Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:01-03-2016 Executado por inteligente (administrador) em JEFERSON (01-03-2016 18:47:07) Executando a partir de C:\Users\inteligente\Downloads\Programs Perfis Carregados: inteligente & UpdatusUser (Perfis Disponíveis: inteligente & UpdatusUser) Platform: Microsoft Windows 8.1 Pro (X86) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão não detectado!) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\ProgramData\msiql.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\CalendarTool\2.0.0.11189\CalendarServ.exe () C:\Program Files\CalendarTool\2.0.0.11189\calendar.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (DotC United Inc) C:\Program Files\MPC Cleaner\MPCProtectService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Users\inteligente\Downloads\NetFree.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cscript.exe (Microsoft Corporation) C:\Windows\System32\cscript.exe (Microsoft Corporation) C:\Windows\System32\cscript.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation) HKLM\...\Run: [mbot_br_014010248] => C:\Program Files\mbot_br_014010248\mbot_br_014010248.exe [3956912 2016-02-24] () HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] () HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] () HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader) HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.exe [2720256 2016-02-28] () HKLM\...\RunOnce: [upmbot_br_014010248.exe] => C:\Users\inteligente\AppData\Local\mbot_br_014010248\upmbot_br_014010248.exe [3154096 2016-02-24] () HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Google Update] => C:\Users\inteligente\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-06-26] (Google Inc.) HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [GoogleChromeAutoLaunch_68045D971537979E5777731F335CEF5C] => C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.) HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [d4ba9a278de88f94a3dc5dae09d5ddd1] => C:\Users\inteligente\AppData\Roaming\csrss.exe [128000 2016-02-25] () HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [MSConfig] => C:\Users\inteligente\mmvvjuhh.exe [45568000 2016-02-26] (JOG) HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.) HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [C] => cmd /c(@attrib -H -R -S C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\Windows\system32\GroupPolicy\Machine\R C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (a entrada de dados tem 99 mais caracteres). HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [WindApp] => "C:\Users\inteligente\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Selection Tools] => "C:\Users\inteligente\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [YeaInstaller] => C:\Users\inteligente\AppData\Local\Temp\72166L5UH\E6PS6O1EC.exe [1968128 2016-03-01] (TZ) <===== ATENÇÃO HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [msiql] => c:\programdata\msiql.exe [2415616 2016-01-26] () HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [CrashService] => "C:\Users\inteligente\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME) HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\MountPoints2: {b34aea33-ba0a-11e4-9713-806e6f6e6963} - "K:\SETUP.EXE" HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader) HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.exe [2720256 2016-02-28] () ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) Startup: C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d4ba9a278de88f94a3dc5dae09d5ddd1.exe [2016-02-25] () CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 172.35.255.2 8.8.8.8 Tcpip\..\Interfaces\{9AEB4FAB-F7B8-4285-84E9-52B301A334CE}: [DhcpNameServer] 172.35.255.2 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX&q={searchTerms} HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms} HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/ HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms} URLSearchHook: [S-1-5-21-962113958-2137007927-2541743853-1001] ATENÇÃO => A URLSearchHook Padrão está ausente URLSearchHook: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 - (Sem Nome) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Nenhum Arquivo URLSearchHook: [S-1-5-21-962113958-2137007927-2541743853-1004] ATENÇÃO => A URLSearchHook Padrão está ausente SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKU\.DEFAULT -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms} SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms} SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q= BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation) BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-02-28] () BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] () BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation) Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] () StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX FireFox: ======== FF ProfilePath: C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin HKU\S-1-5-21-962113958-2137007927-2541743853-1001: @tools.google.com/Google Update;version=3 -> C:\Users\inteligente\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-24] (Google Inc.) FF Plugin HKU\S-1-5-21-962113958-2137007927-2541743853-1001: @tools.google.com/Google Update;version=9 -> C:\Users\inteligente\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-24] (Google Inc.) FF user.js: detected! => C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default\user.js [2016-03-01] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-25] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-25] FF Extension: Sem Nome - C:\Program Files\Fiddler2\FiddlerHook [não encontrado (a)] FF Extension: Cookies Export/import - C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default\Extensions\CookiesIE@yahoo.com.xpi [2015-06-26] FF HKU\.DEFAULT\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files\version09CheckMeUp\194.xpi => não encontrado (a) FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27] FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\inteligente\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\inteligente\AppData\Roaming\IDM\idmmzcc5 [2016-03-01] [não assinado] Chrome: ======= CHR dev: Chrome dev build detectado! <======= ATENÇÃO CHR HomePage: Default -> hxxp://www.google.com.br/ CHR StartupUrls: Default -> "hxxp://www.google.com.br/" CHR Profile: C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-26] CHR Extension: (Google Docs) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-26] CHR Extension: (Bíblia Católica Online) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoobfofcfmnhbjanfpkjemoceiefbbeb [2015-06-26] CHR Extension: (Google Drive) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-24] CHR Extension: (YouTube) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25] CHR Extension: (Adblock Plus) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-25] CHR Extension: (Google Search) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-24] CHR Extension: (Block site) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2016-02-25] CHR Extension: (Mail Control) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejlhiijedldjjdmjgfiainenegbkokhn [2015-06-26] CHR Extension: (Planilhas do Google) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-26] CHR Extension: (Documentos Google off-line) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-25] CHR Extension: (AdBlock) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-25] CHR Extension: (Red Ball) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjalmjfkbijjjomllohadmkfkhgonop [2015-06-26] CHR Extension: (IDM Integration Module) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-26] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-25] CHR Extension: (AdBlock Pro) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-02-25] CHR Extension: (Ultimos Torrents) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\onidcjfimideopiecibkenlependfjhf [2015-07-01] CHR Extension: (Gmail) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-26] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 BrsHelper; C:\Program Files\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] () S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-01-11] () [Arquivo não assinado] S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-03-01] (TODO: ) [Arquivo não assinado] R2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [348640 2016-03-01] (DotC United Inc) S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [947712 2016-02-28] () [Arquivo não assinado] R2 TheCalendarService; C:\Program Files\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-30] (Microsoft Corporation) R2 WSServiceCrk; C:\Windows\system32\wsservice_crk.dll [102400 2012-11-27] (DeadPihto) [Arquivo não assinado] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [47512 2016-03-01] () [Arquivo não assinado] R3 L1E; C:\Windows\system32\DRIVERS\L1E62x86.sys [55296 2013-06-18] (Atheros Communications, Inc.) U0 MPCBase; C:\Windows\System32\drivers\MPCBase.sys [29032 2016-03-01] (DotC United Inc) R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [52456 2016-03-01] (DotC United Inc) R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [49824 2015-10-22] (YTDownloader) R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [25600 2016-02-28] () [Arquivo não assinado] R2 SPDRIVER_1.42.1.10647; C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.sys [32256 2016-02-28] () [Arquivo não assinado] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [30224 2013-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [202584 2013-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93016 2013-10-30] (Microsoft Corporation) R2 WinDivert32; C:\Windows\System32\drivers\WinDivert32.sys [33792 2014-12-10] (Basil's Projects) [Arquivo não assinado] R3 WUDFSensorLP; C:\Windows\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-03-01 18:46 - 2016-03-01 18:47 - 00000000 ____D C:\FRST 2016-03-01 18:35 - 2016-03-01 18:35 - 00000000 ____D C:\Users\inteligente\AppData\Local\BrowserHelper 2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____D C:\Program Files\YTDownloader 2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3 2016-03-01 18:32 - 2016-03-01 18:34 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3 2016-03-01 18:32 - 2016-03-01 18:34 - 00000000 ____D C:\ProgramData\ShopperPro3 2016-03-01 18:32 - 2016-03-01 18:32 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3 2016-03-01 18:32 - 2016-03-01 18:32 - 00000000 ____D C:\Program Files\ShopperPro3 2016-03-01 18:31 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\mystarttb 2016-03-01 18:30 - 2016-03-01 18:30 - 00000000 ____D C:\Users\inteligente\AppData\Local\Chromium 2016-03-01 18:29 - 2016-03-01 18:29 - 00000000 ____D C:\Users\Todos os Usuários\Vuofnafiwuam 2016-03-01 18:29 - 2016-03-01 18:29 - 00000000 ____D C:\ProgramData\Vuofnafiwuam 2016-03-01 18:27 - 2016-03-01 18:27 - 00002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk 2016-03-01 18:26 - 2016-03-01 18:26 - 00001856 _____ C:\Users\UpdatusUser\Desktop\MixVideoPlayer.lnk 2016-03-01 18:26 - 2016-03-01 18:26 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue 2016-03-01 18:26 - 2016-03-01 18:26 - 00000000 ____D C:\ProgramData\Uniblue 2016-03-01 18:25 - 2016-03-01 18:34 - 00002494 _____ C:\Users\inteligente\Desktop\chrome.lnk 2016-03-01 18:24 - 2016-03-01 18:24 - 00002501 _____ C:\Windows\patsearch.bin 2016-03-01 18:24 - 2016-03-01 18:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf 2016-03-01 18:23 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\version09CheckMeUp 2016-03-01 18:23 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\MixVideoPlayer 2016-03-01 18:23 - 2016-03-01 18:23 - 00052456 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys 2016-03-01 18:23 - 2016-03-01 18:23 - 00029032 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCBase.sys 2016-03-01 18:23 - 2016-03-01 18:23 - 00000000 ____D C:\Program Files\MPC Cleaner 2016-03-01 18:21 - 2016-03-01 18:21 - 00000000 ____D C:\Program Files\CalendarTool 2016-03-01 18:21 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe 2016-03-01 18:21 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe 2016-03-01 18:21 - 2015-12-10 15:43 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe 2016-03-01 18:21 - 2015-12-10 15:43 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe 2016-03-01 18:21 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe 2016-03-01 18:21 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe 2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg 2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\ProgramData\WindowsMsg 2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\Program Files\osTip 2016-03-01 18:19 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe 2016-03-01 18:19 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe 2016-03-01 18:18 - 2016-03-01 18:18 - 00010365 _____ C:\Users\Todos os Usuários\webad.xml 2016-03-01 18:18 - 2016-03-01 18:18 - 00010365 _____ C:\ProgramData\webad.xml 2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\Public\Documents\Tools 2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\Public\Documents\Baidu 2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\CalendarTool 2016-03-01 18:18 - 2016-01-26 11:54 - 02415616 _____ C:\Users\Todos os Usuários\msiql.exe 2016-03-01 18:18 - 2016-01-26 11:54 - 02415616 _____ C:\ProgramData\msiql.exe 2016-03-01 18:18 - 2015-11-25 15:31 - 01100288 _____ C:\Users\inteligente\AppData\Roaming\HomePage.exe 2016-03-01 18:17 - 2016-03-01 18:19 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update 2016-03-01 18:17 - 2016-03-01 18:19 - 00000000 ____D C:\ProgramData\Windows Update 2016-03-01 18:17 - 2016-03-01 18:17 - 02786816 _____ (TODO: ) C:\Users\inteligente\AppData\Roaming\svrupg.exe 2016-03-01 18:17 - 2016-03-01 18:17 - 00010365 _____ C:\Users\inteligente\AppData\Roaming\webad.xml 2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\Public\Documents\Guid 2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\inteligente\AppData\LocalLow\Company 2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\inteligente\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} 2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\uninst 2016-03-01 18:17 - 2016-01-26 11:54 - 02415616 _____ C:\Users\inteligente\AppData\Roaming\msiql.exe 2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Todos os Usuários\service.exe 2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\Users\inteligente\AppData\Roaming\service.exe 2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\ProgramData\service.exe 2016-03-01 18:17 - 2015-12-10 15:43 - 00600312 _____ C:\Users\inteligente\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe 2016-03-01 15:49 - 2016-03-01 18:17 - 00047512 _____ C:\Windows\system32\Drivers\cherimoya.sys 2016-02-26 23:31 - 2016-02-26 23:31 - 00000000 ____D C:\Windows\system32\MpEngineStore 2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\Users\Todos os Usuários\3a7daf8b000040b9 2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\ProgramData\3a7daf8b000040b9 2016-02-26 16:39 - 2016-02-26 16:39 - 00000944 _____ C:\Windows\system32\${LOGFILE} 2016-02-26 16:36 - 2016-02-26 16:37 - 00000029 _____ C:\Windows\system32\L 2016-02-26 16:25 - 2016-02-26 16:25 - 05933558 _____ (MediaPlayAir ) C:\Users\inteligente\Downloads\FlashPlayerPro [1].exe 2016-02-26 15:59 - 2016-02-26 15:59 - 00000000 ____D C:\Program Files\03000200-1456513149-0500-0006-000700080009 2016-02-26 15:58 - 2016-02-26 16:41 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\WTools 2016-02-26 15:58 - 2016-02-26 16:39 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Store 2016-02-26 15:57 - 2016-02-26 16:40 - 00000000 ____D C:\Program Files\Torrent Search 2016-02-26 15:57 - 2016-02-26 16:39 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Nosibay 2016-02-26 15:57 - 2016-02-26 16:20 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\TSearch 2016-02-26 15:56 - 2016-02-26 21:51 - 06511096 _____ () C:\Users\inteligente\Desktop\IDM 6.exe 2016-02-26 15:56 - 2016-02-26 16:37 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol 2016-02-26 15:56 - 2016-02-26 16:37 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-02-26 15:56 - 2016-02-26 15:56 - 00000008 __RSH C:\Users\inteligente\ntuser.pol 2016-02-26 15:55 - 2016-02-26 16:24 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\IDM 2016-02-26 15:55 - 2016-02-26 15:55 - 00829830 _____ C:\Windows\system32\SearchProtectService.exe 2016-02-26 15:55 - 2016-02-26 15:55 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-02-26 15:55 - 2016-02-26 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-02-26 15:54 - 2016-02-26 15:54 - 00001298 _____ C:\Users\Public\Desktop\Download IDM 6.25 Build...lnk 2016-02-26 15:51 - 2016-02-26 15:53 - 06511164 _____ C:\Users\inteligente\Downloads\IDM 6 (1).rar 2016-02-26 15:51 - 2016-02-26 15:52 - 06511164 _____ C:\Users\inteligente\Downloads\IDM 6.rar 2016-02-26 15:36 - 2014-04-15 20:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2016-02-26 15:31 - 2016-02-26 15:31 - 45568000 ____H (JOG) C:\Users\inteligente\mmvvjuhh.exe 2016-02-25 20:44 - 2016-02-25 21:50 - 722033176 _____ C:\Users\inteligente\Downloads\A Maldição de Oak Island - 1 Temporada Completa HD - Uma Playlist video no Dailymotion.ts 2016-02-25 20:09 - 2016-03-01 17:58 - 00000000 ____D C:\Program Files\Internet Download Manager 2016-02-25 20:09 - 2016-02-26 22:25 - 00000000 ____D C:\Users\inteligente\Downloads\Video 2016-02-25 20:09 - 2016-02-26 15:58 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\DMCache 2016-02-25 20:09 - 2016-02-25 20:09 - 00001000 _____ C:\Users\inteligente\Desktop\Internet Download Manager.lnk 2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\Users\Todos os Usuários\IDM 2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\Users\inteligente\Downloads\Compressed 2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\ProgramData\IDM 2016-02-25 20:08 - 2016-02-25 20:08 - 06823832 _____ (Tonec Inc.) C:\Users\inteligente\Downloads\idman625build12.exe 2016-02-25 19:48 - 2016-02-25 19:48 - 00000000 ____D C:\Users\inteligente\AppData\Local\Setup Wizard 2016-02-25 00:04 - 2016-03-01 18:20 - 00000000 ____D C:\Users\inteligente\AppData\Local\mbot_br_014010248 2016-02-25 00:04 - 2016-02-25 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY 2016-02-25 00:04 - 2016-02-25 00:04 - 00000000 ____D C:\Program Files\mbot_br_014010248 2016-02-24 23:58 - 2016-02-24 23:58 - 00000000 ____D C:\Program Files\KMSPico 10.0.6 2016-02-24 23:57 - 2016-02-24 23:57 - 00949044 _____ C:\Users\inteligente\Downloads\KMSPico 10.0.9 Final.zip 2016-02-24 22:17 - 2015-05-30 16:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-02-24 22:17 - 2015-05-30 16:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2016-02-24 22:17 - 2014-12-08 16:46 - 00485544 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2016-02-24 22:17 - 2014-12-08 16:46 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2016-02-24 22:17 - 2014-12-08 16:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-02-24 22:17 - 2014-12-08 16:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2016-02-24 22:17 - 2014-12-08 16:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2016-02-24 22:17 - 2014-10-29 00:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2016-02-24 22:17 - 2014-10-29 00:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2016-02-24 22:17 - 2014-10-29 00:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-02-24 22:17 - 2014-10-29 00:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2016-02-24 22:17 - 2014-10-29 00:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2016-02-24 22:17 - 2014-10-29 00:07 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2016-02-24 22:17 - 2014-10-28 22:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2016-02-24 21:42 - 2015-09-29 09:36 - 05768024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-24 21:42 - 2015-09-29 09:36 - 01393072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-02-24 21:42 - 2015-09-29 09:36 - 01282528 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-02-24 21:42 - 2015-09-29 09:36 - 01269072 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-02-24 21:42 - 2015-09-29 09:36 - 01168920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-02-24 21:42 - 2015-09-24 14:12 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe 2016-02-24 21:42 - 2015-09-24 14:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll 2016-02-24 21:42 - 2015-09-24 13:57 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll 2016-02-24 21:42 - 2015-09-24 13:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-02-24 21:42 - 2015-08-07 18:46 - 01469456 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-24 21:42 - 2015-07-13 16:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-02-24 21:42 - 2015-07-13 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-24 21:42 - 2015-04-24 23:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2016-02-24 21:42 - 2015-03-20 00:25 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2016-02-24 21:42 - 2014-10-28 22:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe 2016-02-24 21:42 - 2014-10-28 22:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe 2016-02-24 21:42 - 2014-10-28 22:35 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe 2016-02-24 21:42 - 2014-10-28 22:18 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll 2016-02-24 21:42 - 2014-10-28 22:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe 2016-02-24 21:42 - 2014-10-28 21:57 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2016-02-24 21:42 - 2014-10-28 21:56 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2016-02-24 21:42 - 2014-10-23 02:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2016-02-24 21:42 - 2014-10-17 03:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-02-24 21:41 - 2015-07-22 11:15 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-02-24 21:41 - 2015-07-22 10:50 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-02-24 21:41 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2016-02-24 21:41 - 2015-06-28 02:12 - 00851704 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-24 21:41 - 2015-06-28 02:12 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-24 21:41 - 2015-06-28 02:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-24 21:41 - 2015-06-26 23:18 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-24 21:41 - 2015-06-26 23:17 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-24 21:41 - 2015-06-26 23:17 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-24 21:41 - 2015-06-26 22:27 - 01117696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-24 21:41 - 2015-06-26 22:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-24 21:41 - 2015-06-19 14:03 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2016-02-24 21:41 - 2015-06-15 18:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-02-24 21:41 - 2015-06-15 18:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-02-24 21:41 - 2015-06-15 16:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-24 21:41 - 2015-03-30 02:51 - 00478776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-02-24 21:41 - 2015-03-05 23:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2016-02-24 21:41 - 2014-10-28 23:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-24 21:41 - 2014-10-28 23:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-24 21:41 - 2014-10-28 22:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-02-24 21:41 - 2014-10-28 22:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-02-24 21:41 - 2014-10-28 22:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe 2016-02-24 21:41 - 2014-10-28 22:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2016-02-24 21:41 - 2014-10-28 22:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll 2016-02-24 21:41 - 2014-04-03 00:46 - 01871704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-02-24 21:41 - 2014-04-03 00:46 - 00286040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-02-24 21:40 - 2015-12-02 12:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-02-24 21:40 - 2015-08-26 23:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-24 21:40 - 2015-06-27 08:53 - 00108888 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-02-24 21:40 - 2015-02-20 20:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2016-02-24 21:40 - 2014-10-28 23:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll 2016-02-24 21:38 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2016-02-24 21:38 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-02-24 21:19 - 2014-07-24 00:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2016-02-24 20:49 - 2015-12-17 14:45 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-02-24 20:49 - 2015-12-17 13:11 - 02975744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-02-24 20:49 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-02-24 20:49 - 2015-08-01 11:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-02-24 20:49 - 2015-04-08 19:59 - 00333624 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2016-02-24 20:49 - 2015-03-04 07:05 - 00279360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2016-02-24 20:49 - 2015-03-03 23:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2016-02-24 20:49 - 2015-01-29 23:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys 2016-02-24 20:49 - 2014-10-29 00:10 - 00022848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2016-02-24 20:49 - 2014-10-28 23:01 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-02-24 20:49 - 2014-10-28 22:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-02-24 20:49 - 2014-10-28 22:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2016-02-24 20:49 - 2014-10-28 22:46 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-02-24 20:48 - 2015-10-08 12:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll 2016-02-24 20:48 - 2015-09-07 12:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2016-02-24 20:48 - 2015-09-07 12:53 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2016-02-24 20:48 - 2015-09-07 12:51 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2016-02-24 20:48 - 2015-09-07 12:22 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-02-24 20:48 - 2015-03-03 22:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2016-02-24 20:48 - 2015-01-28 21:56 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-02-24 20:48 - 2014-10-31 20:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2016-02-24 20:48 - 2014-10-28 22:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe 2016-02-24 20:48 - 2014-10-28 22:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2016-02-24 20:48 - 2014-10-28 22:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll 2016-02-24 20:48 - 2014-10-28 22:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2016-02-24 20:48 - 2014-10-28 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2016-02-24 20:48 - 2014-10-28 21:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\LocalLow\EmieUserList 2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\LocalLow\EmieSiteList 2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\Local\EmieUserList 2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\Local\EmieSiteList 2016-02-11 11:26 - 2016-01-28 06:20 - 00134248 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-03-01 18:46 - 2015-06-26 13:26 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-03-01 18:33 - 2013-08-22 05:17 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-03-01 18:25 - 2013-08-22 05:17 - 00000000 ____D C:\Windows\AppReadiness 2016-03-01 18:22 - 2015-06-26 13:26 - 00001186 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-01 18:22 - 2015-06-26 13:26 - 00001174 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-01 18:15 - 2015-02-21 17:52 - 00000000 ____D C:\Users\inteligente\AppData\Local\Packages 2016-03-01 18:15 - 2013-08-22 05:17 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-01 18:04 - 2015-03-04 17:21 - 00000000 ____D C:\Users\UpdatusUser 2016-03-01 18:04 - 2015-02-21 18:06 - 00000000 __RDO C:\Users\inteligente\SkyDrive 2016-03-01 18:02 - 2013-08-22 04:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-01 17:58 - 2013-08-22 05:17 - 00000000 ___RD C:\Windows\ToastData 2016-03-01 17:58 - 2013-08-22 03:21 - 00000000 ____D C:\Windows\inf 2016-02-26 23:31 - 2015-03-04 18:26 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-02-26 23:31 - 2015-03-04 18:26 - 00000000 ____D C:\Windows\system32\MRT 2016-02-26 23:30 - 2015-06-26 09:42 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-962113958-2137007927-2541743853-1001Core.job 2016-02-26 17:23 - 2013-08-22 05:05 - 00000000 ____D C:\Windows\CbsTemp 2016-02-26 16:01 - 2015-03-04 20:53 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\.minecraft 2016-02-26 15:56 - 2015-02-21 17:52 - 00000000 ____D C:\Users\inteligente 2016-02-26 12:02 - 2013-08-22 03:13 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-02-25 18:11 - 2015-02-21 17:58 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-25 18:11 - 2013-08-22 11:12 - 00774702 _____ C:\Windows\system32\prfh0416.dat 2016-02-25 18:11 - 2013-08-22 11:12 - 00158296 _____ C:\Windows\system32\prfc0416.dat 2016-02-25 18:07 - 2015-07-01 17:35 - 00128000 _____ C:\Users\inteligente\AppData\Roaming\csrss.exe 2016-02-25 00:01 - 2013-08-22 05:17 - 00000000 ____D C:\Windows\System 2016-02-25 00:01 - 2013-08-22 01:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdmd.dll 2016-02-25 00:01 - 2013-08-22 01:05 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com 2016-02-25 00:01 - 2013-08-22 01:04 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\win.com 2016-02-25 00:01 - 2013-08-22 01:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll 2016-02-25 00:01 - 2013-08-22 00:55 - 00536576 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00092320 _____ (Microsoft Corporation) C:\Windows\system32\krnl386.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00069886 _____ C:\Windows\system32\edit.com 2016-02-25 00:01 - 2013-08-21 22:42 - 00068992 _____ (Microsoft Corporation) C:\Windows\system32\MMSYSTEM.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00068992 _____ (Microsoft Corporation) C:\Windows\system\MMSYSTEM.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00050648 _____ C:\Windows\system32\COMMAND.COM 2016-02-25 00:01 - 2013-08-21 22:42 - 00047840 _____ (Microsoft Corporation) C:\Windows\system32\USER.EXE 2016-02-25 00:01 - 2013-08-21 22:42 - 00042809 _____ C:\Windows\system32\KEY01.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00042537 _____ C:\Windows\system32\KEYBOARD.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\DDEML.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00039274 _____ C:\Windows\system32\mem.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00035776 _____ C:\Windows\system32\NTIO411.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00035552 _____ C:\Windows\system32\NTIO412.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00034688 _____ C:\Windows\system32\NTIO804.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00034688 _____ C:\Windows\system32\NTIO404.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00033968 _____ C:\Windows\system32\NTIO.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00029370 _____ C:\Windows\system32\NTDOS411.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00029274 _____ C:\Windows\system32\NTDOS412.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00029146 _____ C:\Windows\system32\NTDOS804.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00029146 _____ C:\Windows\system32\NTDOS404.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00027866 _____ C:\Windows\system32\NTDOS.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00027097 _____ C:\Windows\system32\country.sys 2016-02-25 00:01 - 2013-08-21 22:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\GDI.EXE 2016-02-25 00:01 - 2013-08-21 22:42 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\OLESVR.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00024064 _____ (Microsoft Corporation) C:\Windows\system\OLESVR.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00021232 _____ C:\Windows\system32\graphics.pro 2016-02-25 00:01 - 2013-08-21 22:42 - 00020634 _____ C:\Windows\system32\debug.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00019694 _____ C:\Windows\system32\GRAPHICS.COM 2016-02-25 00:01 - 2013-08-21 22:42 - 00014710 _____ C:\Windows\system32\KB16.COM 2016-02-25 00:01 - 2013-08-21 22:42 - 00012704 _____ (Microsoft Corporation) C:\Windows\system32\WFWNET.DRV 2016-02-25 00:01 - 2013-08-21 22:42 - 00012704 _____ (Microsoft Corporation) C:\Windows\system\WFWNET.DRV 2016-02-25 00:01 - 2013-08-21 22:42 - 00012642 _____ C:\Windows\system32\edlin.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00012498 _____ C:\Windows\system32\append.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00011753 _____ C:\Windows\system32\setver.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00010790 _____ C:\Windows\system32\EDIT.HLP 2016-02-25 00:01 - 2013-08-21 22:42 - 00010544 _____ (Microsoft Corporation) C:\Windows\system32\COMM.drv 2016-02-25 00:01 - 2013-08-21 22:42 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\WIFEMAN.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00009029 _____ C:\Windows\system32\ANSI.SYS 2016-02-25 00:01 - 2013-08-21 22:42 - 00008424 _____ C:\Windows\system32\exe2bin.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00007052 _____ C:\Windows\system32\nlsfunc.exe 2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\WINNLS.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\SHELL.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL 2016-02-25 00:01 - 2013-08-21 22:42 - 00004768 _____ C:\Windows\system32\HIMEM.SYS 2016-02-25 00:01 - 2013-08-21 22:40 - 00028112 _____ (Microsoft Corporation) C:\Windows\system32\DRWATSON.EXE 2016-02-25 00:01 - 2013-08-21 22:40 - 00013888 _____ (Microsoft Corporation) C:\Windows\system32\TOOLHELP.DLL 2016-02-25 00:01 - 2013-08-21 22:38 - 00053600 _____ C:\Windows\system32\dosx.exe 2016-02-25 00:01 - 2013-08-21 22:35 - 00032816 _____ (Microsoft Corporation) C:\Windows\system32\COMMDLG.DLL 2016-02-25 00:01 - 2013-08-21 22:35 - 00032816 _____ (Microsoft Corporation) C:\Windows\system\COMMDLG.DLL 2016-02-25 00:01 - 2013-08-21 20:48 - 00256192 _____ (Microsoft Corporation) C:\Windows\winhelp.exe 2016-02-25 00:01 - 2013-08-21 20:48 - 00221600 _____ (Microsoft Corporation) C:\Windows\system32\lanman.drv 2016-02-25 00:01 - 2013-08-21 20:48 - 00177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00127213 _____ C:\Windows\system32\ega.cpi 2016-02-25 00:01 - 2013-08-21 20:48 - 00108464 _____ (Microsoft Corporation) C:\Windows\system32\netapi.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\olecli.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00082944 _____ (Microsoft Corporation) C:\Windows\system\olecli.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pmspl.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00028420 _____ C:\Windows\system32\bios1.rom 2016-02-25 00:01 - 2013-08-21 20:48 - 00027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00027200 _____ (Microsoft Corporation) C:\Windows\system32\ctl3dv2.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00018896 _____ (Microsoft Corporation) C:\Windows\system32\sysedit.exe 2016-02-25 00:01 - 2013-08-21 20:48 - 00018832 _____ C:\Windows\system32\v7vga.rom 2016-02-25 00:01 - 2013-08-21 20:48 - 00013312 _____ C:\Windows\system32\win87em.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00009936 _____ (Microsoft Corporation) C:\Windows\system32\lzexpand.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00009936 _____ (Microsoft Corporation) C:\Windows\system\lzexpand.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00009008 _____ (Microsoft Corporation) C:\Windows\system32\ver.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00009008 _____ (Microsoft Corporation) C:\Windows\system\ver.dll 2016-02-25 00:01 - 2013-08-21 20:48 - 00008191 _____ C:\Windows\system32\bios4.rom 2016-02-25 00:01 - 2013-08-21 20:48 - 00005532 _____ (Microsoft Corporation) C:\Windows\system\stdole.tlb 2016-02-25 00:01 - 2013-08-21 20:48 - 00004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll 2016-02-24 21:25 - 2015-06-26 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-02-24 21:24 - 2015-06-26 11:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-24 21:12 - 2015-03-04 20:01 - 00000000 ____D C:\Users\Todos os Usuários\10757429437643772310 2016-02-24 21:12 - 2015-03-04 20:01 - 00000000 ____D C:\ProgramData\10757429437643772310 2016-02-24 20:49 - 2015-06-26 09:42 - 00002479 _____ C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-24 20:34 - 2015-06-26 09:42 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-962113958-2137007927-2541743853-1001UA.job ==================== Arquivos na raiz de alguns diretórios ======= 2016-02-26 15:56 - 2016-02-26 15:59 - 0001356 _____ () C:\Users\inteligente\AppData\Roaming\Bubble Dock.boostrap.log 2016-02-26 15:56 - 2016-02-26 15:57 - 0005748 _____ () C:\Users\inteligente\AppData\Roaming\Bubble Dock.installation.log 2015-07-01 17:35 - 2016-02-25 18:07 - 0128000 _____ () C:\Users\inteligente\AppData\Roaming\csrss.exe 2016-03-01 18:18 - 2015-11-25 15:31 - 1100288 _____ () C:\Users\inteligente\AppData\Roaming\HomePage.exe 2016-03-01 18:17 - 2016-01-26 11:54 - 2415616 _____ () C:\Users\inteligente\AppData\Roaming\msiql.exe 2016-02-26 15:58 - 2016-02-26 15:58 - 0000078 _____ () C:\Users\inteligente\AppData\Roaming\Selection Tools.installation.log 2016-03-01 18:17 - 2016-01-11 15:49 - 1734656 _____ () C:\Users\inteligente\AppData\Roaming\service.exe 2016-03-01 18:17 - 2016-03-01 18:17 - 2786816 _____ (TODO: ) C:\Users\inteligente\AppData\Roaming\svrupg.exe 2016-03-01 18:17 - 2016-03-01 18:17 - 0010365 _____ () C:\Users\inteligente\AppData\Roaming\webad.xml 2016-02-26 15:56 - 2016-02-26 15:56 - 0000097 _____ () C:\Users\inteligente\AppData\Roaming\WindApp.boostrap.log 2016-02-26 15:58 - 2016-02-26 15:58 - 0000078 _____ () C:\Users\inteligente\AppData\Roaming\WindApp.installation.log 2016-03-01 18:17 - 2015-12-10 15:43 - 0600312 _____ () C:\Users\inteligente\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe 2016-03-01 18:21 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe 2016-03-01 18:21 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe 2016-03-01 18:19 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe 2016-03-01 18:18 - 2016-01-26 11:54 - 2415616 _____ () C:\ProgramData\msiql.exe 2016-03-01 18:17 - 2016-01-11 15:49 - 1734656 _____ () C:\ProgramData\service.exe 2016-03-01 18:18 - 2016-03-01 18:18 - 0010365 _____ () C:\ProgramData\webad.xml 2016-03-01 18:21 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe Arquivos para serem movidos ou deletados: ==================== C:\Users\inteligente\AppData\Local\Temp\72166L5UH\E6PS6O1EC.exe C:\ProgramData\delCalendarReg.exe C:\ProgramData\HomePage.exe C:\ProgramData\LightGate.exe C:\ProgramData\msiql.exe C:\ProgramData\service.exe C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe C:\Users\inteligente\mmvvjuhh.exe C:\Users\Todos os Usuários\delCalendarReg.exe C:\Users\Todos os Usuários\HomePage.exe C:\Users\Todos os Usuários\LightGate.exe C:\Users\Todos os Usuários\msiql.exe C:\Users\Todos os Usuários\service.exe C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe Alguns arquivos em TEMP: ==================== C:\Users\inteligente\AppData\Local\Temp\qqpcmgr_v11.3.17201.218_45220_Silence.exe C:\Users\inteligente\AppData\Local\Temp\setup_mbot_br.exe C:\Users\inteligente\AppData\Local\Temp\Ws Service Crack For Windows 8 Downloader__3687_i1543379070_il1000952.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-02-24 20:59 ==================== Fim de FRST.txt ============================