Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:27-01-2016 Executado por Wlader (administrador) em GAMER (30-01-2016 18:36:52) Executando a partir de C:\Users\Wlader\Downloads Perfis Carregados: Wlader (Perfis Disponíveis: Wlader) Platform: Windows 8.1 Enterprise (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (RayDl) C:\Program Files (x86)\RayDld\ihpmServer.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (TU-Funs LIMITED) C:\ProgramData\6WdM6\WdMan.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\bavhm.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (BigGay installer) C:\Program Files (x86)\SpaceSondPro_v53.12547\SpaceSondPro_Service.exe (bitchplease updater) C:\Program Files (x86)\SpaceSondPro_v53.12547\ioproduct.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\ProgramData\WindowsMsg\osmsg.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bav.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe () C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009\vnsqEDE5.tmp (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Wlader\Downloads\FRST64 (1).exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.) HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA) HKLM\...\Run: [Sound+] => "C:\Program Files\Sound+\Sound+.exe" HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" HKLM-x32\...\Run: [RemoteControl11] => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [234792 2011-04-20] (CyberLink Corp.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe [1997296 2015-10-19] (Baidu, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe [126976 2015-12-31] (wefwfw) HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe [1571296 2015-12-28] (Tencent) HKLM-x32\...\Run: [gmsd_br_005010223] => [X] HKLM-x32\...\Run: [rec_en_77] => [X] HKLM-x32\...\RunOnce: [IOPROTECT] => C:\Program Files (x86)\SpaceSondPro_v53.12547\ioproduct_service.bat [164 2016-01-30] () Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal) HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG) HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [36776 2016-01-04] (Glarysoft Ltd) HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-29] (Skype Technologies S.A.) HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe [126976 2015-12-31] (wefwfw) HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1907200 2016-01-20] () HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\...\MountPoints2: {cd48d20f-1d20-11e5-8256-002522c04102} - "K:\setup.exe" HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation) AppInit_DLLs: C:\ProgramData\KeyStream\DIWYSV64.dll => Nenhum Arquivo AppInit_DLLs-x32: C:\ProgramData\KeyStream\DIWYSV32.dll => Nenhum Arquivo ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2015-10-19] (Baidu, Inc.) BootExecute: autocheck autochk * CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{15037A74-A17B-4F4E-A642-C2AFA69EDDDD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKU\S-1-5-21-1433210940-3313559613-2812674987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> DefaultScope {CA2DDBAC-5E9F-4D58-9E3F-CA5D615B8AEB} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {2609078A-D534-44B2-9606-F4C02E0636D3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKU\S-1-5-21-1433210940-3313559613-2812674987-1001 -> {CA2DDBAC-5E9F-4D58-9E3F-CA5D615B8AEB} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-22] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-28] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default FF Homepage: hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=6b869bfe15a35912c0ac0faaa2c8a96d FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-26] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-26] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mysites123.xml [2016-01-30] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omniboxes.xml [2016-01-30] FF Extension: Desprotetor de Links - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\desprotetordelinks@claudio-silva.com.xpi [2015-11-14] FF Extension: Sem Nome - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\deskCutv2@gmail.com [2016-01-30] [não assinado] FF Extension: Sem Nome - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\yahooprotected@gmail.com [não encontrado (a)] FF Extension: Adblock Plus - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] FF HKLM\...\Firefox\Extensions: [{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}] - C:\Program Files\shopperz300120161802\Firefox\{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}.xpi => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\deskCutv2@gmail.com FF HKLM-x32\...\Firefox\Extensions: [{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}] - C:\Program Files\shopperz300120161802\Firefox\{6F08375B-85F6-4F51-9BAA-328E0CC5DE0F}.xpi => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Wlader\AppData\Roaming\Mozilla\Firefox\Profiles\o6nhg594.default\extensions\yahooprotected@gmail.com => não encontrado (a) Chrome: ======= CHR Profile: C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30] CHR Extension: (Google Docs) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-30] CHR Extension: (Google Drive) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-30] CHR Extension: (YouTube) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-30] CHR Extension: (Google Search) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-30] CHR Extension: (Documentos Google off-line) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-30] CHR Extension: (Skype) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-30] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-30] CHR Extension: (Gmail) - C:\Users\Wlader\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-30] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] Opera: ======= OPR StartupUrls: "hxxp://maisdowns.com" ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe [2572928 2015-10-19] (Baidu, Inc.) S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdSandboxSrv64.exe [490528 2015-03-05] (Baidu, Inc.) R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe [531232 2015-10-19] (Baidu, Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) S4 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-20] () S4 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink) S4 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia) R2 ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [265960 2016-01-29] (RayDl) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Arquivo não assinado] R2 ValhallaUpdateHlp; C:\Windows\SysWOW64\activealias.dll [414456 2015-01-27] () S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-06-03] (VIA Technologies, Inc.) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [856800 2015-08-21] (GAS Tecnologia LTDA) R2 WdMan; C:\ProgramData\6WdM6\WdMan.exe [794376 2016-01-30] (TU-Funs LIMITED) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X] S2 MPCProtectService; "D:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X] S2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-09-30] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2015-08-17] () U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdApiUtil64.sys [116936 2015-10-19] (Baidu, Inc.) R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] () U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdCameraProtect64.sys [25032 2015-10-19] (Baidu, Inc.) S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [236920 2015-03-05] (Baidu, Inc.) R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2015-10-19] (Baidu, Inc.) R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-10-19] (Baidu, Inc.) R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-10-19] (Baidu, Inc.) R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2015-10-19] (Baidu, Inc.) R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bnmon64.sys [82376 2015-10-19] (Baidu, Inc.) R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2015-10-19] (Baidu, Inc.) R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56728 2016-01-30] (Windows (R) Win 7 DDK provider) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-27] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-05] (Glarysoft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-03] (REALiX(tm)) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2015-08-17] () R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-01-30] (DotC United Inc) R2 msizhandler; C:\Windows\system32\drivers\appaskdetech.sys [140952 2015-11-04] () R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-01-30] (GAS Tecnologia) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia) R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink Corp.) S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] S1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X] S1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X] S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-01-30 18:36 - 2016-01-30 18:37 - 00023290 _____ C:\Users\Wlader\Downloads\FRST.txt 2016-01-30 18:36 - 2016-01-30 18:36 - 00000000 ____D C:\FRST 2016-01-30 18:35 - 2016-01-30 18:35 - 02370560 _____ (Farbar) C:\Users\Wlader\Downloads\FRST64 (1).exe 2016-01-30 18:34 - 2016-01-30 18:34 - 02370560 _____ (Farbar) C:\Users\Wlader\Downloads\FRST64.exe 2016-01-30 17:22 - 2016-01-30 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC 2016-01-30 17:08 - 2016-01-30 17:08 - 00000000 ____D C:\Windows\system32\log 2016-01-30 17:07 - 2016-01-30 17:21 - 00000000 ____D C:\Program Files (x86)\Elex-tech 2016-01-30 17:07 - 2016-01-30 17:07 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Elex-tech 2016-01-30 17:06 - 2016-01-30 17:07 - 27989848 _____ (Elex do Brasil Participações Ltda) C:\Users\Wlader\Downloads\yet_another_cleaner_sk_8052088.exe 2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage 2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\ASPackage 2016-01-30 16:05 - 2016-01-30 16:05 - 00000000 ____D C:\Program Files (x86)\03000200-1454177148-0500-0006-000700080009 2016-01-30 15:50 - 2016-01-30 17:21 - 00000000 ____D C:\Program Files (x86)\WeatherTool 2016-01-30 15:50 - 2016-01-30 16:50 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\WeatherTool 2016-01-30 15:50 - 2016-01-30 15:53 - 00000000 ____D C:\Program Files (x86)\SpaceSondPro_v53.12547 2016-01-30 15:50 - 2016-01-30 15:50 - 00000008 _____ C:\END 2016-01-30 15:39 - 2016-01-30 15:39 - 00000000 _____ C:\autoexec.bat 2016-01-30 15:38 - 2016-01-30 15:38 - 00003324 _____ C:\Windows\System32\Tasks\SpyHunter4Startup 2016-01-30 15:38 - 2016-01-30 15:38 - 00000000 ____D C:\sh4ldr 2016-01-30 15:37 - 2016-01-30 17:12 - 00000000 ____D C:\Program Files\Enigma Software Group 2016-01-30 15:37 - 2016-01-30 15:37 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Wlader\Downloads\SpyHunter-Installer.exe 2016-01-30 15:37 - 2016-01-30 15:37 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys 2016-01-30 15:07 - 2016-01-30 18:12 - 00000356 ____H C:\Windows\Tasks\NVXUUDBSGNMGMJGC.job 2016-01-30 15:07 - 2016-01-30 15:07 - 00003366 _____ C:\Windows\System32\Tasks\NVXUUDBSGNMGMJGC 2016-01-30 14:58 - 2016-01-30 14:58 - 00003014 _____ C:\Windows\System32\Tasks\ttwifi 2016-01-30 14:58 - 2016-01-30 14:58 - 00002910 _____ C:\Windows\System32\Tasks\osTip 2016-01-30 14:58 - 2016-01-30 14:58 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg 2016-01-30 14:58 - 2016-01-30 14:58 - 00000000 ____D C:\ProgramData\WindowsMsg 2016-01-30 14:57 - 2016-01-30 18:02 - 00000356 ____H C:\Windows\Tasks\QTSCJDOLRMBKUQGF.job 2016-01-30 14:57 - 2016-01-30 15:07 - 00000000 ____D C:\Users\Todos os Usuários\Service0561 2016-01-30 14:57 - 2016-01-30 15:07 - 00000000 ____D C:\ProgramData\Service0561 2016-01-30 14:57 - 2016-01-30 14:57 - 00003366 _____ C:\Windows\System32\Tasks\QTSCJDOLRMBKUQGF 2016-01-30 14:57 - 2016-01-30 14:57 - 00000000 ____D C:\Users\Todos os Usuários\12db864551ae4c578eb17db1a9f5d3cf 2016-01-30 14:57 - 2016-01-30 14:57 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf 2016-01-30 14:42 - 2016-01-30 14:42 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\kingsoft 2016-01-30 14:37 - 2016-01-30 18:34 - 00000346 _____ C:\Windows\Tasks\PPTAssistantNotifyTask_Wlader.job 2016-01-30 14:37 - 2016-01-30 18:02 - 00000616 _____ C:\Windows\Tasks\PPTAssistantUpdateTask_Wlader.job 2016-01-30 14:37 - 2016-01-30 14:43 - 00003566 _____ C:\Windows\System32\Tasks\PPTAssistantUpdateTask_Wlader 2016-01-30 14:37 - 2016-01-30 14:37 - 00003296 _____ C:\Windows\System32\Tasks\PPTAssistantNotifyTask_Wlader 2016-01-30 14:36 - 2016-01-30 15:18 - 00000000 ____D C:\Users\Wlader\AppData\Local\PPTAssist 2016-01-30 14:36 - 2016-01-30 14:48 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\pptassist 2016-01-30 14:36 - 2016-01-30 14:42 - 00000000 ____D C:\Users\Todos os Usuários\kingsoft 2016-01-30 14:36 - 2016-01-30 14:42 - 00000000 ____D C:\ProgramData\kingsoft 2016-01-30 14:36 - 2016-01-30 14:36 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys 2016-01-30 14:35 - 2016-01-30 15:05 - 00000000 ____D C:\Program Files (x86)\ppt 2016-01-30 14:28 - 2016-01-30 14:29 - 00000000 ____D C:\Users\Todos os Usuários\6WdM6 2016-01-30 14:28 - 2016-01-30 14:29 - 00000000 ____D C:\ProgramData\6WdM6 2016-01-30 14:28 - 2016-01-30 14:28 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2016-01-30 14:28 - 2016-01-30 14:28 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2016-01-30 14:27 - 2013-08-22 11:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak 2016-01-30 14:26 - 2016-01-30 18:23 - 00000000 ____D C:\Program Files (x86)\03000200-1454171166-0500-0006-000700080009 2016-01-30 14:24 - 2016-01-30 14:24 - 00003340 _____ C:\Windows\System32\Tasks\Uumoejuk 2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\Company 2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} 2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\uninst 2016-01-30 14:24 - 2016-01-30 14:24 - 00000000 ____D C:\Program Files (x86)\RayDld 2016-01-30 14:05 - 2016-01-30 14:24 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys 2016-01-29 20:03 - 2016-01-29 20:14 - 00000000 ____D C:\Users\Wlader\Downloads\Rise.Of.The.Tomb.Raider.Steam.Preload.Unlocker 2016-01-29 20:02 - 2016-01-29 20:02 - 00018884 _____ C:\Users\Wlader\Downloads\Rise.Of.The.Tomb.Raider.Steam.Preload.Unlocker.torrent 2016-01-28 17:15 - 2016-01-28 17:15 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Sun 2016-01-28 17:15 - 2016-01-28 17:15 - 00000000 ____D C:\Users\Wlader\.oracle_jre_usage 2016-01-28 17:13 - 2016-01-28 17:13 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\Oracle 2016-01-19 15:52 - 2016-01-19 16:50 - 00000000 ____D C:\Users\Wlader\Downloads\[R.G. Mechanics] Darksiders II Deathinitive Edition 2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\IDMComp 2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\Users\Todos os Usuários\IDMComp 2016-01-19 14:19 - 2016-01-19 14:19 - 00000000 ____D C:\ProgramData\IDMComp 2016-01-16 17:27 - 2016-01-16 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit 2016-01-16 17:27 - 2016-01-16 17:27 - 00000000 ____D C:\Program Files\IDM Computer Solutions 2016-01-16 17:26 - 2016-01-16 17:26 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\AIMP 2016-01-16 17:25 - 2016-01-16 17:27 - 47612488 _____ C:\Users\Wlader\Downloads\Mozilla_Firefox_(64bit)_v43.0.4.exe 2016-01-16 17:25 - 2016-01-16 17:26 - 133051672 _____ (Apple Inc.) C:\Users\Wlader\Downloads\iTunes_(64bit)_v12.3.2.exe 2016-01-16 17:24 - 2016-01-16 17:25 - 54701056 _____ (IDM Computer Solutions, Inc.) C:\Users\Wlader\Downloads\UltraEdit(64bit)_v22.20.exe 2016-01-16 17:24 - 2016-01-16 17:25 - 24531104 _____ (Baidu, Inc.) C:\Users\Wlader\Downloads\Baidu_Antivirus_v5.4.3.148966.exe 2016-01-16 17:24 - 2016-01-16 17:24 - 15300128 _____ C:\Users\Wlader\Downloads\Glary_Utilities_v5.42.0.62.exe 2016-01-16 17:24 - 2016-01-16 17:24 - 08567416 _____ (AIMP DevTeam) C:\Users\Wlader\Downloads\AIMP_v4.00_Build_1683.exe 2016-01-16 17:24 - 2016-01-16 17:24 - 08115632 _____ (AIMP DevTeam) C:\Users\Wlader\Downloads\AIMP_v4.00_Build_1670_RC_2.exe 2016-01-16 17:09 - 2016-01-16 17:09 - 03017216 _____ (Vitzo) C:\Users\Wlader\Downloads\VDownloader.exe 2016-01-16 15:00 - 2016-01-16 21:09 - 00000000 ____D C:\Users\Wlader\Downloads\Dragons Dogma Dark Arisen-SKIDROWCRACK 2016-01-16 14:58 - 2016-01-16 14:58 - 00682699 _____ C:\Users\Wlader\Downloads\[kat.cr]dragon.s.dogma.dark.arisen.cracked.sc.torrent 2016-01-13 12:45 - 2015-12-11 02:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-13 12:45 - 2015-12-11 02:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-13 12:45 - 2015-12-11 01:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-13 12:45 - 2015-12-11 01:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-01-13 12:45 - 2015-12-11 01:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-13 12:45 - 2015-12-11 01:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-01-13 12:45 - 2015-12-11 01:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-13 12:45 - 2015-12-11 01:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-01-13 12:45 - 2015-12-11 01:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-01-13 12:45 - 2015-12-11 01:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-13 12:45 - 2015-12-11 00:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-13 12:45 - 2015-12-11 00:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-01-13 12:45 - 2015-12-11 00:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-01-13 12:45 - 2015-12-11 00:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-13 12:45 - 2015-12-11 00:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-01-13 12:45 - 2015-12-11 00:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-01-13 12:45 - 2015-12-11 00:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-13 12:45 - 2015-12-11 00:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-01-13 12:45 - 2015-12-11 00:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-01-13 12:45 - 2015-12-11 00:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-01-13 12:45 - 2015-12-11 00:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-01-13 12:43 - 2015-12-02 13:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-13 12:43 - 2015-12-02 13:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-13 12:42 - 2015-12-05 03:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-13 12:42 - 2015-12-05 03:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-13 12:42 - 2015-12-05 03:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-13 12:42 - 2015-12-05 03:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-13 12:42 - 2015-12-05 03:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-13 12:42 - 2015-12-05 03:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-13 12:42 - 2015-12-05 03:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2016-01-13 12:42 - 2015-12-03 15:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-13 12:42 - 2015-12-03 14:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-13 12:41 - 2015-12-30 17:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-13 12:41 - 2015-12-30 17:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-01-13 12:41 - 2015-12-30 17:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-01-13 12:41 - 2015-12-09 22:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-01-13 12:41 - 2015-12-07 08:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 01798480 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-13 12:41 - 2015-12-05 03:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-01-13 12:41 - 2015-12-05 03:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-01-13 12:41 - 2015-12-04 13:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-01-13 12:41 - 2015-12-03 17:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-01-13 12:41 - 2015-12-03 17:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-01-13 12:41 - 2015-12-03 17:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-13 12:41 - 2015-12-03 17:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2016-01-13 12:41 - 2015-12-03 17:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-01-13 12:41 - 2015-12-03 16:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-01-13 12:41 - 2015-12-03 16:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-01-13 12:41 - 2015-12-03 16:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2016-01-13 12:41 - 2015-12-03 16:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-01-13 12:41 - 2015-12-03 16:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-01-13 12:41 - 2015-12-03 16:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-13 12:41 - 2015-12-03 16:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-13 12:41 - 2015-12-03 16:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-13 12:41 - 2015-12-03 16:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-13 12:41 - 2015-12-03 16:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-13 12:41 - 2015-12-03 15:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-13 12:41 - 2015-12-03 15:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-01-13 12:41 - 2015-12-03 15:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-13 12:41 - 2015-12-03 15:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-01-13 12:41 - 2015-12-03 15:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-01-13 12:41 - 2015-12-03 15:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-13 12:41 - 2015-12-03 15:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-13 12:41 - 2015-12-03 15:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-13 12:41 - 2015-12-03 15:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-01-13 12:41 - 2015-12-03 15:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-01-13 12:41 - 2015-12-03 15:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-13 12:41 - 2015-12-03 15:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-01-13 12:41 - 2015-12-03 15:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-13 12:41 - 2015-12-03 14:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-01-13 12:41 - 2015-12-03 14:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-13 12:41 - 2015-11-17 19:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-01-13 12:41 - 2015-11-17 19:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-01-13 12:41 - 2015-11-17 19:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-01-13 12:41 - 2015-11-17 19:07 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-01-13 12:41 - 2015-11-17 19:07 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-01-13 12:41 - 2015-11-17 19:07 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-13 12:41 - 2015-11-17 19:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-01-13 12:40 - 2015-12-08 17:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-13 12:40 - 2015-12-08 17:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-01-11 12:12 - 2016-01-16 17:16 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-11 12:12 - 2016-01-11 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-01-11 12:11 - 2016-01-11 12:11 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Wlader\Downloads\SkypeSetup.exe 2016-01-10 17:42 - 2016-01-10 17:42 - 06698008 _____ (Tribo Gamer Brasil®) C:\Users\Wlader\Downloads\ff13_br-v1.01[].exe 2016-01-10 17:41 - 2016-01-10 17:41 - 00979424 _____ (Internet ) C:\Users\Wlader\Downloads\ff13_br-v1.01[www.tribogamer.com].exe 2016-01-10 11:59 - 2016-01-30 14:48 - 00000000 ____D C:\Users\Wlader\AppData\LocalLow\uTorrent 2016-01-09 21:11 - 2016-01-09 22:05 - 00000000 ____D C:\Users\Wlader\Downloads\Hércules (2014) BRrip 1080p 6 Ch Dublado - AndreTPF 2016-01-09 16:16 - 2016-01-09 16:28 - 00000000 ____D C:\Users\Wlader\Downloads\Dragon Ball Z - A Batalha Dos Deuses (2013) BDrip 1080p Dublado - AndreTPF 2016-01-09 15:59 - 2016-01-09 15:59 - 00023159 _____ C:\Users\Wlader\Downloads\Darksiders.II.Deathinitive.Edition.torrent 2016-01-07 09:03 - 2016-01-07 09:25 - 00000000 ____D C:\Users\Wlader\Downloads\Batman - O Cavaleiro Das Trevas (2008) 2016-01-07 02:40 - 2016-01-07 02:40 - 00000000 ____D C:\Users\Wlader\Documents\Modelos Personalizados do Office 2016-01-05 23:24 - 2016-01-05 23:37 - 00000000 ____D C:\Users\Wlader\Downloads\Batman-O Cavaleiro Das Trevas Ressurge 2016-01-05 23:18 - 2016-01-06 15:14 - 00000000 ____D C:\Users\Wlader\Downloads\Birdman - A Inesperada Virtude Da Ignorância (2015) BRrip Blu-Ray 1080p 5.1 Ch Dublado - AndreTPF 2016-01-05 01:27 - 2016-01-05 12:43 - 00000000 ____D C:\Users\Wlader\Downloads\Vingadores.Era.de.Ultron.2015.1080p.BluRay.Dual-WOLVERDONFILMES.COM 2016-01-04 17:03 - 2016-01-30 17:27 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2016-01-04 17:03 - 2016-01-04 17:03 - 00001024 _____ C:\.rnd 2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia 2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ___HD C:\Program Files (x86)\Diebold 2016-01-04 17:03 - 2016-01-04 17:03 - 00000000 ____D C:\Program Files\Diebold 2016-01-04 17:03 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys 2016-01-04 17:00 - 2016-01-30 17:27 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2016-01-04 17:00 - 2016-01-05 16:13 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-01-04 17:00 - 2016-01-05 16:13 - 00000000 ____D C:\ProgramData\GbPlugin 2016-01-04 17:00 - 2016-01-04 17:00 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia 2016-01-04 17:00 - 2016-01-04 17:00 - 00000000 ____D C:\ProgramData\GAS Tecnologia 2016-01-04 10:47 - 2016-01-30 18:23 - 00000000 ____D C:\Users\Todos os Usuários\BavSvc_exe 2016-01-04 10:47 - 2016-01-30 18:23 - 00000000 ____D C:\ProgramData\BavSvc_exe 2016-01-02 14:36 - 2016-01-02 14:36 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2016-01-01 13:51 - 2015-07-30 12:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-01-01 13:51 - 2015-07-30 11:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-01-01 13:26 - 2014-06-09 20:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-01-01 13:26 - 2014-06-09 20:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-12-31 21:39 - 2015-12-31 21:39 - 00000000 ____D C:\Users\Wlader\Documents\Aspyr 2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-31 17:48 - 2015-12-31 17:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-31 17:47 - 2015-12-31 17:47 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-31 17:47 - 2015-12-31 17:47 - 00000000 ____D C:\Program Files\MSBuild 2015-12-31 17:36 - 2013-08-03 02:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2015-12-31 17:33 - 2013-08-03 02:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2015-12-31 17:18 - 2015-12-31 17:18 - 00000773 _____ C:\Users\Wlader\Desktop\Star Wars The Force Unleashed.lnk 2015-12-31 16:46 - 2015-12-31 16:46 - 00000000 ____D C:\Users\Wlader\AppData\Local\Aspyr 2015-12-31 10:55 - 2015-12-31 11:38 - 00000000 ____D C:\Users\Wlader\Downloads\Missão Impossível - Protocolo Fantasma (2011) 720p BrRip (Dual Audio) ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-01-30 18:25 - 2015-09-19 16:27 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Skype 2016-01-30 18:20 - 2015-11-29 12:18 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-30 18:15 - 2015-08-16 14:38 - 00000964 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-01-30 17:43 - 2015-09-25 19:48 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-30 17:32 - 2015-06-02 21:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1433210940-3313559613-2812674987-1001 2016-01-30 17:27 - 2015-11-29 12:18 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-30 17:27 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-30 17:26 - 2015-06-04 17:14 - 00000292 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Wlader.job 2016-01-30 17:26 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-30 17:24 - 2015-06-04 17:14 - 00002394 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Wlader 2016-01-30 17:21 - 2015-12-21 13:37 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Baidu 2016-01-30 17:21 - 2015-10-19 16:59 - 00000000 ____D C:\Users\Todos os Usuários\Baidu 2016-01-30 17:21 - 2015-10-19 16:59 - 00000000 ____D C:\ProgramData\Baidu 2016-01-30 15:38 - 2015-10-13 00:38 - 00000278 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job 2016-01-30 15:38 - 2015-06-02 21:16 - 00000000 ____D C:\Users\Wlader 2016-01-30 15:31 - 2015-06-03 11:20 - 00000000 ____D C:\Users\Todos os Usuários\IObit 2016-01-30 15:31 - 2015-06-03 11:20 - 00000000 ____D C:\ProgramData\IObit 2016-01-30 15:19 - 2015-06-02 21:16 - 00000000 ____D C:\Users\Wlader\AppData\Local\Packages 2016-01-30 14:48 - 2015-06-04 18:16 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\uTorrent 2016-01-30 14:31 - 2015-08-22 10:06 - 00000952 _____ C:\Users\Public\Desktop\The Witcher Enhanced Edition Director's Cut.lnk 2016-01-30 14:31 - 2015-06-08 21:51 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-30 14:31 - 2015-06-03 11:12 - 00002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-01-30 14:31 - 2015-06-02 21:17 - 00001434 _____ C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-30 14:25 - 2015-08-15 09:37 - 00001146 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk 2016-01-28 17:36 - 2015-06-03 11:44 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2016-01-28 17:36 - 2015-06-03 11:44 - 00000000 ____D C:\ProgramData\Oracle 2016-01-28 17:16 - 2015-06-03 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-28 17:16 - 2015-06-03 11:44 - 00000000 ____D C:\Program Files (x86)\Java 2016-01-28 17:14 - 2015-06-03 11:45 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-01-27 19:20 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf 2016-01-27 19:19 - 2015-07-05 13:40 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5 2016-01-26 18:24 - 2015-06-03 11:20 - 00000000 ____D C:\Users\Todos os Usuários\ProductData 2016-01-26 18:24 - 2015-06-03 11:20 - 00000000 ____D C:\ProgramData\ProductData 2016-01-25 12:54 - 2015-06-04 17:40 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\vlc 2016-01-25 12:52 - 2015-06-11 22:56 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\dvdcss 2016-01-21 22:49 - 2015-06-04 23:48 - 00000000 ____D C:\Users\Wlader\Documents\The Witcher 3 2016-01-20 12:43 - 2015-09-25 19:48 - 00003790 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-01-20 12:43 - 2015-08-16 14:38 - 00003924 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-01-16 17:42 - 2015-08-01 15:47 - 00000000 ____D C:\Users\Wlader\Documents\samsung 2016-01-16 17:42 - 2015-06-08 22:04 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Mozilla 2016-01-16 17:42 - 2015-06-03 11:11 - 00000000 ____D C:\Users\Wlader\AppData\Local\Google 2016-01-16 17:42 - 2015-06-03 11:11 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-16 17:42 - 2015-06-03 09:14 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-01-16 17:42 - 2015-06-03 09:14 - 00000000 ____D C:\ProgramData\Adobe 2016-01-16 17:28 - 2015-07-05 13:40 - 00003306 _____ C:\Windows\System32\Tasks\GlaryInitialize 5 2016-01-16 17:28 - 2015-07-05 13:40 - 00002968 _____ C:\Windows\System32\Tasks\GU5SkipUAC 2016-01-16 17:28 - 2015-07-05 13:40 - 00001108 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2016-01-16 17:27 - 2015-07-30 14:59 - 00000000 ____D C:\Program Files (x86)\AIMP3 2016-01-15 08:29 - 2015-06-09 21:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-01-15 08:27 - 2015-06-09 21:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-14 20:20 - 2015-08-22 10:07 - 00000000 ____D C:\Users\Wlader\AppData\Local\The Witcher 2016-01-14 09:09 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache 2016-01-13 22:46 - 2014-03-18 08:32 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-13 22:46 - 2014-03-18 07:45 - 00774702 _____ C:\Windows\system32\prfh0416.dat 2016-01-13 22:46 - 2014-03-18 07:45 - 00158296 _____ C:\Windows\system32\prfc0416.dat 2016-01-13 13:58 - 2015-11-27 20:58 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-13 13:58 - 2015-11-27 20:58 - 00000000 ____D C:\Windows\system32\appraiser 2016-01-13 13:06 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp 2016-01-13 13:04 - 2015-10-12 15:34 - 00000000 ____D C:\Windows\system32\MRT 2016-01-13 13:00 - 2015-10-12 15:34 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-01-12 19:30 - 2015-09-20 11:40 - 00000000 ____D C:\Users\Wlader\Documents\WB Games 2016-01-11 12:12 - 2015-09-19 16:26 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2016-01-11 12:12 - 2015-09-19 16:26 - 00000000 ____D C:\ProgramData\Skype 2016-01-07 01:21 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-05 18:04 - 2015-11-27 21:13 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-01-05 18:04 - 2015-11-27 21:13 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-05 16:13 - 2013-08-22 12:44 - 00482456 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-04 17:05 - 2015-12-23 12:52 - 00000000 ____D C:\Users\Wlader\AppData\Local\VirtualStore 2016-01-04 17:04 - 2015-06-03 10:21 - 00000000 ____D C:\Users\Todos os Usuários\Temp 2016-01-04 17:04 - 2015-06-03 10:21 - 00000000 ____D C:\ProgramData\Temp 2015-12-31 19:28 - 2015-06-03 11:41 - 00000000 __SHD C:\Users\Wlader\AppData\LocalLow\EmieUserList 2015-12-31 18:56 - 2015-08-22 10:11 - 00000000 ____D C:\Users\Wlader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio 2015-12-31 18:56 - 2015-08-22 10:11 - 00000000 ____D C:\Program Files (x86)\GameVicio 2015-12-31 17:48 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\MUI 2015-12-31 17:48 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\MUI ==================== Arquivos na raiz de alguns diretórios ======= 2015-09-13 15:26 - 2015-09-13 15:26 - 0004608 _____ () C:\Users\Wlader\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-04 20:50 - 2015-11-04 20:50 - 0140952 _____ () C:\ProgramData\appaskdetech.sys 2015-11-04 20:50 - 2015-11-04 20:50 - 0414456 _____ () C:\ProgramData\FAODDGLCSSPE.dat 2016-01-30 14:28 - 2016-01-30 14:28 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\FAODDGLCSSPE.dat C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Todos os Usuários\FAODDGLCSSPE.dat C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job Alguns arquivos em TEMP: ==================== C:\Users\Wlader\AppData\Local\Temp\0YLG829TIG.exe C:\Users\Wlader\AppData\Local\Temp\1454181713.exe C:\Users\Wlader\AppData\Local\Temp\30CF.tmp.exe C:\Users\Wlader\AppData\Local\Temp\355F.tmp.exe C:\Users\Wlader\AppData\Local\Temp\37DC.tmp.exe C:\Users\Wlader\AppData\Local\Temp\45B9.tmp.exe C:\Users\Wlader\AppData\Local\Temp\69AA.tmp.exe C:\Users\Wlader\AppData\Local\Temp\760C.tmp.exe C:\Users\Wlader\AppData\Local\Temp\7CF7.tmp.exe C:\Users\Wlader\AppData\Local\Temp\A38C.tmp.exe C:\Users\Wlader\AppData\Local\Temp\A502.tmp.exe C:\Users\Wlader\AppData\Local\Temp\A9EA.tmp.exe C:\Users\Wlader\AppData\Local\Temp\atdl.exe C:\Users\Wlader\AppData\Local\Temp\C463.tmp.exe C:\Users\Wlader\AppData\Local\Temp\CA5C.tmp.exe C:\Users\Wlader\AppData\Local\Temp\CB07.tmp.exe C:\Users\Wlader\AppData\Local\Temp\CE4C.tmp.exe C:\Users\Wlader\AppData\Local\Temp\D4A5.tmp.exe C:\Users\Wlader\AppData\Local\Temp\D4A9.tmp.exe C:\Users\Wlader\AppData\Local\Temp\D698.tmp.exe C:\Users\Wlader\AppData\Local\Temp\DB0C.tmp.exe C:\Users\Wlader\AppData\Local\Temp\DD30.tmp.exe C:\Users\Wlader\AppData\Local\Temp\DEC0.tmp.exe C:\Users\Wlader\AppData\Local\Temp\DOABUOFC2N.exe C:\Users\Wlader\AppData\Local\Temp\E9EA.tmp.exe C:\Users\Wlader\AppData\Local\Temp\EBE2.tmp.exe C:\Users\Wlader\AppData\Local\Temp\EF44.tmp.exe C:\Users\Wlader\AppData\Local\Temp\FF93.tmp.exe C:\Users\Wlader\AppData\Local\Temp\ICReinstall_760C.tmp.exe C:\Users\Wlader\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Wlader\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe C:\Users\Wlader\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74672_Silence.exe C:\Users\Wlader\AppData\Local\Temp\set.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-01-27 19:44 ==================== Fim de FRST.txt ============================