cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-04-2016
Executado por Wesley (administrador) em WESLEY-PC (19-04-2016 02:34:29)
Executando a partir de C:\Users\Wesley\Downloads
Perfis Carregados: Wesley (Perfis Disponíveis: Wesley)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

() C:\ProgramData\CloudPrinter\CloudPrinter.exe
() C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009\knsbFAFB.tmpfs
() C:\Users\Wesley\AppData\Local\Apps\2.0\abril.exe
() C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009\hnsr3CE3.tmp
() C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009\jnsb1D6F.tmp
(Microsoft Corporation) C:\Users\Wesley\AppData\Roaming\XBox\XBLive.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [IDSCCOMOXL] => "C:\Program Files (x86)\Hostify\idsccom_OXL.exe"
HKLM\...\Run: [WINCOMTHF] => "C:\Program Files (x86)\sunnyday\wincom_THF.exe"
HKLM\...\Run: [IDSCCOMX8R] => "C:\Program Files (x86)\Hostify\idsccom_X8R.exe"
HKLM\...\Run: [WINCOMI5F] => "C:\Program Files (x86)\sunnyday\wincom_I5F.exe"
HKLM\...\Run: [IDSCCOMUL9] => "C:\Program Files (x86)\Hostify\idsccom_UL9.exe"
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe [310876 2016-04-18] ()
HKLM-x32\...\Run: [mbot_en_037050302] => [X]
HKLM-x32\...\Run: [mpck_en_005030302] => [X]
HKLM-x32\...\Run: [rec_en_258] => [X]
HKLM-x32\...\Run: [sun21] => [X]
HKLM\...\RunOnce: [WINDOWS_SCREEN_MANAGER_UPDATER_1] => C:\Program Files\Windows Screen Manager\Windows screen manage updater.exe [16896 2016-04-19] (Wizzservices)
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\...\Run: [WindApp] => "C:\Users\Wesley\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\...\Run: [Selection Tools] => "C:\Users\Wesley\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-09] ()
AppInit_DLLs: C:\ProgramData\Ronzap\Alphadubtam.dll => Nenhum Arquivo
AppInit_DLLs-x32: C:\ProgramData\Ronzap\Trantoflex.dll => Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Wesley\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Wesley\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Wesley\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Wesley\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Wesley\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Wesley\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 07 C:\ProgramData\System32\SafeGuard64.dll [3587000 2016-04-19] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 189.39.152.45 189.39.152.35
Tcpip\..\Interfaces\{9C25BE9C-15A8-4495-807A-EDE87E926F1D}: [DhcpNameServer] 189.39.152.45 189.39.152.35

Internet Explorer:
==================
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LPVJCKOu_F53rqVjz2TKTLvMCNTkWHaUZdtzdvavdW7dQdBWe_iceZgKn9jev4D8xosH8q8AB5t-FF1ouKYHRw7-OFf1Kz1-PlwhlqoCQAm4nZ8bY9SWiBQNhQbfCpZlxLaa_7L197sx59NmfpVrXcwKjfU&q={searchTerms}
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LPVJCKOu_F53rqVjz2TKTLvMCNTkWHaUZdtzdvavdW7dQdBWe_iceZgKn9jev4D8xYwFRj5iBVJu87ZzIQgAboJL1g9_duhJCc_R-cMPKcyGoPYRTLcFhuMzYfKsiMcQDUsqG2hubMg9pnbDuzkADhUIEOF
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LPVJCKOu_F53rqVjz2TKTLvMCNTkWHaUZdtzdvavdW7dQdBWe_iceZgKn9jev4D8xosH8q8AB5t-FF1ouKYHRw7-OFf1Kz1-PlwhlqoCQAm4nZ8bY9SWiBQNhQbfCpZlxLaa_7L197sx59NmfpVrXcwKjfU&q={searchTerms}
HKU\S-1-5-21-1757729026-2367722751-1759549650-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LPVJCKOu_F53rqVjz2TKTLvMCNTkWHaUZdtzdvavdW7dQdBWe_iceZgKn9jev4D8xosH8q8AB5t-FF1ouKYHRw7-OFf1Kz1-PlwhlqoCQAm4nZ8bY9SWiBQNhQbfCpZlxLaa_7L197sx59NmfpVrXcwKjfU&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LPVJCKOu_F53rqVjz2TKTLvMCNTkWHaUZdtzdvavdW7dQdBWe_iceZgKn9jev4D8xosH8q8AB5t-FF1ouKYHRw7-OFf1Kz1-PlwhlqoCQAm4nZ8bY9SWiBQNhQbfCpZlxLaa_7L197sx59NmfpVrXcwKjfU&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1757729026-2367722751-1759549650-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqfDHrz5d6u8a_LPVJCKOu_F53rqVjz2TKTLvMCNTkWHaUZdtzdvavdW7dQdBWe_iceZgKn9jev4D8xosH8q8AB5t-FF1ouKYHRw7-OFf1Kz1-PlwhlqoCQAm4nZ8bY9SWiBQNhQbfCpZlxLaa_7L197sx59NmfpVrXcwKjfU&q={searchTerms}
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-19]
CHR Extension: (Google Docs) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-19]
CHR Extension: (Google Drive) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-19]
CHR Extension: (YouTube) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-19]
CHR Extension: (Planilhas do Google) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-19]
CHR Extension: (Documentos Google off-line) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Gmail) - C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-19]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 BugreportW; C:\Program Files (x86)\hohobnd\ghabuk.exe [989728 2016-04-18] ()
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [1137664 2016-04-19] () [Arquivo não assinado]
S2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-19] (DotC United Inc)
R2 ProntSpooler; C:\Users\Wesley\AppData\Local\Apps\2.0\abril.exe [111616 2016-03-21] () [Arquivo não assinado]
R2 rijufoze; C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009\hnsr3CE3.tmp [138240 2016-04-19] () [Arquivo não assinado]
R2 rocufyky; C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009\jnsb1D6F.tmp [389632 2016-04-19] () [Arquivo não assinado]
S2 SstrprSrv; C:\Program Files (x86)\Sosition\SstrprSrv.exe [310256 2016-04-18] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 XBox; C:\Users\Wesley\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)
R2 pozuxytyzbt; C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009\knsbFAFB.tmpfs [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [82752 2016-04-19] (Cherimoya Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-19] (REALiX(tm))
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-19] (DotC United Inc)
R1 {bb45b353-77f6-49f1-ae90-a5fda33f2020}Gw64; C:\Windows\System32\drivers\{bb45b353-77f6-49f1-ae90-a5fda33f2020}Gw64.sys [48776 2016-04-18] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-19 05:54 - 2016-04-19 01:02 - 00000000 ____D C:\Windows\Panther
2016-04-19 02:34 - 2016-04-19 02:34 - 02375680 _____ (Farbar) C:\Users\Wesley\Downloads\FRST64.exe
2016-04-19 02:34 - 2016-04-19 02:34 - 00012098 _____ C:\Users\Wesley\Downloads\FRST.txt
2016-04-19 02:34 - 2016-04-19 02:34 - 00000000 ____D C:\FRST
2016-04-19 02:30 - 2016-04-19 02:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-04-19 02:27 - 2016-04-19 02:27 - 00000000 ____D C:\Windows\simck
2016-04-19 02:23 - 2016-04-19 02:23 - 00000000 ____D C:\Users\Todos os Usuários\5c5e0701-7bb7-1
2016-04-19 02:23 - 2016-04-19 02:23 - 00000000 ____D C:\ProgramData\5c5e0701-7bb7-1
2016-04-19 02:22 - 2016-04-19 02:22 - 00020432 ____H C:\Windows\Tasks\{05780947-0E08-7D0C-0C11-7E7E780B1178}.job
2016-04-19 02:22 - 2016-04-19 02:22 - 00000000 ____D C:\Users\Todos os Usuários\5c5e0701-40b7-1
2016-04-19 02:22 - 2016-04-19 02:22 - 00000000 ____D C:\ProgramData\5c5e0701-40b7-1
2016-04-19 02:17 - 2016-04-19 02:17 - 00001077 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-04-19 02:17 - 2016-04-19 02:17 - 00000000 ____D C:\Users\Wesley\AppData\Local\VS Revo Group
2016-04-19 02:17 - 2016-04-19 02:17 - 00000000 ____D C:\Users\Todos os Usuários\VS Revo Group
2016-04-19 02:17 - 2016-04-19 02:17 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-04-19 02:17 - 2016-04-19 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-04-19 02:17 - 2016-04-19 02:17 - 00000000 ____D C:\Program Files\VS Revo Group
2016-04-19 02:17 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2016-04-19 02:13 - 2016-04-19 02:13 - 00000000 ____D C:\Users\Todos os Usuários\5c5e0701-6db5-1
2016-04-19 02:13 - 2016-04-19 02:13 - 00000000 ____D C:\ProgramData\5c5e0701-6db5-1
2016-04-19 02:11 - 2016-04-19 02:30 - 00000286 __RSH C:\Users\Wesley\ntuser.pol
2016-04-19 02:11 - 2016-04-19 02:12 - 00052102 _____ C:\Windows\ntbtlog.txt
2016-04-19 02:08 - 2016-04-19 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playtrickster
2016-04-19 02:03 - 2016-04-19 02:03 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Mozilla
2016-04-19 02:02 - 2016-04-19 02:02 - 01626777 _____ C:\Users\Wesley\AppData\Roaming\Sololux.tst
2016-04-19 02:02 - 2016-04-19 02:02 - 01626777 _____ C:\Users\Wesley\AppData\Roaming\Ozerron.tst
2016-04-19 02:02 - 2016-04-19 02:02 - 00848437 _____ C:\Users\Wesley\AppData\Roaming\Matwarm.bin
2016-04-19 02:02 - 2016-04-19 02:02 - 00072717 _____ C:\Users\Wesley\AppData\Roaming\SunLam.tst
2016-04-19 02:02 - 2016-04-19 02:02 - 00002397 _____ C:\Windows\SysWOW64\findit.xml
2016-04-19 02:02 - 2016-04-19 02:02 - 00000000 ____D C:\Users\Todos os Usuários\Ronzaps
2016-04-19 02:02 - 2016-04-19 02:02 - 00000000 ____D C:\ProgramData\Ronzaps
2016-04-19 02:02 - 2016-04-19 02:01 - 01137664 _____ C:\Users\Wesley\AppData\Roaming\SunLam.exe
2016-04-19 02:02 - 2016-04-19 02:01 - 01137664 _____ C:\Users\Wesley\AppData\Roaming\Ozerron.exe
2016-04-19 02:02 - 2016-04-19 02:00 - 01137664 _____ C:\Users\Wesley\AppData\Roaming\Sololux.exe
2016-04-19 02:01 - 2016-04-19 02:24 - 00000000 ____D C:\Users\Todos os Usuários\Ronzap
2016-04-19 02:01 - 2016-04-19 02:24 - 00000000 ____D C:\ProgramData\Ronzap
2016-04-19 02:01 - 2016-04-19 02:02 - 06494208 _____ C:\Users\Wesley\AppData\Roaming\agent.dat
2016-04-19 02:01 - 2016-04-19 02:02 - 00126464 _____ C:\Users\Wesley\AppData\Roaming\noah.dat
2016-04-19 02:01 - 2016-04-19 02:02 - 00065568 _____ C:\Users\Wesley\AppData\Roaming\Config.xml
2016-04-19 02:01 - 2016-04-19 02:02 - 00018432 _____ C:\Users\Wesley\AppData\Roaming\Main.dat
2016-04-19 02:01 - 2016-04-19 02:01 - 01626777 _____ C:\Users\Wesley\AppData\Roaming\LamTouch.tst
2016-04-19 02:01 - 2016-04-19 02:01 - 00848437 _____ C:\Users\Wesley\AppData\Roaming\Rankrunlax.bin
2016-04-19 02:01 - 2016-04-19 02:01 - 00072717 _____ C:\Users\Wesley\AppData\Roaming\Zoteco.tst
2016-04-19 02:01 - 2016-04-19 02:01 - 00000000 ____D C:\Windows\system32\SSL
2016-04-19 02:01 - 2016-04-19 02:01 - 00000000 ____D C:\Users\Todos os Usuários\CloudPrinter
2016-04-19 02:01 - 2016-04-19 02:01 - 00000000 ____D C:\ProgramData\CloudPrinter
2016-04-19 02:01 - 2016-04-19 02:00 - 01137664 _____ C:\Users\Wesley\AppData\Roaming\Zoteco.exe
2016-04-19 02:01 - 2016-04-19 01:58 - 01137664 _____ C:\Users\Wesley\AppData\Roaming\LamTouch.exe
2016-04-19 02:00 - 2016-04-19 02:02 - 00126464 _____ C:\Users\Wesley\AppData\Roaming\lobby.dat
2016-04-19 02:00 - 2016-04-19 02:02 - 00054272 _____ C:\Users\Wesley\AppData\Roaming\ApplicationHosting.dat
2016-04-19 02:00 - 2016-04-19 02:02 - 00005568 _____ C:\Users\Wesley\AppData\Roaming\md.xml
2016-04-19 02:00 - 2016-04-19 02:00 - 00072717 _____ C:\Users\Wesley\AppData\Roaming\Sunkix.tst
2016-04-19 02:00 - 2016-04-19 02:00 - 00022160 _____ C:\Windows\System32\Tasks\DNSBAHAMA
2016-04-19 02:00 - 2016-04-19 02:00 - 00003730 _____ C:\Windows\System32\Tasks\DNS Monitoring
2016-04-19 02:00 - 2016-04-19 02:00 - 00000000 ____D C:\Users\Wesley\AppData\Local\tuto_monetize_220160418
2016-04-19 02:00 - 2016-04-19 02:00 - 00000000 ____D C:\Users\Wesley\AppData\Local\tuto_monetize_120160418
2016-04-19 02:00 - 2016-04-19 01:58 - 01137664 _____ C:\Users\Wesley\AppData\Roaming\Sunkix.exe
2016-04-19 01:59 - 2016-04-19 02:24 - 00000000 ____D C:\Program Files (x86)\sunnyday
2016-04-19 01:59 - 2016-04-19 01:59 - 00848437 _____ C:\Users\Wesley\AppData\Roaming\Driptrax.bin
2016-04-19 01:59 - 2016-04-19 01:59 - 00023514 _____ C:\Windows\System32\Tasks\{05780947-0E08-7D0C-0C11-7E7E780B1178}
2016-04-19 01:59 - 2016-04-19 01:59 - 00002918 _____ C:\Windows\System32\Tasks\osTip
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\Users\Wesley\AppData\Local\csdi_monetize_220160418
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\Users\Todos os Usuários\5c5e0701-5d57-1
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\Users\Todos os Usuários\5c5e0701-5231-0
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\ProgramData\5c5e0701-5d57-1
2016-04-19 01:59 - 2016-04-19 01:59 - 00000000 ____D C:\ProgramData\5c5e0701-5231-0
2016-04-19 01:58 - 2016-04-19 02:20 - 00000000 ____D C:\Program Files\NewExt
2016-04-19 01:58 - 2016-04-19 02:01 - 00187109 _____ C:\Users\Wesley\AppData\Roaming\inst.lat
2016-04-19 01:58 - 2016-04-19 02:01 - 00016992 _____ C:\Users\Wesley\AppData\Roaming\InstallationConfiguration.xml
2016-04-19 01:58 - 2016-04-19 01:58 - 00127488 _____ C:\Users\Wesley\AppData\Roaming\Installer.dat
2016-04-19 01:58 - 2016-04-19 01:58 - 00003340 _____ C:\Windows\System32\Tasks\Osoiiwp
2016-04-19 01:58 - 2016-04-19 01:58 - 00000000 ____D C:\Users\Wesley\AppData\LocalLow\Company
2016-04-19 01:58 - 2016-04-19 01:58 - 00000000 ____D C:\Users\Wesley\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-19 01:58 - 2016-04-19 01:58 - 00000000 ____D C:\Users\Wesley\AppData\Local\csdi_monetize_320160418
2016-04-19 01:58 - 2016-04-19 01:58 - 00000000 ____D C:\uninst
2016-04-19 01:57 - 2016-04-19 02:09 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-19 01:57 - 2016-04-19 02:09 - 00000000 ____D C:\ProgramData\System32
2016-04-19 01:57 - 2016-04-19 01:58 - 00000000 ____D C:\Program Files\Windows Screen Manager
2016-04-19 01:56 - 2016-04-19 01:56 - 00000000 ____D C:\Program Files (x86)\MobilePCStarterKit
2016-04-19 01:55 - 2016-04-19 01:55 - 00000000 ____D C:\Program Files (x86)\Playtrickster
2016-04-19 01:52 - 2016-04-19 01:57 - 00000000 ____D C:\Users\Wesley\AppData\Local\app
2016-04-19 01:51 - 2016-04-19 02:30 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Baidu
2016-04-19 01:51 - 2016-04-19 02:30 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-04-19 01:51 - 2016-04-19 02:30 - 00000000 ____D C:\ProgramData\baidu
2016-04-19 01:51 - 2016-04-19 02:22 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-04-19 01:51 - 2016-04-19 02:10 - 00000604 _____ C:\Windows\Tasks\PPTAssistantUpdateTask_Wesley.job
2016-04-19 01:51 - 2016-04-19 02:10 - 00000334 _____ C:\Windows\Tasks\PPTAssistantNotifyTask_Wesley.job
2016-04-19 01:51 - 2016-04-19 02:10 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-19 01:51 - 2016-04-19 01:51 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-04-19 01:51 - 2016-04-19 01:51 - 00003590 _____ C:\Windows\System32\Tasks\PPTAssistantUpdateTask_Wesley
2016-04-19 01:51 - 2016-04-19 01:51 - 00003320 _____ C:\Windows\System32\Tasks\PPTAssistantNotifyTask_Wesley
2016-04-19 01:51 - 2016-04-19 01:51 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\XBox
2016-04-19 01:51 - 2016-04-19 01:51 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\pptassist
2016-04-19 01:51 - 2016-04-19 01:51 - 00000000 ____D C:\Users\Wesley\AppData\Local\PPTAssist
2016-04-19 01:51 - 2016-04-19 01:51 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-04-19 01:50 - 2016-04-19 02:25 - 00000000 ____D C:\Program Files (x86)\badu
2016-04-19 01:50 - 2016-04-19 01:52 - 1592387409 _____ (Privatia ) C:\Users\Wesley\Downloads\Playtrickster_setup_10272015.exe
2016-04-19 01:50 - 2016-04-19 01:50 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2016-04-19 01:50 - 2016-04-19 01:50 - 00000000 ____D C:\Users\Todos os Usuários\kingsoft
2016-04-19 01:50 - 2016-04-19 01:50 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-04-19 01:50 - 2016-04-19 01:50 - 00000000 ____D C:\ProgramData\kingsoft
2016-04-19 01:44 - 2016-04-19 01:59 - 53415276 _____ (NVIDIA Corporation) C:\Users\Wesley\Downloads\Não confirmado 416964.crdownload
2016-04-19 01:33 - 2016-04-19 01:33 - 00344064 _____ C:\Users\Wesley\Downloads\PokeStorm_Launcher.msi
2016-04-19 01:33 - 2016-04-19 01:33 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-04-19 01:33 - 2016-04-19 01:33 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-04-19 01:33 - 2016-04-19 01:33 - 00000000 ____D C:\ProgramData\ProductData
2016-04-19 01:32 - 2016-04-19 02:34 - 00003246 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-04-19 01:32 - 2016-04-19 02:34 - 00002878 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Wesley)
2016-04-19 01:32 - 2016-04-19 02:34 - 00002154 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-04-19 01:32 - 2016-04-19 01:33 - 00000000 ____D C:\Users\Wesley\AppData\LocalLow\IObit
2016-04-19 01:32 - 2016-04-19 01:32 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-04-19 01:32 - 2016-04-19 01:32 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\IObit
2016-04-19 01:32 - 2016-04-19 01:32 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-04-19 01:32 - 2016-04-19 01:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-04-19 01:32 - 2016-04-19 01:32 - 00000000 ____D C:\ProgramData\IObit
2016-04-19 01:32 - 2016-04-19 01:32 - 00000000 ____D C:\Program Files (x86)\IObit
2016-04-19 01:32 - 2016-01-22 12:11 - 00000056 _____ C:\Users\Wesley\Downloads\Sereal.txt
2016-04-19 01:32 - 2016-01-22 12:07 - 14423632 _____ (IObit ) C:\Users\Wesley\Downloads\driver_booster_setup 3.2.exe
2016-04-19 01:31 - 2016-04-19 01:31 - 14369824 _____ C:\Users\Wesley\Downloads\Driver_Booster.rar
2016-04-19 01:23 - 2016-04-19 01:23 - 00000920 _____ C:\Windows\SysWOW64\${LOGFILE}
2016-04-19 01:23 - 2016-04-18 17:28 - 00048776 _____ (StdLib) C:\Windows\system32\Drivers\{bb45b353-77f6-49f1-ae90-a5fda33f2020}Gw64.sys
2016-04-19 01:20 - 2016-04-06 10:18 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-19 01:18 - 2016-04-19 01:25 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Store
2016-04-19 01:18 - 2016-04-19 01:23 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Nosibay
2016-04-19 01:18 - 2016-04-19 01:22 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\WTools
2016-04-19 01:18 - 2016-04-19 01:16 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-19 01:17 - 2016-04-19 01:18 - 00000000 ____D C:\Program Files (x86)\03000200-1461039453-0500-0006-000700080009
2016-04-19 01:16 - 2016-04-19 01:16 - 00000680 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-04-19 01:16 - 2016-04-19 01:16 - 00000680 __RSH C:\ProgramData\ntuser.pol
2016-04-19 01:16 - 2016-04-19 01:16 - 00000000 ____D C:\Users\Wesley\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-19 01:15 - 2016-04-19 02:10 - 00000000 ____D C:\Program Files (x86)\hohobnd
2016-04-19 01:15 - 2016-04-19 01:16 - 00000000 ____D C:\extensions
2016-04-19 01:15 - 2016-04-19 01:15 - 00014634 _____ C:\Windows\System32\Tasks\Sosition Reports
2016-04-19 01:15 - 2016-04-19 01:15 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-19 01:15 - 2016-04-19 01:15 - 00000000 ____D C:\Program Files (x86)\Sosition
2016-04-19 01:14 - 2016-04-19 01:24 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\ImageCropResize
2016-04-19 01:14 - 2016-04-19 01:14 - 00000000 ____D C:\Users\Wesley\AppData\Local\Mega Limited
2016-04-19 01:13 - 2016-04-19 01:13 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\WinRAR
2016-04-19 01:13 - 2016-04-19 01:13 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-19 01:13 - 2016-04-19 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-19 01:13 - 2016-04-19 01:13 - 00000000 ____D C:\Program Files\WinRAR
2016-04-19 01:12 - 2016-04-19 01:13 - 03524856 _____ C:\Users\Wesley\Downloads\winrar-x64-531br.exe
2016-04-19 01:12 - 2016-04-19 01:12 - 00001060 _____ C:\Users\Wesley\Desktop\MEGAsync.lnk
2016-04-19 01:12 - 2016-04-19 01:12 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-04-19 01:12 - 2016-04-19 01:12 - 00000000 ____D C:\Users\Wesley\AppData\Local\MEGAsync
2016-04-19 01:11 - 2016-04-19 01:11 - 10629936 _____ (MEGA Limited) C:\Users\Wesley\Downloads\MEGAsyncSetup.exe
2016-04-19 01:07 - 2016-04-19 02:02 - 00002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-19 01:07 - 2016-04-19 02:02 - 00002072 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-19 01:06 - 2016-04-19 02:30 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 01:06 - 2016-04-19 02:11 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 01:06 - 2016-04-19 01:59 - 00000000 ____D C:\Users\Wesley\AppData\Local\Apps\2.0
2016-04-19 01:06 - 2016-04-19 01:07 - 00000000 ____D C:\Users\Wesley\AppData\Local\Google
2016-04-19 01:06 - 2016-04-19 01:07 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-19 01:06 - 2016-04-19 01:06 - 00057560 _____ C:\Users\Wesley\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-19 01:06 - 2016-04-19 01:06 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-19 01:06 - 2016-04-19 01:06 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-19 01:06 - 2016-04-19 01:06 - 00000000 ____D C:\Users\Wesley\AppData\Local\Deployment
2016-04-19 01:03 - 2016-04-19 02:30 - 00001423 _____ C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-19 01:03 - 2016-04-19 02:30 - 00001389 _____ C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-04-19 01:02 - 2016-04-19 02:30 - 00000000 ____D C:\Users\Wesley
2016-04-19 01:02 - 2016-04-19 01:02 - 00000020 ___SH C:\Users\Wesley\ntuser.ini
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Modelos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Meus documentos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Menu Iniciar
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Documents\Minhas músicas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Documents\Minhas imagens
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Documents\Meus vídeos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Configurações locais
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\AppData\Local\Histórico
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\AppData\Local\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Ambiente de rede
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Wesley\Ambiente de impressão
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Modelos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\ProgramData\Modelos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\ProgramData\Documentos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 _SHDL C:\Arquivos de Programas
2016-04-19 01:02 - 2016-04-19 01:02 - 00000000 ____D C:\Users\Wesley\AppData\Local\VirtualStore
2016-04-19 01:02 - 2009-07-14 04:45 - 00000000 ____D C:\Users\Wesley\AppData\Roaming\Media Center Programs
2016-04-19 00:59 - 2016-04-19 00:59 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-19 00:59 - 2016-04-19 00:59 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-19 00:57 - 2016-04-19 00:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-04-17 06:07 - 2016-04-19 01:58 - 00082752 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-19 05:54 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-04-19 02:29 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 02:16 - 2009-07-29 12:58 - 00654272 _____ C:\Windows\system32\prfh0416.dat
2016-04-19 02:16 - 2009-07-29 12:58 - 00124724 _____ C:\Windows\system32\prfc0416.dat
2016-04-19 02:16 - 2009-07-14 02:13 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 02:16 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-04-19 02:09 - 2009-07-14 01:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-19 02:09 - 2009-07-14 01:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-19 01:23 - 2009-07-13 23:34 - 00000505 _____ C:\Windows\win.ini
2016-04-19 01:16 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-04-19 01:12 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-19 01:03 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-04-19 01:02 - 2009-07-14 00:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-19 01:02 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Windows NT
2016-04-19 01:00 - 2009-07-14 01:45 - 00274824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-19 00:58 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-04-19 00:55 - 2009-07-14 04:46 - 00000000 ____D C:\Windows\CSC

==================== Arquivos na raiz de alguns diretórios =======

2016-04-19 02:01 - 2016-04-19 02:02 - 6494208 _____ () C:\Users\Wesley\AppData\Roaming\agent.dat
2016-04-19 02:00 - 2016-04-19 02:02 - 0054272 _____ () C:\Users\Wesley\AppData\Roaming\ApplicationHosting.dat
2016-04-19 01:17 - 2016-04-19 01:18 - 0001350 _____ () C:\Users\Wesley\AppData\Roaming\Bubble Dock.boostrap.log
2016-04-19 01:17 - 2016-04-19 01:18 - 0005717 _____ () C:\Users\Wesley\AppData\Roaming\Bubble Dock.installation.log
2016-04-19 02:01 - 2016-04-19 02:02 - 0065568 _____ () C:\Users\Wesley\AppData\Roaming\Config.xml
2016-04-19 01:59 - 2016-04-19 01:59 - 0848437 _____ () C:\Users\Wesley\AppData\Roaming\Driptrax.bin
2016-04-19 01:58 - 2016-04-19 02:01 - 0187109 _____ () C:\Users\Wesley\AppData\Roaming\inst.lat
2016-04-19 01:58 - 2016-04-19 02:01 - 0016992 _____ () C:\Users\Wesley\AppData\Roaming\InstallationConfiguration.xml
2016-04-19 01:58 - 2016-04-19 01:58 - 0127488 _____ () C:\Users\Wesley\AppData\Roaming\Installer.dat
2016-04-19 02:01 - 2016-04-19 01:58 - 1137664 _____ () C:\Users\Wesley\AppData\Roaming\LamTouch.exe
2016-04-19 02:01 - 2016-04-19 02:01 - 1626777 _____ () C:\Users\Wesley\AppData\Roaming\LamTouch.tst
2016-04-19 02:00 - 2016-04-19 02:02 - 0126464 _____ () C:\Users\Wesley\AppData\Roaming\lobby.dat
2016-04-19 02:01 - 2016-04-19 02:02 - 0018432 _____ () C:\Users\Wesley\AppData\Roaming\Main.dat
2016-04-19 02:02 - 2016-04-19 02:02 - 0848437 _____ () C:\Users\Wesley\AppData\Roaming\Matwarm.bin
2016-04-19 02:00 - 2016-04-19 02:02 - 0005568 _____ () C:\Users\Wesley\AppData\Roaming\md.xml
2016-04-19 02:01 - 2016-04-19 02:02 - 0126464 _____ () C:\Users\Wesley\AppData\Roaming\noah.dat
2016-04-19 02:02 - 2016-04-19 02:01 - 1137664 _____ () C:\Users\Wesley\AppData\Roaming\Ozerron.exe
2016-04-19 02:02 - 2016-04-19 02:02 - 1626777 _____ () C:\Users\Wesley\AppData\Roaming\Ozerron.tst
2016-04-19 02:01 - 2016-04-19 02:01 - 0848437 _____ () C:\Users\Wesley\AppData\Roaming\Rankrunlax.bin
2016-04-19 01:18 - 2016-04-19 01:18 - 0000078 _____ () C:\Users\Wesley\AppData\Roaming\Selection Tools.installation.log
2016-04-19 02:02 - 2016-04-19 02:00 - 1137664 _____ () C:\Users\Wesley\AppData\Roaming\Sololux.exe
2016-04-19 02:02 - 2016-04-19 02:02 - 1626777 _____ () C:\Users\Wesley\AppData\Roaming\Sololux.tst
2016-04-19 02:00 - 2016-04-19 01:58 - 1137664 _____ () C:\Users\Wesley\AppData\Roaming\Sunkix.exe
2016-04-19 02:00 - 2016-04-19 02:00 - 0072717 _____ () C:\Users\Wesley\AppData\Roaming\Sunkix.tst
2016-04-19 02:02 - 2016-04-19 02:01 - 1137664 _____ () C:\Users\Wesley\AppData\Roaming\SunLam.exe
2016-04-19 02:02 - 2016-04-19 02:02 - 0072717 _____ () C:\Users\Wesley\AppData\Roaming\SunLam.tst
2016-04-19 01:17 - 2016-04-19 01:17 - 0000097 _____ () C:\Users\Wesley\AppData\Roaming\WindApp.boostrap.log
2016-04-19 01:18 - 2016-04-19 01:18 - 0000078 _____ () C:\Users\Wesley\AppData\Roaming\WindApp.installation.log
2016-04-19 02:01 - 2016-04-19 02:00 - 1137664 _____ () C:\Users\Wesley\AppData\Roaming\Zoteco.exe
2016-04-19 02:01 - 2016-04-19 02:01 - 0072717 _____ () C:\Users\Wesley\AppData\Roaming\Zoteco.tst

Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{05780947-0E08-7D0C-0C11-7E7E780B1178}.job


Alguns arquivos em TEMP:
====================
C:\Users\Wesley\AppData\Local\Temp\00C2UGBTEE.exe
C:\Users\Wesley\AppData\Local\Temp\1461043808.exe
C:\Users\Wesley\AppData\Local\Temp\23333.exe
C:\Users\Wesley\AppData\Local\Temp\2ZD6BT5YWC.exe
C:\Users\Wesley\AppData\Local\Temp\3LJM351II8.exe
C:\Users\Wesley\AppData\Local\Temp\4L9JZ1COIV.exe
C:\Users\Wesley\AppData\Local\Temp\59TS8OPOOO.exe
C:\Users\Wesley\AppData\Local\Temp\5F8D.tmp.exe
C:\Users\Wesley\AppData\Local\Temp\5TJN7AWZCL.exe
C:\Users\Wesley\AppData\Local\Temp\6ZH1DRAMMW.exe
C:\Users\Wesley\AppData\Local\Temp\7NYVVSW1KZ.exe
C:\Users\Wesley\AppData\Local\Temp\81DD.tmp.exe
C:\Users\Wesley\AppData\Local\Temp\8QSLDNAQN4.exe
C:\Users\Wesley\AppData\Local\Temp\BHW2JYKJWJ.exe
C:\Users\Wesley\AppData\Local\Temp\CWXSMAEBVV.exe
C:\Users\Wesley\AppData\Local\Temp\H3FN6GM895.exe
C:\Users\Wesley\AppData\Local\Temp\ICReinstall_81DD.tmp.exe
C:\Users\Wesley\AppData\Local\Temp\JK5HCKV1NZ.exe
C:\Users\Wesley\AppData\Local\Temp\K7EAM30ATK.exe
C:\Users\Wesley\AppData\Local\Temp\O55WIKH636.exe
C:\Users\Wesley\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe
C:\Users\Wesley\AppData\Local\Temp\QEZPQHB62Q.exe
C:\Users\Wesley\AppData\Local\Temp\qqpcmgr_v10.11.16588.235_72623_Silence.exe
C:\Users\Wesley\AppData\Local\Temp\S400TNA2GF.exe
C:\Users\Wesley\AppData\Local\Temp\UAR5PVOWC1.exe
C:\Users\Wesley\AppData\Local\Temp\WZV9EUU79H.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-19 00:55

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité