 2016-02-28 15:03 - 00000000 ____D C:\Users\Branco\AppData\Local\Aeria Games
2016-02-28 12:27 - 2016-02-28 12:27 - 00000000 ____D C:\Users\Todos os Usuários\Aeria Games
2016-02-28 12:27 - 2016-02-28 12:27 - 00000000 ____D C:\ProgramData\Aeria Games
2016-02-28 12:21 - 2016-02-28 16:58 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2016-02-28 12:21 - 2016-02-28 12:21 - 00001986 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2016-02-28 12:21 - 2016-02-28 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-02-28 12:21 - 2016-02-28 12:21 - 00000000 ____D C:\Program Files\Aeria Games
2016-02-28 12:20 - 2016-02-28 12:20 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Aeria Games & Entertainment
2016-02-28 11:43 - 2016-02-28 12:21 - 00000000 ____D C:\AeriaGames
2016-02-28 11:43 - 2016-02-28 11:43 - 00500832 _____ (Aeria Games & Entertainment) C:\Users\Branco\Downloads\grandfantasia_pt_downloader.exe
2016-02-26 23:06 - 2016-02-26 23:06 - 00000000 ____D C:\Users\Branco\Documents\NEKO WORKs
2016-02-26 23:01 - 2016-02-26 23:01 - 00001669 _____ C:\Users\Branco\Desktop\nekopara_vol1 - Atalho.lnk
2016-02-26 22:59 - 2016-02-26 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEKO WORKs
2016-02-26 22:54 - 2016-02-26 22:54 - 00000000 ____D C:\Program Files\NEKO WORKs
2016-02-26 22:45 - 2016-03-07 09:25 - 00000000 ____D C:\Users\Branco\Downloads\nekopara_vol1
2016-02-26 22:06 - 2016-02-26 22:06 - 00001017 _____ C:\Users\Branco\Desktop\MEGAsync.lnk
2016-02-26 22:06 - 2016-02-26 22:06 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-02-26 22:03 - 2016-03-20 10:34 - 00000000 ____D C:\Users\Branco\AppData\Local\MEGAsync
2016-02-26 22:00 - 2016-02-26 22:02 - 10397616 _____ (MEGA Limited) C:\Users\Branco\Downloads\MEGAsyncSetup.exe
2016-02-26 00:23 - 2016-02-26 00:23 - 00000000 ____D C:\Users\Branco\AppData\Local\CEF
2016-02-26 00:22 - 2016-02-26 00:22 - 00000000 ____D C:\Users\Branco\AppData\Local\Steam
2016-02-25 23:42 - 2016-03-12 13:11 - 00000000 ____D C:\Program Files\Steam
2016-02-25 23:42 - 2016-03-12 13:08 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-02-25 23:42 - 2016-02-25 23:42 - 00000921 _____ C:\Users\Public\Desktop\Steam.lnk
2016-02-25 23:42 - 2016-02-25 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-25 23:40 - 2016-02-25 23:41 - 01380712 _____ C:\Users\Branco\Downloads\SteamSetup.exe
2016-02-25 22:50 - 2016-02-25 22:50 - 00000000 ____D C:\Users\Branco\AppData\Roaming\NekoWorks
2016-02-25 22:27 - 2016-02-25 22:57 - 00000000 ____D C:\Program Files\NEKOPARA Vol. 2
2016-02-25 22:27 - 2016-02-25 22:27 - 00000832 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEKOPARA Vol. 2.lnk
2016-02-25 22:27 - 2016-02-25 22:27 - 00000820 _____ C:\Users\Public\Desktop\NEKOPARA Vol. 2.lnk
2016-02-25 22:25 - 2016-02-25 22:26 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-02-25 22:25 - 2016-02-25 22:25 - 00001926 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-25 22:25 - 2016-02-25 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-25 22:17 - 2016-02-25 22:17 - 00000000 ____D C:\Users\Branco\AppData\Local\Disc_Soft_Ltd
2016-02-25 22:06 - 2016-02-25 22:06 - 00040504 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-02-25 22:06 - 2016-02-25 22:06 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-02-25 22:01 - 2016-02-25 22:17 - 00000000 ____D C:\Users\Branco\AppData\Roaming\DAEMON Tools Lite
2016-02-25 22:01 - 2016-02-25 22:01 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-02-25 21:59 - 2016-02-25 22:00 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2016-02-25 21:59 - 2016-02-25 22:00 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-02-25 21:49 - 2016-02-25 21:49 - 00689160 _____ (Disc Soft Ltd.) C:\Users\Branco\Downloads\DTLiteInstaller.exe
2016-02-25 21:14 - 2016-03-23 11:02 - 00000000 ___SD C:\Users\Branco\AppData\LocalLow\Temp
2016-02-25 21:13 - 2016-02-25 21:13 - 00002606 _____ C:\Users\Branco\Desktop\µTorrent.lnk
2016-02-25 21:13 - 2016-02-25 21:13 - 00002606 _____ C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-02-25 21:12 - 2016-03-23 11:02 - 00000000 ____D C:\Users\Branco\AppData\Roaming\uTorrent
2016-02-25 21:11 - 2016-02-25 21:11 - 02094080 _____ (BitTorrent Inc.) C:\Users\Branco\Downloads\uTorrent.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-23 11:22 - 2016-02-17 18:54 - 00000000 ____D C:\Program Files\baidu
2016-03-23 11:16 - 2016-02-20 11:03 - 00000000 ____D C:\Users\Todos os Usuários\BCloudScan_exe
2016-03-23 11:16 - 2016-02-20 11:03 - 00000000 ____D C:\ProgramData\BCloudScan_exe
2016-03-23 11:10 - 2016-02-14 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2016-03-23 11:03 - 2016-02-14 16:04 - 00002175 ____R C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-23 11:03 - 2009-07-13 23:04 - 00000580 _____ C:\Windows\win.ini
2016-03-23 07:16 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-03-22 22:14 - 2016-02-17 12:29 - 00000378 _____ C:\Windows\Tasks\update-sys.job
2016-03-22 21:27 - 2016-02-17 12:29 - 00000378 _____ C:\Windows\Tasks\update-S-1-5-21-219047011-488505859-3757021965-1000.job
2016-03-22 20:58 - 2016-02-14 15:57 - 00000000 ____D C:\Users\Branco\Downloads\Ta kawaii ta desu
2016-03-22 20:01 - 2016-02-17 12:30 - 00000000 ____D C:\Users\Branco\Documents\Lightshot
2016-03-22 16:04 - 2016-02-20 23:34 - 00000000 ____D C:\Users\Branco\Downloads\Osu beatmap
2016-03-22 15:16 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2016-03-21 11:11 - 2016-02-14 15:51 - 00000000 ____D C:\Users\Branco
2016-03-20 12:00 - 2016-02-14 15:51 - 00000000 ____D C:\Users\Branco\AppData\Local\VirtualStore
2016-03-20 11:45 - 2016-02-15 11:20 - 00000000 ____D C:\Users\Branco\AppData\Local\Razer
2016-03-20 11:44 - 2016-02-15 11:15 - 00002021 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2016-03-20 11:43 - 2016-02-15 11:13 - 00000000 ____D C:\Users\Todos os Usuários\Razer
2016-03-20 11:43 - 2016-02-15 11:13 - 00000000 ____D C:\ProgramData\Razer
2016-03-20 11:42 - 2016-02-15 11:13 - 00000000 ____D C:\Program Files\Razer
2016-03-16 22:34 - 2016-02-14 15:56 - 00000000 ____D C:\Users\Branco\Downloads\Menes
2016-03-16 15:02 - 2016-02-14 18:47 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Adobe
2016-03-16 08:43 - 2016-02-17 18:53 - 00000000 ____D C:\Users\Branco\AppData\Local\MiniService
2016-03-16 08:12 - 2009-07-14 01:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-15 11:18 - 2009-07-14 01:33 - 00461696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:51 - 2016-02-14 16:04 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:36 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-14 15:44 - 2013-11-08 16:54 - 00000000 ____D C:\Users\Branco\Downloads\WP8 SDK Tools Lite Setup Av1.0
2016-03-14 15:12 - 2015-12-05 14:13 - 00000000 ____D C:\XapcnDownLoad
2016-03-14 15:09 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\MSBuild
2016-03-14 14:15 - 2016-02-14 16:01 - 00115392 _____ C:\Users\Branco\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-14 12:38 - 2016-02-15 11:14 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-03-14 12:38 - 2016-02-15 11:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-13 22:38 - 2016-02-14 16:02 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-11 09:09 - 2016-02-14 15:52 - 00001389 _____ C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-08 19:13 - 2011-02-05 15:01 - 00000000 ____D C:\Windows\ShellNew
2016-03-08 19:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-05 23:35 - 2016-02-15 18:52 - 00000000 ____D C:\Users\Branco\Downloads\Musica de uns animo massa
2016-02-27 10:42 - 2016-02-14 18:15 - 00007609 _____ C:\Users\Branco\AppData\Local\Resmon.ResmonCfg
2016-02-25 22:50 - 2016-02-14 17:01 - 00000000 ____D C:\Users\Todos os Usuários\Steam
2016-02-25 22:50 - 2016-02-14 17:01 - 00000000 ____D C:\ProgramData\Steam
2016-02-22 19:15 - 2016-02-20 22:45 - 00000000 ____D C:\Users\Branco\AppData\Local\osu!
==================== Arquivos na raiz de alguns diretórios =======
2016-03-14 11:50 - 2016-01-11 15:49 - 1734656 _____ () C:\Users\Branco\AppData\Roaming\service.exe
2016-03-14 13:08 - 2016-03-14 15:44 - 0000104 ____H () C:\Users\Branco\AppData\Roaming\WPVXAP.setting
2016-02-14 18:15 - 2016-02-27 10:42 - 0007609 _____ () C:\Users\Branco\AppData\Local\Resmon.ResmonCfg
2016-02-17 12:29 - 2016-02-17 12:29 - 0000003 _____ () C:\Users\Branco\AppData\Local\updater.log
2016-02-17 12:29 - 2016-02-17 12:29 - 0000412 _____ () C:\Users\Branco\AppData\Local\UserProducts.xml
2016-03-15 11:08 - 2016-03-15 11:08 - 0000000 _____ () C:\Users\Branco\AppData\Local\{EC0EB707-A8AC-4AF6-819D-DF690771905D}
2016-02-14 16:21 - 2016-02-14 16:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-03-16 08:11 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2016-02-14 18:39 - 2016-02-14 18:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-14 17:54 - 2016-02-14 17:54 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js
2016-03-16 08:11 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-03-16 08:10 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-03-16 08:10 - 2016-03-02 10:49 - 1888256 _____ () C:\ProgramData\msiql.exe
2016-03-14 11:50 - 2016-01-11 15:49 - 1734656 _____ () C:\ProgramData\service.exe
2016-03-16 08:10 - 2016-03-23 11:02 - 0015482 _____ () C:\ProgramData\webad.xml
2016-03-16 08:11 - 2016-03-23 10:28 - 0897677 _____ () C:\ProgramData\YSIns.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\Branco\AppData\Local\Temp\CU6BHY8P8\CU6BHY8P8.exe
C:\Windows\TEMP\is-IOVE3.tmp\print.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YSIns.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YSIns.exe
Alguns arquivos em TEMP:
====================
C:\Users\Branco\AppData\Local\Temp\bitool.dll
C:\Users\Branco\AppData\Local\Temp\downloader_3.2.1504.1_347BR_366_20160310_1815.exe
C:\Users\Branco\AppData\Local\Temp\LJ2D4R9TYA.exe
C:\Users\Branco\AppData\Local\Temp\Notes_0017201_01.exe
C:\Users\Branco\AppData\Local\Temp\ose00000.exe
C:\Users\Branco\AppData\Local\Temp\qqpcmgr_v11.3.17201.218_73686_Silence.exe
C:\Users\Branco\AppData\Local\Temp\Setup__2140_il56741.exe
C:\Users\Branco\AppData\Local\Temp\spark_install(1).exe
C:\Users\Branco\AppData\Local\Temp\spark_install.exe
C:\Users\Branco\AppData\Local\Temp\ZVQ9DPA8W2.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-03-11 12:07
==================== Fim de FRST.txt ============================
Executado por Branco (administrador) em BRANCO-PC (23-03-2016 11:33:05)
Executando a partir de C:\Users\Branco\Downloads
Perfis Carregados: Branco (Perfis Disponíveis: Branco)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\SysOptEngineSvc.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\FasterNow.exe
(Baidu, Inc.) C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Primary Color\updatePrimaryColor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Baidu PC Faster 5.1.0.0] => C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe [2333152 2015-05-07] (Baidu, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12205784 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [Baidu PC Faster 4.0.0.0] => C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe [2333152 2015-05-07] (Baidu, Inc.)
HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM\...\Run: [win_en_77] => "C:\Program Files\win_en_77\win_en_77.exe"
HKLM\...\Run: [sun21] => [X]
HKLM\...\Run: [un] => C:\Users\Branco\AppData\Local\Temp\un.exe /start <===== ATENÇÃO
HKLM\...\Run: [rec_en_221] => "C:\Program Files\rec_en_221\rec_en_221.exe"
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM\...\Run: [RazerCortex] => C:\Program Files\Razer\Razer Cortex\RazerCortex.exe [2265928 2016-02-26] (Razer Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [uTorrent] => C:\Users\Branco\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-02-25] (BitTorrent Inc.)
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Branco\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [YeaInstaller] => C:\Users\Branco\AppData\Local\Temp\CU6BHY8P8\CU6BHY8P8.exe [1968128 2016-03-11] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [msiql] => C:\ProgramData\msiql.exe [1888256 2016-03-02] ()
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\F9A8B7D3FAB1BD35CB5A96050ADC2F9F.dll Start /DEFAULT
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [Pritc] => C:\Windows\TEMP\is-IOVE3.tmp\print.exe [2960896 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-219047011-488505859-3757021965-1000\...\MountPoints2: {05f79673-dc03-11e5-bee0-e89a8fd68ab6} - G:\SETUP.EXE
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Branco\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Branco\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Branco\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{003CC5E5-C234-45BA-8D54-E401CC2B2EEB}: [DhcpNameServer] 192.168.25.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-219047011-488505859-3757021965-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Windows\system32\config\systemprofile\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-06-18] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Branco\AppData\Roaming\Mozilla\Firefox\Profiles\tlaymlb8.default
FF Homepage: search.mpc.am
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-20] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-03] [não assinado]
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://search.mpc.am?q={searchTerms}&cx=partner-pub-3796753109442372:3837783968
CHR DefaultSearchKeyword: Default -> MPC Safe Search
CHR Profile: C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16]
CHR Extension: (Google Docs) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16]
CHR Extension: (Google Drive) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-14]
CHR Extension: (YouTube) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-14]
CHR Extension: (Google Search) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-14]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2016-03-22]
CHR Extension: (Planilhas do Google) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16]
CHR Extension: (Documentos Google off-line) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Super Animes) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\glokngbimckbfigmglafekkfcaflbaef [2016-02-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-14]
CHR Extension: (Gmail) - C:\Users\Branco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-14]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 AppMgr3.57.4713165; C:\ProgramData\AppMgr3.57.4713165\AppMgr.exe [488360 2016-03-23] ()
S4 BASSVC; C:\Program Files\Baidu Security\MoboMarket\1.3.7.5967\bassvc.exe [208928 2015-04-22] (Baidu, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1082232 2016-01-15] (Disc Soft Ltd)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-01-11] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-03-16] (TODO: ) [Arquivo não assinado]
S2 IpOverUsbSvc; C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
S2 MiniService; C:\Users\Branco\AppData\Local\MiniService\MiniService.exe [106296 2016-03-16] (Baidu Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [3621784 2015-12-15] (INCA Internet Co., Ltd.)
R2 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448 2015-05-07] (Baidu, Inc.)
S2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [190120 2016-01-29] ()
S2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [132864 2016-02-26] (Razer Inc.)
R2 Update Primary Color; C:\Program Files\Primary Color\updatePrimaryColor.exe [660904 2016-03-23] ()
S2 Util Primary Color; C:\Program Files\Primary Color\bin\utilPrimaryColor.exe [660904 2016-03-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 XapcnPhoneService; C:\Program Files\爱应用PC版\wp8svc.exe [34776 2014-05-21] () [Arquivo não assinado]
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [X]
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [X]
S2 Update Web Amplified; "C:\Program Files\Web Amplified\updateWebAmplified.exe" [X]
S2 Util Web Amplified; "C:\Program Files\Web Amplified\bin\utilWebAmplified.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [46440 2015-03-31] (Baidu, Inc.)
R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [113992 2015-03-31] (Baidu, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [49408 2016-03-11] (Cherimoya Ltd) [Arquivo não assinado]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-02-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-02-25] (Disc Soft Ltd)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [489832 2013-11-21] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-11-21] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 1999-12-31] (Qualcomm Atheros Co., Ltd.)
R3 PCFApiUtil; C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [118152 2015-03-31] (Baidu, Inc.)
R2 SPDRIVER_1.42.1.10650; C:\Program Files\ShopperPro3\JSDriver\1.42.1.10650\jsdrv.sys [32256 2016-03-13] () [Arquivo não assinado]
R1 {333b9599-10bc-4dd6-bf9d-3e9ff9ed1474}Gw; C:\Windows\System32\drivers\{333b9599-10bc-4dd6-bf9d-3e9ff9ed1474}Gw.sys [43112 2016-03-10] (StdLib)
R1 {786e1909-a881-43dd-a702-77d1bd01d1fb}Gw; C:\Windows\System32\drivers\{786e1909-a881-43dd-a702-77d1bd01d1fb}Gw.sys [42824 2016-03-23] (StdLib)
R0 MPCBase; System32\drivers\MPCBase.sys [X]
R1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X]
S2 rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [X]
S2 rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-23 11:33 - 2016-03-23 11:33 - 00015262 _____ C:\Users\Branco\Downloads\FRST.txt
2016-03-23 11:32 - 2016-03-23 11:33 - 00000000 ____D C:\FRST
2016-03-23 11:31 - 2016-03-23 11:31 - 01725440 _____ (Farbar) C:\Users\Branco\Downloads\FRST.exe
2016-03-23 11:02 - 2016-03-23 11:02 - 00000000 ____D C:\Users\Todos os Usuários\6534aa3a-6df1-0
2016-03-23 11:02 - 2016-03-23 11:02 - 00000000 ____D C:\ProgramData\6534aa3a-6df1-0
2016-03-23 10:32 - 2016-03-23 10:32 - 00000000 ____D C:\Users\Branco\AppData\Roaming\MCorp
2016-03-23 10:31 - 2016-03-23 03:07 - 00042824 _____ (StdLib) C:\Windows\system32\Drivers\{786e1909-a881-43dd-a702-77d1bd01d1fb}Gw.sys
2016-03-23 10:29 - 2016-03-23 10:29 - 00000000 ____D C:\Users\Todos os Usuários\6534aa3a-5b73-1
2016-03-23 10:29 - 2016-03-23 10:29 - 00000000 ____D C:\ProgramData\6534aa3a-5b73-1
2016-03-23 07:18 - 2016-03-23 07:19 - 00000000 ____D C:\Users\Todos os Usuários\AppMgr3.57.4713165
2016-03-23 07:18 - 2016-03-23 07:19 - 00000000 ____D C:\ProgramData\AppMgr3.57.4713165
2016-03-23 07:17 - 2016-03-23 11:03 - 00000000 ____D C:\Program Files\Primary Color
2016-03-23 07:16 - 2016-03-23 11:02 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\uTorrent
2016-03-23 07:15 - 2016-03-23 11:25 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-03-22 15:52 - 2016-03-22 15:53 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Mozilla
2016-03-22 15:52 - 2016-03-22 15:52 - 00000000 ____D C:\Users\Branco\AppData\Local\Mozilla
2016-03-22 15:51 - 2016-03-23 11:03 - 00001165 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 15:51 - 2016-03-23 11:03 - 00001153 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-22 15:51 - 2016-03-22 15:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-03-22 15:49 - 2016-03-22 15:50 - 43499792 _____ C:\Users\Branco\Downloads\Firefox Setup 45.0.exe
2016-03-22 15:31 - 2016-03-22 22:34 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-22 15:31 - 2016-03-22 22:34 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-22 15:28 - 2016-03-23 11:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 15:28 - 2016-03-22 15:28 - 00001226 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-22 15:28 - 2015-03-31 03:22 - 00113992 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\BprotectEx.sys
2016-03-22 15:28 - 2015-03-31 03:22 - 00046440 _____ (Baidu, Inc.) C:\Windows\system32\Drivers\Bhbase.sys
2016-03-20 14:42 - 2016-03-20 14:45 - 00000000 ____D C:\Users\Branco\Desktop\SkyrimConfigBackup
2016-03-20 14:42 - 2016-03-20 14:42 - 00000000 ____D C:\Users\Branco\Downloads\ULG4S
2016-03-20 14:29 - 2016-03-20 15:32 - 00000000 ____D C:\Users\Branco\AppData\Local\ULG
2016-03-20 14:15 - 2016-03-20 14:15 - 00919786 _____ C:\Users\Branco\Downloads\ULG Installer - 4S-17137-4-0.zip
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Sun
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Sun
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Users\Branco\.oracle_jre_usage
2016-03-20 14:08 - 2016-03-20 14:08 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-20 14:07 - 2016-03-20 14:07 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-03-20 14:07 - 2016-03-20 14:07 - 00000000 ____D C:\ProgramData\Oracle
2016-03-20 14:07 - 2016-03-20 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-20 14:06 - 2016-03-20 14:06 - 00916058 _____ C:\Users\Branco\Downloads\ULG Installer - 5S-17137-5-0.zip
2016-03-20 14:06 - 2016-03-20 14:06 - 00000000 ____D C:\Program Files\Java
2016-03-20 14:05 - 2016-03-20 14:05 - 00735328 _____ (Oracle Corporation) C:\Users\Branco\Downloads\chromeinstall-8u73.exe
2016-03-20 14:05 - 2016-03-20 14:05 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Oracle
2016-03-20 10:49 - 2015-11-11 08:57 - 00121741 _____ C:\Users\Branco\Desktop\ULGX.jar
2016-03-18 10:27 - 2016-03-18 10:27 - 00118995 _____ C:\Users\Branco\Downloads\ULGX Beta-17137-10-0b11.zip
2016-03-18 10:23 - 2016-03-18 10:24 - 00000000 ____D C:\Users\Branco\Documents\Nexus Mod Manager
2016-03-18 10:23 - 2016-03-18 10:23 - 00000000 ____D C:\Users\Branco\AppData\Local\Black_Tree_Gaming
2016-03-18 10:11 - 2016-03-18 10:11 - 01424328 _____ (Microsoft Corporation) C:\Users\Branco\Downloads\NDP461-KB3102438-Web.exe
2016-03-18 10:10 - 2016-03-18 10:10 - 00001043 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-03-18 10:10 - 2016-03-18 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-03-18 10:10 - 2016-03-18 10:10 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-03-18 10:08 - 2016-03-18 10:08 - 05495448 _____ (Black Tree Gaming ) C:\Users\Branco\Downloads\Nexus Mod Manager-0.61.14.exe
2016-03-17 23:49 - 2016-03-18 00:06 - 00000000 ____D C:\Users\Branco\Downloads\Curso de Japonês
2016-03-16 16:02 - 2016-03-16 16:02 - 00000000 ____D C:\Users\Branco\Tracing
2016-03-16 15:58 - 2016-03-23 11:05 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Skype
2016-03-16 15:58 - 2016-03-16 15:58 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-16 15:58 - 2016-03-16 15:58 - 00000000 ___RD C:\Program Files\Skype
2016-03-16 15:58 - 2016-03-16 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-16 15:58 - 2016-03-16 15:58 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-16 15:57 - 2016-03-16 15:58 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-03-16 15:57 - 2016-03-16 15:58 - 00000000 ____D C:\ProgramData\Skype
2016-03-16 15:56 - 2016-03-16 15:56 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Branco\Downloads\SkypeSetup.exe
2016-03-16 15:29 - 2016-03-16 15:29 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Adobe
2016-03-16 15:02 - 2016-03-16 15:30 - 00000000 ____D C:\Users\Branco\AppData\Local\Adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Thinstall
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\Users\Branco\AppData\Local\Thinstall
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-16 15:01 - 2016-03-16 15:01 - 00000000 ____D C:\ProgramData\Adobe
2016-03-16 15:01 - 2014-04-23 21:58 - 00000000 ____D C:\Users\Branco\Desktop\Photoshop CS5 Portable [Portugues]
2016-03-16 15:00 - 2016-03-16 15:01 - 167729172 _____ C:\Users\Branco\Downloads\Photoshop CS5 Portable [Portugues].rar
2016-03-16 09:29 - 2016-03-16 09:32 - 85159399 _____ C:\Users\Branco\Downloads\Rayman_Fiesta_Run_v1.0.0.17-Winphonehub.xap
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-03-16 08:12 - 2016-03-16 08:12 - 00000000 ____D C:\Program Files\ShopperPro3
2016-03-16 08:11 - 2016-03-23 10:28 - 00897677 _____ C:\Users\Todos os Usuários\YSIns.exe
2016-03-16 08:11 - 2016-03-23 10:28 - 00897677 _____ C:\ProgramData\YSIns.exe
2016-03-16 08:11 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-03-16 08:11 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-03-16 08:11 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-03-16 08:11 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-03-16 08:10 - 2016-03-23 11:27 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-16 08:10 - 2016-03-23 11:27 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-16 08:10 - 2016-03-23 11:02 - 00015482 _____ C:\Users\Todos os Usuários\webad.xml
2016-03-16 08:10 - 2016-03-23 11:02 - 00015482 _____ C:\ProgramData\webad.xml
2016-03-16 08:10 - 2016-03-16 08:10 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-03-16 08:10 - 2016-03-16 08:10 - 00000000 ____D C:\ProgramData\Windows Update
2016-03-16 08:10 - 2016-03-02 10:49 - 01888256 _____ C:\Users\Todos os Usuários\msiql.exe
2016-03-16 08:10 - 2016-03-02 10:49 - 01888256 _____ C:\ProgramData\msiql.exe
2016-03-16 08:10 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-03-16 08:10 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-03-15 11:08 - 2016-03-15 11:08 - 00000000 _____ C:\Users\Branco\AppData\Local\{EC0EB707-A8AC-4AF6-819D-DF690771905D}
2016-03-14 20:52 - 2016-03-14 20:52 - 00001203 _____ C:\Users\Branco\Desktop\Stardew Valley - Atalho.lnk
2016-03-14 20:39 - 2016-03-20 18:28 - 00000000 ____D C:\Users\Branco\AppData\Roaming\StardewValley
2016-03-14 20:37 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-03-14 20:37 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-03-14 20:37 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-03-14 20:37 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-03-14 20:37 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-14 20:37 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-03-14 20:36 - 2016-03-14 20:36 - 00000000 ____D C:\Program Files\Microsoft XNA
2016-03-14 20:34 - 2016-03-14 20:52 - 00000000 ____D C:\Users\Branco\Desktop\IGG-StardeValleyv1.051
2016-03-14 20:33 - 2016-03-14 20:34 - 302262929 _____ C:\Users\Branco\Downloads\IGG-StardeValleyv1.051.rar
2016-03-14 15:11 - 2016-03-14 15:11 - 00001074 _____ C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\爱应用PC版.lnk
2016-03-14 15:11 - 2016-03-14 15:11 - 00000000 ____D C:\Users\Branco\AppData\Roaming\XapcnClient
2016-03-14 15:11 - 2016-03-14 15:11 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱应用PC版
2016-03-14 15:10 - 2016-03-14 15:39 - 00000000 ____D C:\Program Files\爱应用PC版
2016-03-14 15:10 - 2016-03-14 15:10 - 00001050 _____ C:\Users\Branco\Desktop\爱应用PC版.lnk
2016-03-14 15:09 - 2016-03-14 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 7.1
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sdk7.1
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\Program Files\sdk7.1
2016-03-14 15:09 - 2016-03-14 15:09 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2016-03-14 14:13 - 2016-03-14 14:13 - 00000000 ____D C:\Users\Branco\Downloads\Windows Phone - Other hardware - WinUsb Device
2016-03-14 13:41 - 2016-03-14 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-03-14 13:38 - 2016-03-14 13:38 - 00000000 ____D C:\Program Files\Windows Phone Silverlight Kits
2016-03-14 13:36 - 2016-03-14 15:10 - 00000000 ____D C:\Program Files\Microsoft XDE
2016-03-14 13:36 - 2016-03-14 15:09 - 00000000 ____D C:\Program Files\Windows Phone Kits
2016-03-14 13:36 - 2016-03-14 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-03-14 13:36 - 2016-03-14 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2016-03-14 13:30 - 2015-06-04 11:02 - 00000000 ____D C:\Users\Branco\Desktop\WP8.1 SDK Tools Lite Setup Av1.20
2016-03-14 13:20 - 2016-03-14 13:26 - 00000000 ____D C:\Windows\system32\appmgmt
2016-03-14 13:08 - 2016-03-14 15:44 - 00000104 ____H C:\Users\Branco\AppData\Roaming\WPVXAP.setting
2016-03-14 12:41 - 2016-03-14 12:41 - 00000000 ____D C:\Users\Branco\Downloads\Windows Kits
2016-03-14 12:38 - 2016-03-14 12:38 - 00000000 ____D C:\Program Files\Windows Kits
2016-03-14 12:20 - 2016-03-17 12:00 - 00000000 ____D C:\Program Files\Microsoft SDKs
2016-03-14 11:50 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Todos os Usuários\service.exe
2016-03-14 11:50 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Branco\AppData\Roaming\service.exe
2016-03-14 11:50 - 2016-01-11 15:49 - 01734656 _____ C:\ProgramData\service.exe
2016-03-13 20:24 - 2015-12-15 04:58 - 03621784 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
2016-03-13 20:24 - 2004-12-30 09:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\npptNT2.sys
2016-03-13 20:24 - 2003-07-15 18:17 - 00005174 _____ C:\Windows\system32\nppt9x.vxd
2016-03-13 20:23 - 2016-03-13 20:23 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-03-13 19:10 - 2016-03-13 21:14 - 00000737 _____ C:\Users\Public\Desktop\Ragnarok.lnk
2016-03-13 19:10 - 2016-03-13 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up
2016-03-13 18:51 - 2016-03-13 18:51 - 00000000 ____D C:\Level Up
2016-03-13 18:16 - 2016-03-13 18:35 - 1862719622 ____R (Level Up! Games ) C:\Users\Branco\Downloads\Instalador_Client_Ragnarok_20150422.exe
2016-03-12 16:05 - 2016-03-12 16:05 - 00001523 _____ C:\Users\Branco\Desktop\GrandChase - Atalho.lnk
2016-03-12 16:01 - 2016-03-12 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Chase History
2016-03-12 15:33 - 2016-03-12 16:23 - 00000000 ____D C:\Program Files\Grand Chase History
2016-03-12 11:39 - 2016-03-12 12:35 - 00000000 ____D C:\Users\Branco\Documents\DragonNest
2016-03-12 10:25 - 2016-03-12 13:09 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-11 09:38 - 2016-03-11 09:38 - 00081768 ____R (Microsoft Corporation) C:\Windows\xinput1_3.dll
2016-03-11 09:36 - 2016-03-11 09:36 - 01892184 ____R (Microsoft Corporation) C:\Windows\d3dx9_42.dll
2016-03-11 09:33 - 2016-03-11 09:33 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-03-11 09:33 - 2016-03-11 09:33 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-03-11 09:32 - 2016-03-11 09:32 - 00000000 ____D C:\Users\Branco\AppData\Local\macpromosoft
2016-03-11 09:16 - 2016-03-11 09:16 - 00000000 ____D C:\Program Files\Tencent
2016-03-11 09:15 - 2016-03-11 09:16 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-03-11 09:15 - 2016-03-11 09:16 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Tencent
2016-03-11 09:15 - 2016-03-11 09:16 - 00000000 ____D C:\ProgramData\Tencent
2016-03-11 09:14 - 2016-03-11 09:14 - 00000000 ____D C:\Users\Branco\AppData\Local\rec_en_221
2016-03-11 09:14 - 2016-03-11 09:10 - 00000967 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-03-11 09:13 - 2016-03-11 09:35 - 00000000 ____D C:\Program Files\64F5BFA8-1457698412-FC40-B9EE-E89A8FD68AB6
2016-03-11 09:12 - 2016-03-11 09:13 - 00000000 ___HD C:\Users\Branco\Documents\Panda StickyNotes
2016-03-11 09:11 - 2016-03-10 06:30 - 00043112 _____ (StdLib) C:\Windows\system32\Drivers\{333b9599-10bc-4dd6-bf9d-3e9ff9ed1474}Gw.sys
2016-03-11 09:09 - 2016-03-11 09:09 - 00000000 ____D C:\Users\Branco\AppData\Roaming\UG
2016-03-11 09:08 - 2016-03-11 09:33 - 00000000 ____D C:\Program Files\UPCleaner
2016-03-11 09:07 - 2016-03-11 09:07 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\Company
2016-03-11 09:07 - 2016-03-11 09:07 - 00000000 ____D C:\Users\Branco\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-03-11 09:07 - 2016-03-11 09:07 - 00000000 ____D C:\uninst
2016-03-11 09:06 - 2016-03-11 09:10 - 00000000 ____D C:\Program Files\Sound+
2016-03-11 09:06 - 2016-03-11 09:06 - 00000000 ____D C:\Users\Branco\AppData\Local\win_en_77
2016-03-11 08:45 - 2016-03-11 08:45 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-03-11 08:45 - 2016-03-11 08:45 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-03-11 08:45 - 2016-03-11 08:45 - 00000000 ____D C:\ProgramData\TEMP
2016-03-11 08:45 - 2015-02-17 11:20 - 00018992 _____ (Dll-Files.com) C:\Windows\system32\roboot.exe
2016-03-11 08:35 - 2016-03-18 10:29 - 00000000 ____D C:\Users\Branco\AppData\Local\Skyrim
2016-03-11 08:35 - 2016-03-11 08:35 - 00000000 ____D C:\Users\Branco\Documents\My Games
2016-03-11 07:57 - 2016-03-11 09:07 - 00049408 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2016-03-10 18:36 - 2016-03-10 18:36 - 00001800 _____ C:\Users\Branco\Desktop\Play The Elder Scrolls V Skyrim.lnk
2016-03-10 06:44 - 2016-03-18 10:24 - 00000000 ____D C:\Games
2016-03-09 22:28 - 2016-03-09 23:53 - 00000000 ____D C:\Users\Branco\Downloads\The Elder Scrolls V Skyrim PC full game + DLC ^^nosTEAM^^
2016-03-08 19:54 - 2016-03-08 19:54 - 00000000 ____D C:\Users\Branco\Documents\Modelos Personalizados do Office
2016-03-08 19:15 - 2016-03-08 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-08 19:15 - 2016-03-08 19:15 - 00002901 _____ C:\Users\Branco\Desktop\Word 2013.lnk
2016-03-08 19:13 - 2016-03-08 19:13 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-03-08 19:10 - 2016-03-08 19:10 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-03-08 19:10 - 2016-03-08 19:10 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-08 19:09 - 2016-03-22 15:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-08 19:09 - 2016-03-08 19:11 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-03-08 19:09 - 2016-03-08 19:09 - 00000000 ____D C:\Windows\PCHEALTH
2016-03-08 19:03 - 2016-03-08 19:03 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-03-08 19:02 - 2016-03-08 19:23 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-03-08 19:02 - 2016-03-08 19:09 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-08 19:02 - 2016-03-08 19:02 - 00000000 ____D C:\Users\Branco\AppData\Local\Microsoft Help
2016-03-08 18:38 - 2016-03-08 18:44 - 681619456 _____ C:\Users\Branco\Downloads\OfficeProfessionalPlus_x86_pt-br.img
2016-03-08 10:03 - 2016-03-08 12:02 - 00000000 ____D C:\Users\Branco\Documents\MEGAsync Downloads
2016-03-08 10:03 - 2016-03-08 10:03 - 00000000 ___RD C:\Users\Branco\Documents\MEGA
2016-03-08 10:01 - 2016-03-08 10:01 - 00000000 ____D C:\Users\Branco\AppData\Local\Mega Limited
2016-03-07 19:47 - 2016-03-07 19:47 - 00088280 ____H C:\Windows\system32\mlfcache.dat
2016-03-07 10:35 - 2016-03-07 10:52 - 00000000 ____D C:\Wooxy
2016-03-07 10:35 - 2016-03-07 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wooxy
2016-03-04 11:30 - 2016-03-05 13:23 - 00000000 ____D C:\Users\Branco\Downloads\euescuto.com.br - Gorillaz
2016-03-04 11:12 - 2016-03-04 11:27 - 191333281 _____ C:\Users\Branco\Downloads\euescuto.com.br_-_Gorillaz.zip
2016-03-01 22:10 - 2016-03-01 22:10 - 01144750 _____ C:\Users\Branco\Downloads\12734846_1699190990296083_1740417283_n.mp4
2016-02-28 17:16 - 2016-02-28 17:16 - 00001196 _____ C:\Users\Branco\Desktop\_Launcher - Atalho.lnk
2016-02-28 15:15 - 2016-03-11 09:09 - 00001734 _____ C:\Users\Branco\Desktop\GrandFantasiaPT.lnk
2016-02-28 15:15 - 2016-02-28 15:15 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-02-28 15:03 - 2016-02-28 15:03 - 00000000 ____D C:\Users\Branco\AppData\Local\Aeria Games
2016-02-28 12:27 - 2016-02-28 12:27 - 00000000 ____D C:\Users\Todos os Usuários\Aeria Games
2016-02-28 12:27 - 2016-02-28 12:27 - 00000000 ____D C:\ProgramData\Aeria Games
2016-02-28 12:21 - 2016-02-28 16:58 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2016-02-28 12:21 - 2016-02-28 12:21 - 00001986 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2016-02-28 12:21 - 2016-02-28 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-02-28 12:21 - 2016-02-28 12:21 - 00000000 ____D C:\Program Files\Aeria Games
2016-02-28 12:20 - 2016-02-28 12:20 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Aeria Games & Entertainment
2016-02-28 11:43 - 2016-02-28 12:21 - 00000000 ____D C:\AeriaGames
2016-02-28 11:43 - 2016-02-28 11:43 - 00500832 _____ (Aeria Games & Entertainment) C:\Users\Branco\Downloads\grandfantasia_pt_downloader.exe
2016-02-26 23:06 - 2016-02-26 23:06 - 00000000 ____D C:\Users\Branco\Documents\NEKO WORKs
2016-02-26 23:01 - 2016-02-26 23:01 - 00001669 _____ C:\Users\Branco\Desktop\nekopara_vol1 - Atalho.lnk
2016-02-26 22:59 - 2016-02-26 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEKO WORKs
2016-02-26 22:54 - 2016-02-26 22:54 - 00000000 ____D C:\Program Files\NEKO WORKs
2016-02-26 22:45 - 2016-03-07 09:25 - 00000000 ____D C:\Users\Branco\Downloads\nekopara_vol1
2016-02-26 22:06 - 2016-02-26 22:06 - 00001017 _____ C:\Users\Branco\Desktop\MEGAsync.lnk
2016-02-26 22:06 - 2016-02-26 22:06 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-02-26 22:03 - 2016-03-20 10:34 - 00000000 ____D C:\Users\Branco\AppData\Local\MEGAsync
2016-02-26 22:00 - 2016-02-26 22:02 - 10397616 _____ (MEGA Limited) C:\Users\Branco\Downloads\MEGAsyncSetup.exe
2016-02-26 00:23 - 2016-02-26 00:23 - 00000000 ____D C:\Users\Branco\AppData\Local\CEF
2016-02-26 00:22 - 2016-02-26 00:22 - 00000000 ____D C:\Users\Branco\AppData\Local\Steam
2016-02-25 23:42 - 2016-03-12 13:11 - 00000000 ____D C:\Program Files\Steam
2016-02-25 23:42 - 2016-03-12 13:08 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-02-25 23:42 - 2016-02-25 23:42 - 00000921 _____ C:\Users\Public\Desktop\Steam.lnk
2016-02-25 23:42 - 2016-02-25 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-25 23:40 - 2016-02-25 23:41 - 01380712 _____ C:\Users\Branco\Downloads\SteamSetup.exe
2016-02-25 22:50 - 2016-02-25 22:50 - 00000000 ____D C:\Users\Branco\AppData\Roaming\NekoWorks
2016-02-25 22:27 - 2016-02-25 22:57 - 00000000 ____D C:\Program Files\NEKOPARA Vol. 2
2016-02-25 22:27 - 2016-02-25 22:27 - 00000832 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEKOPARA Vol. 2.lnk
2016-02-25 22:27 - 2016-02-25 22:27 - 00000820 _____ C:\Users\Public\Desktop\NEKOPARA Vol. 2.lnk
2016-02-25 22:25 - 2016-02-25 22:26 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-02-25 22:25 - 2016-02-25 22:25 - 00001926 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-25 22:25 - 2016-02-25 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-25 22:17 - 2016-02-25 22:17 - 00000000 ____D C:\Users\Branco\AppData\Local\Disc_Soft_Ltd
2016-02-25 22:06 - 2016-02-25 22:06 - 00040504 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-02-25 22:06 - 2016-02-25 22:06 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-02-25 22:01 - 2016-02-25 22:17 - 00000000 ____D C:\Users\Branco\AppData\Roaming\DAEMON Tools Lite
2016-02-25 22:01 - 2016-02-25 22:01 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-02-25 21:59 - 2016-02-25 22:00 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2016-02-25 21:59 - 2016-02-25 22:00 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-02-25 21:49 - 2016-02-25 21:49 - 00689160 _____ (Disc Soft Ltd.) C:\Users\Branco\Downloads\DTLiteInstaller.exe
2016-02-25 21:14 - 2016-03-23 11:02 - 00000000 ___SD C:\Users\Branco\AppData\LocalLow\Temp
2016-02-25 21:13 - 2016-02-25 21:13 - 00002606 _____ C:\Users\Branco\Desktop\µTorrent.lnk
2016-02-25 21:13 - 2016-02-25 21:13 - 00002606 _____ C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-02-25 21:12 - 2016-03-23 11:02 - 00000000 ____D C:\Users\Branco\AppData\Roaming\uTorrent
2016-02-25 21:11 - 2016-02-25 21:11 - 02094080 _____ (BitTorrent Inc.) C:\Users\Branco\Downloads\uTorrent.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-23 11:22 - 2016-02-17 18:54 - 00000000 ____D C:\Program Files\baidu
2016-03-23 11:16 - 2016-02-20 11:03 - 00000000 ____D C:\Users\Todos os Usuários\BCloudScan_exe
2016-03-23 11:16 - 2016-02-20 11:03 - 00000000 ____D C:\ProgramData\BCloudScan_exe
2016-03-23 11:10 - 2016-02-14 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2016-03-23 11:03 - 2016-02-14 16:04 - 00002175 ____R C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-23 11:03 - 2009-07-13 23:04 - 00000580 _____ C:\Windows\win.ini
2016-03-23 07:16 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-03-22 22:14 - 2016-02-17 12:29 - 00000378 _____ C:\Windows\Tasks\update-sys.job
2016-03-22 21:27 - 2016-02-17 12:29 - 00000378 _____ C:\Windows\Tasks\update-S-1-5-21-219047011-488505859-3757021965-1000.job
2016-03-22 20:58 - 2016-02-14 15:57 - 00000000 ____D C:\Users\Branco\Downloads\Ta kawaii ta desu
2016-03-22 20:01 - 2016-02-17 12:30 - 00000000 ____D C:\Users\Branco\Documents\Lightshot
2016-03-22 16:04 - 2016-02-20 23:34 - 00000000 ____D C:\Users\Branco\Downloads\Osu beatmap
2016-03-22 15:16 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2016-03-21 11:11 - 2016-02-14 15:51 - 00000000 ____D C:\Users\Branco
2016-03-20 12:00 - 2016-02-14 15:51 - 00000000 ____D C:\Users\Branco\AppData\Local\VirtualStore
2016-03-20 11:45 - 2016-02-15 11:20 - 00000000 ____D C:\Users\Branco\AppData\Local\Razer
2016-03-20 11:44 - 2016-02-15 11:15 - 00002021 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2016-03-20 11:43 - 2016-02-15 11:13 - 00000000 ____D C:\Users\Todos os Usuários\Razer
2016-03-20 11:43 - 2016-02-15 11:13 - 00000000 ____D C:\ProgramData\Razer
2016-03-20 11:42 - 2016-02-15 11:13 - 00000000 ____D C:\Program Files\Razer
2016-03-16 22:34 - 2016-02-14 15:56 - 00000000 ____D C:\Users\Branco\Downloads\Menes
2016-03-16 15:02 - 2016-02-14 18:47 - 00000000 ____D C:\Users\Branco\AppData\Roaming\Adobe
2016-03-16 08:43 - 2016-02-17 18:53 - 00000000 ____D C:\Users\Branco\AppData\Local\MiniService
2016-03-16 08:12 - 2009-07-14 01:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-15 11:18 - 2009-07-14 01:33 - 00461696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 22:51 - 2016-02-14 16:04 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 20:36 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-14 15:44 - 2013-11-08 16:54 - 00000000 ____D C:\Users\Branco\Downloads\WP8 SDK Tools Lite Setup Av1.0
2016-03-14 15:12 - 2015-12-05 14:13 - 00000000 ____D C:\XapcnDownLoad
2016-03-14 15:09 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\MSBuild
2016-03-14 14:15 - 2016-02-14 16:01 - 00115392 _____ C:\Users\Branco\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-14 12:38 - 2016-02-15 11:14 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-03-14 12:38 - 2016-02-15 11:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-13 22:38 - 2016-02-14 16:02 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-11 09:09 - 2016-02-14 15:52 - 00001389 _____ C:\Users\Branco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-08 19:13 - 2011-02-05 15:01 - 00000000 ____D C:\Windows\ShellNew
2016-03-08 19:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-05 23:35 - 2016-02-15 18:52 - 00000000 ____D C:\Users\Branco\Downloads\Musica de uns animo massa
2016-02-27 10:42 - 2016-02-14 18:15 - 00007609 _____ C:\Users\Branco\AppData\Local\Resmon.ResmonCfg
2016-02-25 22:50 - 2016-02-14 17:01 - 00000000 ____D C:\Users\Todos os Usuários\Steam
2016-02-25 22:50 - 2016-02-14 17:01 - 00000000 ____D C:\ProgramData\Steam
2016-02-22 19:15 - 2016-02-20 22:45 - 00000000 ____D C:\Users\Branco\AppData\Local\osu!
==================== Arquivos na raiz de alguns diretórios =======
2016-03-14 11:50 - 2016-01-11 15:49 - 1734656 _____ () C:\Users\Branco\AppData\Roaming\service.exe
2016-03-14 13:08 - 2016-03-14 15:44 - 0000104 ____H () C:\Users\Branco\AppData\Roaming\WPVXAP.setting
2016-02-14 18:15 - 2016-02-27 10:42 - 0007609 _____ () C:\Users\Branco\AppData\Local\Resmon.ResmonCfg
2016-02-17 12:29 - 2016-02-17 12:29 - 0000003 _____ () C:\Users\Branco\AppData\Local\updater.log
2016-02-17 12:29 - 2016-02-17 12:29 - 0000412 _____ () C:\Users\Branco\AppData\Local\UserProducts.xml
2016-03-15 11:08 - 2016-03-15 11:08 - 0000000 _____ () C:\Users\Branco\AppData\Local\{EC0EB707-A8AC-4AF6-819D-DF690771905D}
2016-02-14 16:21 - 2016-02-14 16:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-03-16 08:11 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2016-02-14 18:39 - 2016-02-14 18:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-14 17:54 - 2016-02-14 17:54 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js
2016-03-16 08:11 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-03-16 08:10 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-03-16 08:10 - 2016-03-02 10:49 - 1888256 _____ () C:\ProgramData\msiql.exe
2016-03-14 11:50 - 2016-01-11 15:49 - 1734656 _____ () C:\ProgramData\service.exe
2016-03-16 08:10 - 2016-03-23 11:02 - 0015482 _____ () C:\ProgramData\webad.xml
2016-03-16 08:11 - 2016-03-23 10:28 - 0897677 _____ () C:\ProgramData\YSIns.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\Branco\AppData\Local\Temp\CU6BHY8P8\CU6BHY8P8.exe
C:\Windows\TEMP\is-IOVE3.tmp\print.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YSIns.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YSIns.exe
Alguns arquivos em TEMP:
====================
C:\Users\Branco\AppData\Local\Temp\bitool.dll
C:\Users\Branco\AppData\Local\Temp\downloader_3.2.1504.1_347BR_366_20160310_1815.exe
C:\Users\Branco\AppData\Local\Temp\LJ2D4R9TYA.exe
C:\Users\Branco\AppData\Local\Temp\Notes_0017201_01.exe
C:\Users\Branco\AppData\Local\Temp\ose00000.exe
C:\Users\Branco\AppData\Local\Temp\qqpcmgr_v11.3.17201.218_73686_Silence.exe
C:\Users\Branco\AppData\Local\Temp\Setup__2140_il56741.exe
C:\Users\Branco\AppData\Local\Temp\spark_install(1).exe
C:\Users\Branco\AppData\Local\Temp\spark_install.exe
C:\Users\Branco\AppData\Local\Temp\ZVQ9DPA8W2.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-03-11 12:07
==================== Fim de FRST.txt ============================