cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:22-05-2016 01
Executado por Windows 7 (administrador) em WINDOWS7-PC (22-05-2016 22:11:11)
Executando a partir de D:\Meus Documentos\Downloads
Perfis Carregados: Windows 7 (Perfis Disponíveis: Windows 7)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Opera)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
(Rational Thought Solutions) C:\ProgramData\abOWHdYLBoh\ossCakTcvZ.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Oracle) C:\Program Files (x86)\Java_ME_platform_SDK_8.3\bin\device-manager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\RPDS\Bin\rpsystray.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.8.0_91\bin\javaw.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.43\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.43\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.43\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.43\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.43\opera.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\Windows 7\AppData\Local\Temp\7ZipSfx.000\bin\Tools\driverpack-wget.exe
() C:\Users\Windows 7\AppData\Local\Temp\7ZipSfx.000\bin\Tools\driverpack-wget.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Users\Windows 7\AppData\Local\Temp\7ZipSfx.001\bin\Tools\driverpack-wget.exe
() C:\Users\Windows 7\AppData\Local\Temp\7ZipSfx.001\bin\Tools\driverpack-wget.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.43\opera.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16472832 2016-03-15] (Realtek Semiconductor)
HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe"
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [247016 2011-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-04] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_br_549] => [X]
HKLM-x32\...\Run: [gmsd_br_549b] => [X]
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [286272 2015-07-12] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [608320 2015-06-17] ()
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\Run: [gmsd_br_005010153] => [X]
HKLM-x32\...\Run: [gmsd_br_005010155] => [X]
HKLM-x32\...\Run: [gmsd_br_005010156] => [X]
HKLM-x32\...\Run: [gmsd_br_005010157] => [X]
HKLM-x32\...\Run: [gmsd_br_005010158] => [X]
HKLM-x32\...\Run: [gmsd_br_005010159] => [X]
HKLM-x32\...\Run: [gmsd_br_005010160] => [X]
HKLM-x32\...\Run: [dply_en_015020170] => [X]
HKLM-x32\...\Run: [HomePageHelper] => c:\programdata\homepage.exe
HKLM-x32\...\Run: [LightGate] => c:\programdata\lightgate.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [DriverPack Notifier] => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [258560 2015-12-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG)
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe /autoStart
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [Yeaplayer] => C:\Program Files (x86)\Yeaplayer\Yeaplayermd.exe /autostart
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [WindApp] => "C:\Users\Windows 7\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [Selection Tools] => "C:\Users\Windows 7\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\Run: [Java(TM) ME Platform SDK 8.3] => C:\Program Files (x86)\Java_ME_platform_SDK_8.3\bin\device-manager.exe [154624 2016-04-17] (Oracle)
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {0662ad73-c61e-11e4-97dd-806e6f6e6963} - E:\BlueBirds.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {1def3d2e-ca62-11e4-ac9b-001d92fed622} - F:\LGAutoRun.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {a5bcf3b3-406c-11e5-8691-001d92fed622} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {b6f57840-7394-11e5-ab66-001d92fed622} - G:\setup.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {c2c6bf71-eddb-11e5-9f04-001d92fed622} - H:\setup.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {d610a7b0-eba8-11e4-9a25-001d92fed622} - I:\LGAutoRun.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {e2f0f542-f297-11e5-bd7d-001d92fed622} - F:\setup.exe
HKU\S-1-5-21-662728747-289201076-4185823149-1000\...\MountPoints2: {ee30efad-99ff-11e5-acfd-001d92fed622} - F:\setup.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Windows 7\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Windows 7\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Windows 7\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Windows 7\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Windows 7\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Windows 7\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-07-12]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\realplayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk [2016-05-22]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2015-10-16]
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51371;https=127.0.0.1:51371
AutoConfigURL: [S-1-5-21-662728747-289201076-4185823149-1000] => hxxp://unstopp.me/wpad.dat?4fd221b6908f4da12efb4c6488d0ba072426904
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33EB2B3E-6781-4DCF-9CC6-1AA7ACC17135}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D27BB8DD-893B-4483-9AA3-52A587BCED60}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{EC92C8CF-12FA-444C-84F7-57889EE31DA2}: [DhcpNameServer] 192.168.42.129
ManualProxies: 0hxxp://unstopp.me/wpad.dat?4fd221b6908f4da12efb4c6488d0ba072426904

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1428185723&from=smt&uid=WDCXWD1600AAJS-22L7A0_WD-WMAV3785328653286&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1428185776&from=smt&uid=WDCXWD1600AAJS-22L7A0_WD-WMAV3785328653286
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1428185723&from=smt&uid=WDCXWD1600AAJS-22L7A0_WD-WMAV3785328653286&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-662728747-289201076-4185823149-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-662728747-289201076-4185823149-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKU\S-1-5-21-662728747-289201076-4185823149-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://search.avast.com/AV772/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQABBABGFQdFbQoNBA5cFQVCJRRZUgtFDAYTcQFdUV1BE1YTcB9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQABBABGFQdFbQoNBA5cFQVCJRRZUgtFDAYTcQFdUV1BE1YTcB9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1428185776&from=smt&uid=WDCXWD1600AAJS-22L7A0_WD-WMAV3785328653286&q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> 4E58E46E15D04143CDA6864F75098E7E URL = hxxp://www.bing.com/search?FORM=U270DF&PC=U270&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> OldSearch URL = hxxp://houmpage.com/search/?src=ds&q={searchTerms}&ssid=1449671831&a=1024132&uuid=74812ca0-a9be-44ef-af17-d85d618f391a
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {04A6D0B8-3743-4F0D-ACCA-E09F53D5440A} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {cf34d395-9ff1-49a0-98a5-8db1636431b1} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQABBABGFQdFbQoNBA5cFQVCJRRZUgtFDAYTcQFdUV1BE1YTcB9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://yandex.ru/search/?win=204&clid=2100768-002&text={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {F6AAA1DF-26E9-42F6-9953-64F48B0A0FE0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-662728747-289201076-4185823149-1000 -> {FCEC5E35-EE2C-44E5-80ED-E4EAAD3490DB} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-06-17] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-04] (AVAST Software)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-06-17] (RealDownloader)
BHO-x32: Sem Nome -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Nenhum Arquivo
BHO-x32: Sem Nome -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Nenhum Arquivo
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-04] (AVAST Software)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-20] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1428185723&from=smt&uid=WDCXWD1600AAJS-22L7A0_WD-WMAV3785328653286

FireFox:
========
FF ProfilePath: C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: Яндекс
FF SelectedSearchEngine: Яндекс
FF Homepage: hxxp://www.yandex.ru/?win=204&clid=2100767-002
FF Homepage: hxxp://houmpage.com/?src=hp&ssid=1449671831&a=1024132&uuid=74812ca0-a9be-44ef-af17-d85d618f391a
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-20] (Oracle Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-07-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.1.9 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-07-12] (RealTimes)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-662728747-289201076-4185823149-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Windows 7\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-662728747-289201076-4185823149-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Windows 7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-662728747-289201076-4185823149-1000: gastecnologia.com.br/sf/uni -> C:\Users\Windows 7\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [Nenhum Arquivo]
FF SearchPlugin: C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-151902.xml [2015-11-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-04]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-04]

Chrome:
=======
CHR Profile: C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (电脑管家上网防护) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-21]
CHR HKU\S-1-5-21-662728747-289201076-4185823149-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eiciijnoogkgneeokklpgjdaedophjmh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-12-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] -

Opera:
=======
OPR Session Restore: -> está habilitado.

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-04] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [546104 2014-09-29] (GAS Tecnologia)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Arquivo não assinado]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
R2 ossCakTcvZ; C:\ProgramData\abOWHdYLBoh\ossCakTcvZ.exe [3001328 2015-11-21] (Rational Thought Solutions)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2015-06-17] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1115224 2015-07-12] (RealNetworks, Inc.)
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S4 ginoquci; C:\Users\WINDOW~1\AppData\Local\Temp\nsz60C8.tmp [X]
S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe /s GoogleChromeUpService /uid:51472 /local:br [X]
S2 jezikono; C:\Program Files (x86)\FFFFFFFF-1447968782-FFFF-FFFF-FFFFFFFFFFFF\knsx8959.tmpfs [X]
S2 jodyfyti; C:\Program Files (x86)\FFFFFFFF-1449689259-FFFF-FFFF-FFFFFFFFFFFF\knsw4117.tmpfs [X]
S2 nyneryxo; C:\Program Files (x86)\FFFFFFFF-1449689259-FFFF-FFFF-FFFFFFFFFFFF\hnsa7DAB.tmp [X]
S2 PopService; não ImagePath
S2 QQPCRTP; "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QQPCRtp.exe" -r [X]
S2 roqenufe; C:\Program Files (x86)\FFFFFFFF-1449689259-FFFF-FFFF-FFFFFFFFFFFF\jnsh5C46.tmp [X]
S2 Update Information Cloud; "C:\Program Files (x86)\Information Cloud\updateInformationCloud.exe" [X]
S2 Util Primary Color; não ImagePath

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93696 2014-10-09] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-04] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-03-09] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-04] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-03] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-19] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [45304 2016-03-21] (电脑管家)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S1 TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [X]
S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-22 22:10 - 2016-05-22 22:11 - 00000000 ____D C:\FRST
2016-05-22 21:28 - 2016-05-22 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POSTAL Redux
2016-05-22 21:21 - 2016-05-22 21:28 - 00000000 ____D C:\Program Files (x86)\POSTAL Redux
2016-05-22 21:15 - 2016-05-22 21:15 - 00003468 _____ C:\Windows\System32\Tasks\DriverPack Notifier
2016-05-22 20:59 - 2016-05-22 21:02 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\DRPSu
2016-05-22 20:33 - 2016-05-22 20:33 - 00003354 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-662728747-289201076-4185823149-1000
2016-05-22 20:33 - 2016-05-22 20:33 - 00003228 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-662728747-289201076-4185823149-1000
2016-05-21 17:43 - 2016-05-21 17:43 - 00003000 _____ C:\Windows\System32\Tasks\{704DF7F1-2775-40D4-AB90-03A8A813FC48}
2016-05-21 17:40 - 2016-05-21 17:40 - 00000000 ____D C:\Program Files (x86)\Tribo Gamer
2016-05-21 17:27 - 2016-05-21 17:27 - 00000000 ____D C:\Users\Todos os Usuários\Steam
2016-05-21 17:27 - 2016-05-21 17:27 - 00000000 ____D C:\ProgramData\Steam
2016-05-20 14:39 - 2016-05-20 14:39 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2016-05-19 19:17 - 2016-05-19 19:18 - 266040255 _____ C:\Users\Windows 7\AppData\Local\ACCCx3_6_0_248.zip.aamdownload
2016-05-19 19:17 - 2016-05-19 19:18 - 00003014 _____ C:\Users\Windows 7\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd
2016-05-19 19:10 - 2016-05-19 20:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-17 08:04 - 2016-05-17 08:05 - 00000000 ____D C:\Users\Todos os Usuários\a96ed9e8-b4db-48e1-82c2-51a1109acc39
2016-05-17 08:04 - 2016-05-17 08:05 - 00000000 ____D C:\ProgramData\a96ed9e8-b4db-48e1-82c2-51a1109acc39
2016-05-16 22:02 - 2016-05-16 22:04 - 00001559 _____ C:\Users\Windows 7\Desktop\Broforce Alien Infestation Update.lnk
2016-05-15 18:00 - 2016-05-19 22:01 - 00000000 ____D C:\Users\Windows 7\AppData\Local\HealthAlert
2016-05-15 15:51 - 2016-05-15 15:51 - 00000000 ____D C:\Windows\simck
2016-05-15 14:01 - 2016-05-15 14:01 - 00000902 _____ C:\Users\Windows 7\Desktop\ARAR.lnk
2016-05-15 14:01 - 2016-05-15 14:01 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
2016-05-15 14:01 - 2016-05-15 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
2016-05-15 14:01 - 2016-05-15 14:01 - 00000000 ____D C:\Program Files (x86)\ARAR
2016-05-15 13:26 - 2016-05-15 13:27 - 00000000 ___HD C:\Users\Windows 7\AppData\Roaming\Booking_helper
2016-05-15 13:15 - 2016-05-15 13:15 - 00036162 _____ C:\Users\Windows 7\AppData\Roaming\ICSW_0D1F2W1G1I1F1T1Q0A1B2Z1C1F1V0P0P0CtJ1V0D1C1F1E0B1F2V.txt
2016-05-15 12:51 - 2016-05-15 12:51 - 00002984 _____ C:\Windows\System32\Tasks\{48209DD7-41DE-4E4E-803E-57273296DE60}
2016-05-08 16:27 - 2016-05-08 16:27 - 00000804 _____ C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-05-07 22:39 - 2016-05-14 14:46 - 00000000 ____D C:\Users\Windows 7\Downloads\MEmu Download
2016-05-07 16:10 - 2016-05-07 16:33 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\NVIDIA
2016-05-07 14:17 - 2016-05-07 14:17 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-05-07 14:17 - 2016-05-07 14:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-07 14:15 - 2014-02-08 15:34 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-05-07 14:15 - 2014-02-08 15:34 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-05-07 14:15 - 2014-02-08 14:42 - 06712608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-05-07 14:15 - 2014-02-08 14:42 - 03498272 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-05-07 14:15 - 2014-02-08 14:42 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-05-07 14:15 - 2014-02-08 14:42 - 00923936 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-05-07 14:15 - 2014-02-08 14:42 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-05-07 14:15 - 2014-02-08 14:42 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-05-07 14:15 - 2014-02-05 14:52 - 03573739 _____ C:\Windows\system32\nvcoproc.bin
2016-05-07 14:13 - 2016-05-07 14:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-07 14:13 - 2016-05-07 14:13 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA Corporation
2016-05-07 14:13 - 2016-05-07 14:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-07 14:13 - 2016-05-07 14:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-07 14:12 - 2014-02-08 15:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 18257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 14669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-05-07 14:12 - 2014-02-08 15:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 03090184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 02713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00947296 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-05-07 14:12 - 2014-02-08 15:34 - 00024544 _____ C:\Windows\system32\nvinfo.pb
2016-05-07 14:11 - 2014-02-08 15:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2016-05-07 14:11 - 2014-02-08 15:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2016-05-04 16:34 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2016-05-02 12:14 - 2016-05-02 12:14 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Java(TM) ME Platform SDK 8.3
2016-05-02 12:13 - 2016-05-02 12:14 - 00000000 ____D C:\Program Files (x86)\Java_ME_platform_SDK_8.3
2016-05-02 10:42 - 2016-05-02 10:42 - 00000000 ____D C:\Users\Windows 7\.jmc
2016-05-02 10:42 - 2016-05-02 10:42 - 00000000 ____D C:\Users\Windows 7\.eclipse
2016-05-02 10:33 - 2016-05-03 21:46 - 00000000 ____D C:\WTK22
2016-05-02 10:33 - 2016-05-02 10:33 - 00000000 ____D C:\Windows\SysWOW64\Temp
2016-05-02 10:33 - 2016-05-02 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\J2ME Wireless Toolkit 2.2
2016-05-01 22:24 - 2016-05-01 22:24 - 00000000 ____D C:\Program Files\Apache Software Foundation
2016-05-01 22:23 - 2016-05-01 22:24 - 00000000 ____D C:\Program Files\glassfish-4.1.1
2016-05-01 22:16 - 2016-05-01 22:16 - 00003098 _____ C:\Windows\System32\Tasks\{38F646FF-FFC4-4DD0-8FAA-B1EDD73C4781}
2016-05-01 21:24 - 2016-05-02 12:13 - 00000000 ____D C:\Users\Windows 7\.javame-sdk
2016-05-01 17:30 - 2016-05-01 17:31 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\NetBeans
2016-05-01 17:30 - 2016-05-01 17:30 - 00000000 ____D C:\Users\Windows 7\AppData\Local\NetBeans
2016-05-01 17:03 - 2016-05-01 22:20 - 00002024 _____ C:\Users\Public\Desktop\NetBeans IDE 8.1.lnk
2016-05-01 17:03 - 2016-05-01 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2016-05-01 17:01 - 2016-05-02 10:42 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-05-01 16:59 - 2016-05-17 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-01 16:56 - 2016-05-01 16:59 - 00000000 ____D C:\Program Files\Java
2016-04-25 14:27 - 2016-05-15 15:47 - 00000000 ____D C:\Users\Windows 7\.nbi
2016-04-22 16:24 - 2016-04-25 18:48 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Audacity
2016-04-22 16:24 - 2016-04-22 16:24 - 00001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-22 16:23 - 2016-04-22 16:24 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-04-20 20:12 - 2016-04-20 20:17 - 00000000 _____ C:\Users\Windows 7\javac
2016-04-12 20:00 - 2016-04-12 20:45 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Sublime Text 3
2016-04-12 20:00 - 2016-04-12 20:00 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-04-12 20:00 - 2016-04-12 20:00 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Sublime Text 3
2016-03-26 14:57 - 2016-03-26 14:57 - 00276648 _____ C:\Windows\Minidump\032616-19968-01.dmp
2016-03-25 17:06 - 2016-03-25 17:06 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\CyberLink
2016-03-25 17:06 - 2016-03-25 17:06 - 00000000 ____D C:\Users\Todos os Usuários\CyberLink
2016-03-25 17:06 - 2016-03-25 17:06 - 00000000 ____D C:\ProgramData\CyberLink
2016-03-25 16:25 - 2016-03-25 16:25 - 00000000 ____D C:\Users\Windows 7\Tracing
2016-03-25 15:58 - 2016-03-25 15:58 - 00269624 _____ C:\Windows\Minidump\032516-17796-01.dmp
2016-03-25 11:38 - 2016-03-25 11:38 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\DisneyInteractiveStudios
2016-03-25 11:36 - 2016-03-25 11:36 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\LEGO Pirates Of The Caribbean
2016-03-25 11:36 - 2016-03-25 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-03-25 11:17 - 2016-03-25 11:17 - 00001780 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-03-25 11:17 - 2016-03-25 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-03-24 19:48 - 2016-03-24 19:48 - 00003410 _____ C:\Windows\System32\Tasks\{055E963D-83D0-42EB-B1C7-395C535694F0}
2016-03-24 07:33 - 2016-03-24 07:33 - 00000000 ____D C:\Users\Windows 7\AppData\Local\DeSmuME
2016-03-21 21:43 - 2016-03-21 21:43 - 00000286 __RSH C:\Users\Windows 7\ntuser.pol
2016-03-21 20:39 - 2016-03-21 21:39 - 00000000 ____D C:\Users\Todos os Usuários\TXQMPC
2016-03-21 20:39 - 2016-03-21 21:39 - 00000000 ____D C:\ProgramData\TXQMPC
2016-03-21 20:39 - 2016-03-21 20:39 - 00005120 _____ C:\Users\Windows 7\AppData\Roaming\GiftBag.db
2016-03-21 20:39 - 2016-03-21 20:39 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-03-21 20:38 - 2016-03-21 21:36 - 00087800 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-03-21 20:38 - 2016-03-21 21:36 - 00045304 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2016-03-21 20:38 - 2016-03-21 21:13 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Tencent
2016-03-21 20:37 - 2016-03-21 22:35 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-03-21 20:37 - 2016-03-21 22:35 - 00000000 ____D C:\ProgramData\Tencent
2016-03-21 20:35 - 2016-03-21 20:35 - 00003200 _____ C:\Windows\System32\Tasks\{89B01D4A-B440-41BC-ACF9-170467139C4E}
2016-03-21 20:32 - 2016-03-22 18:56 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\WTools
2016-03-21 20:30 - 2016-05-15 16:14 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Store
2016-03-21 20:29 - 2016-03-21 20:29 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
2016-03-21 20:28 - 2016-03-21 20:28 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Nosibay
2016-03-20 16:28 - 2016-03-20 16:28 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Tecno_Clique
2016-03-20 15:47 - 2016-03-20 15:47 - 00000000 ____D C:\Users\Windows 7\AppData\Local\EMU
2016-03-20 15:28 - 2016-03-20 15:28 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Warner Bros. Interactive Entertainment
2016-03-19 16:51 - 2016-03-19 16:51 - 00000000 ____D C:\Users\Windows 7\AppData\Local\com
2016-03-19 16:49 - 2016-03-19 16:49 - 00000000 ____D C:\Users\Windows 7\AppData\Local\mixvideoplayer
2016-03-19 16:48 - 2016-03-19 16:48 - 00001968 _____ C:\Users\Windows 7\Desktop\MixVideoPlayer.lnk
2016-03-19 16:48 - 2016-03-19 16:48 - 00000000 ____D C:\Users\Windows 7\AppData\Local\BrowserWeb
2016-03-19 16:23 - 2016-03-19 16:24 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\DriverPack Notifier
2016-03-19 15:59 - 2016-03-15 11:25 - 05834181 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-03-19 15:59 - 2016-03-15 11:25 - 04854016 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-03-19 15:59 - 2016-03-15 11:25 - 03181282 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-03-19 14:57 - 2014-01-12 12:05 - 00086016 _____ (Nuvoton Technology Corp.) C:\Windows\system32\Drivers\nuvserial.sys
2016-03-19 14:57 - 2014-01-12 12:05 - 00023552 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\nuvserenum.sys
2016-03-19 14:54 - 2016-02-19 13:19 - 01027840 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-03-19 14:54 - 2009-09-09 12:23 - 00051712 _____ (Intel Corporation) C:\Windows\system32\Drivers\flashud.sys
2016-03-19 14:43 - 2016-03-19 14:43 - 00000000 ____D C:\Users\Windows 7\AppData\Local\DriverToolkit
2016-03-19 14:24 - 2016-03-20 15:11 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\RHEng
2016-03-19 14:23 - 2016-03-19 14:23 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-02-28 16:44 - 2016-02-28 16:44 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-02-28 16:44 - 2016-02-28 16:44 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-02-28 16:30 - 2016-02-28 16:50 - 00000000 ____D C:\Users\Windows 7\AppData\Local\backburner
2016-02-28 14:57 - 2016-02-28 15:36 - 00000000 ____D C:\Users\Todos os Usuários\FLEXnet
2016-02-28 14:57 - 2016-02-28 15:36 - 00000000 ____D C:\ProgramData\FLEXnet
2016-02-28 14:28 - 2016-02-28 17:18 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-02-28 14:16 - 2016-03-20 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-02-28 14:10 - 2016-02-28 15:05 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Autodesk
2016-02-28 14:10 - 2016-02-28 15:00 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-02-28 14:10 - 2016-02-28 15:00 - 00000000 ____D C:\ProgramData\Autodesk
2016-02-25 19:20 - 2016-03-13 13:35 - 00000034 _____ C:\Users\Windows 7\AppData\Roaming\AdobeWLCMCache.dat
2016-02-25 19:14 - 2016-05-19 19:21 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-02-25 19:14 - 2016-05-19 19:21 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-22 21:58 - 2015-03-09 09:11 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Skype
2016-05-22 21:58 - 2015-03-09 02:47 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E584F0B-6821-4751-820B-2CD21E129408}
2016-05-22 21:52 - 2016-01-02 14:55 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-22 21:26 - 2015-11-25 13:43 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\CalendarTool
2016-05-22 21:14 - 2016-03-19 16:23 - 00000000 ____D C:\Program Files (x86)\DriverPack Notifier
2016-05-22 20:54 - 2015-03-19 12:41 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-22 20:54 - 2015-03-19 12:41 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-22 20:40 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-22 20:40 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-22 20:34 - 2015-03-09 09:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-22 20:30 - 2015-06-20 20:44 - 00000686 _____ C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2016-05-22 20:30 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-22 14:30 - 2015-11-27 18:54 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\uTorrent
2016-05-22 13:11 - 2015-03-19 12:54 - 00000000 ____D C:\Users\Windows 7\AppData\LocalLow\Temp
2016-05-22 12:01 - 2016-01-02 15:04 - 00000000 ____D C:\Users\Windows 7\AppData\LocalLow\uTorrent
2016-05-22 11:44 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-21 17:04 - 2015-11-25 19:53 - 00000964 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-21 15:01 - 2015-05-30 18:56 - 00000266 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2016-05-20 14:40 - 2015-05-08 10:42 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Aplicativo Itau
2016-05-20 12:33 - 2009-07-29 13:08 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-05-20 12:33 - 2009-07-29 13:08 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-05-20 12:33 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-20 12:33 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-05-19 20:33 - 2015-03-09 03:19 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-05-19 20:33 - 2015-03-09 03:19 - 00000000 ____D C:\ProgramData\Adobe
2016-05-19 20:00 - 2015-03-19 17:25 - 00000000 ____D C:\Users\Windows 7\AppData\Local\Adobe
2016-05-19 19:21 - 2015-03-09 09:45 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Adobe
2016-05-18 18:56 - 2015-05-30 18:56 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2016-05-17 21:59 - 2015-03-09 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-17 11:29 - 2015-03-09 02:54 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-15 16:11 - 2015-03-19 13:03 - 00000000 ____D C:\Users\Windows 7\AppData\Roaming\HpUpdate
2016-05-15 15:52 - 2015-03-09 02:44 - 00000000 ____D C:\Users\Windows 7
2016-05-15 15:42 - 2015-11-21 17:00 - 00000000 ____D C:\Users\Todos os Usuários\abOWHdYLBoh
2016-05-15 15:42 - 2015-11-21 17:00 - 00000000 ____D C:\ProgramData\abOWHdYLBoh
2016-05-15 13:27 - 2015-11-25 16:58 - 00000000 ___HD C:\Users\Windows 7\AppData\Roaming\GoldenGate
2016-05-15 06:35 - 2015-12-09 14:59 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1449683979
2016-05-15 06:35 - 2015-06-13 15:51 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-13 13:54 - 2016-01-02 14:55 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 13:54 - 2015-11-25 19:53 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-13 13:54 - 2015-03-09 03:17 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 13:54 - 2015-03-09 03:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 21:22 - 2015-03-09 09:11 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-05-11 21:22 - 2015-03-09 09:11 - 00000000 ____D C:\ProgramData\Skype
2016-05-08 16:30 - 2015-11-21 16:29 - 00000000 _____ C:\END
2016-05-08 15:55 - 2016-03-26 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
2016-05-07 14:15 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Help
2016-05-04 16:34 - 2015-07-12 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-05-02 10:33 - 2015-03-09 03:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-01 17:04 - 2016-02-20 12:47 - 00000000 ____D C:\Users\Windows 7\.oracle_jre_usage
2016-04-24 20:44 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Arquivos na raiz de alguns diretórios =======

2015-03-28 16:58 - 2014-03-15 14:06 - 0392704 _____ () C:\Program Files\exchndl.dll
2015-03-28 16:58 - 2014-03-15 14:06 - 1256448 _____ (Firelight Technologies) C:\Program Files\fmodex.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0367104 _____ () C:\Program Files\libFLAC-8.dll
2015-03-28 16:58 - 2014-03-15 14:05 - 0488210 _____ () C:\Program Files\libgme.dll
2015-03-28 16:58 - 2014-03-15 14:06 - 0347910 _____ (Free Software Foundation) C:\Program Files\libintl-8.dll
2015-03-28 16:58 - 2013-06-08 01:59 - 0285184 _____ () C:\Program Files\libmikmod-2.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0401920 _____ () C:\Program Files\libmodplug-1.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0047104 _____ () C:\Program Files\libogg-0.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0196096 _____ () C:\Program Files\libvorbis-0.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0062976 _____ () C:\Program Files\libvorbisfile-3.dll
2015-03-28 16:58 - 2014-12-14 13:00 - 61597394 _____ () C:\Program Files\music.dta
2015-03-28 16:58 - 2014-12-14 14:09 - 0000028 _____ () C:\Program Files\patch.dta
2015-03-28 16:58 - 2014-08-26 17:46 - 1042392 _____ () C:\Program Files\player.dta
2015-03-28 16:58 - 2014-03-06 03:40 - 0355226 _____ () C:\Program Files\rings.dta
2015-03-28 16:58 - 2014-12-31 16:05 - 1218254 _____ () C:\Program Files\r_opengl.dll
2015-03-28 16:58 - 2014-11-11 16:44 - 1007104 _____ () C:\Program Files\SDL2.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0184320 _____ () C:\Program Files\SDL2_mixer.dll
2015-03-28 16:58 - 2013-08-10 14:40 - 0301568 _____ () C:\Program Files\smpeg2.dll
2015-03-28 16:58 - 2014-12-31 08:04 - 0000029 _____ () C:\Program Files\SRB2 - OpenGL - DirectDraw.bat
2015-03-28 16:58 - 2014-03-15 13:17 - 0000030 _____ () C:\Program Files\SRB2 - OpenGL.bat
2015-03-28 16:58 - 2014-12-31 15:34 - 98452828 _____ () C:\Program Files\srb2.srb
2015-03-28 16:58 - 2015-01-01 17:32 - 1139406 _____ () C:\Program Files\srb2dd.exe
2015-03-28 16:58 - 2015-01-01 17:32 - 1132334 _____ () C:\Program Files\srb2win.exe
2015-03-28 16:58 - 2014-12-14 12:41 - 44105422 _____ () C:\Program Files\zones.dta
2015-12-02 19:33 - 2006-12-03 13:30 - 0176263 _____ () C:\Program Files (x86)\bgm.dat
2015-12-02 19:33 - 2007-01-18 18:49 - 1228966 _____ () C:\Program Files (x86)\data1.cab
2015-12-02 19:33 - 2007-01-18 18:49 - 0038591 _____ () C:\Program Files (x86)\data1.hdr
2016-02-25 19:20 - 2016-03-13 13:35 - 0000034 _____ () C:\Users\Windows 7\AppData\Roaming\AdobeWLCMCache.dat
2016-03-21 20:24 - 2016-03-21 20:32 - 0001356 _____ () C:\Users\Windows 7\AppData\Roaming\Bubble Dock.boostrap.log
2016-03-21 20:27 - 2016-03-21 20:30 - 0005675 _____ () C:\Users\Windows 7\AppData\Roaming\Bubble Dock.installation.log
2016-03-21 20:39 - 2016-03-21 20:39 - 0005120 _____ () C:\Users\Windows 7\AppData\Roaming\GiftBag.db
2016-05-15 13:15 - 2016-05-15 13:15 - 0036162 _____ () C:\Users\Windows 7\AppData\Roaming\ICSW_0D1F2W1G1I1F1T1Q0A1B2Z1C1F1V0P0P0CtJ1V0D1C1F1E0B1F2V.txt
2016-03-21 20:32 - 2016-03-21 20:32 - 0000078 _____ () C:\Users\Windows 7\AppData\Roaming\Selection Tools.installation.log
2015-03-19 12:43 - 2015-03-19 12:43 - 0016058 _____ () C:\Users\Windows 7\AppData\Roaming\unins000.dat
2015-03-19 12:43 - 2015-03-19 12:43 - 0720082 _____ () C:\Users\Windows 7\AppData\Roaming\unins000.exe
2016-03-21 20:24 - 2016-03-21 20:24 - 0000097 _____ () C:\Users\Windows 7\AppData\Roaming\WindApp.boostrap.log
2016-03-21 20:30 - 2016-03-21 20:30 - 0000078 _____ () C:\Users\Windows 7\AppData\Roaming\WindApp.installation.log
2015-12-09 20:03 - 2015-11-14 20:08 - 2496403 _____ ( ) C:\Users\Windows 7\AppData\Roaming\yeaplayer_51472.exe
2016-05-19 19:17 - 2016-05-19 19:18 - 266040255 _____ () C:\Users\Windows 7\AppData\Local\ACCCx3_6_0_248.zip.aamdownload
2016-05-19 19:17 - 2016-05-19 19:18 - 0003014 _____ () C:\Users\Windows 7\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd
2015-04-20 23:44 - 2015-07-15 21:16 - 0010752 _____ () C:\Users\Windows 7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-13 22:28 - 2015-10-13 22:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-12-17 17:14 - 2015-12-17 17:14 - 0007454 _____ () C:\ProgramData\webad.xml

Arquivos para serem movidos ou deletados:
====================
C:\Users\Windows 7\auxenc.dll
C:\Users\Windows 7\Core.DLL
C:\Users\Windows 7\Decoder.DLL
C:\Users\Windows 7\Diver.DLL
C:\Users\Windows 7\Major.dll
C:\Users\Windows 7\MMLink.dll
C:\Users\Windows 7\MMTranslation.DLL
C:\Users\Windows 7\SimpleExt.dll
C:\Users\Windows 7\unins000.dat
C:\Users\Windows 7\unins000.exe
C:\Users\Windows 7\VideoConverter.DLL
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job


Alguns arquivos em TEMP:
====================
C:\Users\Windows 7\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Windows 7\AppData\Local\Temp\jre-8u91-windows-au.exe


Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\d3dx10.dll

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-21 16:17

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité