Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por lelet (administrador) em LETICIA (11-03-2016 01:02:28)
Executando a partir de C:\Users\lelet\Downloads
Perfis Carregados: lelet (Perfis Disponíveis: lelet)
Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.3.7.5967\bassvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenShotServ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TU-Funs LIMITED) C:\ProgramData\UWdMU\WdMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenSnapshot.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Baidu, Inc.) C:\Program Files (x86)\Baidu Security\MoboMarket\1.3.7.5967\bastray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Sound+) C:\Program Files\Sound+\Sound+.exe
(Spotify Ltd) C:\Users\lelet\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\lelet\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\lelet\AppData\Roaming\Spotify\Spotify.exe
(Hola Networks Ltd.) C:\Users\lelet\AppData\Local\Hola\local\app\hola.exe
(Spotify Ltd) C:\Users\lelet\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Hola Networks Ltd.) C:\Users\lelet\AppData\Local\Hola\local\app\hola_svc.exe
(Hola Networks Ltd.) C:\Users\lelet\AppData\Local\Hola\local\app\hola_updater.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Spotify Ltd) C:\Users\lelet\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\lelet\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files\lenovo\Lenovo Solution Center\LSCNotify.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe
(U) C:\Windows\Temp\B6FB.tmp
() C:\Users\lelet\AppData\Local\DF938D4D-1457562069-11E4-944E-641C67711FA7\qnsgCDDE.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRTP.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMDeskTopGC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe
() C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7\knsf1F4B.tmp
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_2.6.16.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
() C:\Program Files\WindowsApps\9FD20106.MediaPlayerQueen_1.1.10.0_x64__nwhm06f2kfry2\MediaPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7\knse7E1A.tmp
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUsbGuard.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-18] (Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Sound+] => C:\Program Files\Sound+\Sound+.exe [3655680 2016-02-03] (Sound+)
HKLM\...\Run: [IDSCPRODUCT] => C:\Program Files\Sound+\\idscservice.exe [708096 2016-03-02] (NothingElse)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\qq\qq.exe
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\qq\Uninst.exe [1571296 2015-12-28] (Tencent)
HKLM-x32\...\Run: [mbot_en_037050255] => [X]
HKLM-x32\...\Run: [SystemClose] => D:\Documents\systemfile.exe
HKLM-x32\...\Run: [cessrs.exe -start] => C:\Users\lelet\AppData\Roaming\UPUpdata\cessrs.exe [2167808 2016-03-09] ()
HKLM-x32\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe [355296 2016-03-09] (Tencent)
HKLM-x32\...\RunOnce: [Update] => C:\Users\lelet\AppData\Roaming\YSPackage\YSPackage.exe /runonce
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [GoogleChromeAutoLaunch_018CDF12F981C5DDC25590EFDB962B2A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [Spotify Web Helper] => C:\Users\lelet\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-03-02] (Spotify Ltd)
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [BingSvc] => C:\Users\lelet\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [Spotify] => C:\Users\lelet\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-03-02] (Spotify Ltd)
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [hola] => C:\Users\lelet\AppData\Local\Hola\local\app\hola.exe [2031232 2016-01-17] (Hola Networks Ltd.)
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [CrashService] => "C:\Users\lelet\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [msiql] => c:\programdata\msiql.exe [1888256 2016-03-02] ()
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\RunOnce: [Uninstall C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\RunOnce: [Uninstall C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\...\RunOnce: [Uninstall C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lelet\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMGCShellExt64.dll [2016-03-09] (Tencent)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.225.197.34 200.225.197.37
Tcpip\..\Interfaces\{69d0ada0-1309-405f-90f4-4edf8b4835d5}: [DhcpNameServer] 200.225.197.34 200.225.197.37
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdks_inner_hp_09_hao123_br&guid=dd6b038a7839771be7a4a187b60e0cc6
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
HKU\S-1-5-21-2432484045-3698458679-876261402-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
URLSearchHook: HKU\S-1-5-21-2432484045-3698458679-876261402-1001 - (Sem Nome) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Nenhum Arquivo
SearchScopes: HKLM -> DefaultScope {6EC7E3B6-177C-4977-933C-EF57FFED19AF} URL = 
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://search.iminent.com/?appId=807458f8-43e0-4b03-a188-c76956c0b7e8&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2432484045-3698458679-876261402-1001 -> DefaultScope {6EC7E3B6-177C-4977-933C-EF57FFED19AF} URL = hxxp://search.iminent.com/?appId=807458f8-43e0-4b03-a188-c76956c0b7e8&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2432484045-3698458679-876261402-1001 -> {6EC7E3B6-177C-4977-933C-EF57FFED19AF} URL = hxxp://search.iminent.com/?appId=807458f8-43e0-4b03-a188-c76956c0b7e8&ref=toolbox&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TSWebMon64.dat [2016-03-09] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ó¦ÓÃ±¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: Sem Nome -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> Nenhum Arquivo
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-2432484045-3698458679-876261402-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
IE Session Restore: HKU\S-1-5-21-2432484045-3698458679-876261402-1001 -> está habilitado.
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mysites123.com/?type=sc&ts=1456963378&z=f063670b8ca6ba6844a806bg7z2w5q6t4q8cdccm8o&from=tt4u&uid=WDCXWD10JPCX-24UE4T0_WD-WXP1E94FPZW7FPZW7

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Nenhum Arquivo]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-15] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\npQMExtensionsMozilla.dll [2016-03-09] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2432484045-3698458679-876261402-1001: @hola.org/FlashPlayer -> C:\Users\lelet\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-01-17] ()
FF Plugin HKU\S-1-5-21-2432484045-3698458679-876261402-1001: @hola.org/vlc -> C:\Users\lelet\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-01-17] (Hola)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => não encontrado (a)

Chrome: 
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-08]
CHR Extension: (Google Docs) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-08]
CHR Extension: (Google Drive) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-08]
CHR Extension: (YouTube) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-08]
CHR Extension: (Google Search) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-08]
CHR Extension: (Planilhas do Google) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-08]
CHR Extension: (Documentos Google off-line) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-08]
CHR Extension: (Skype) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-08]
CHR Extension: (Gmail) - C:\Users\lelet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-08]
CHR HKU\S-1-5-21-2432484045-3698458679-876261402-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 BASSVC; C:\Program Files (x86)\Baidu Security\MoboMarket\1.3.7.5967\bassvc.exe [208928 2015-04-22] (Baidu, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-09] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2735408 2015-05-06] (ClientConnect LTD)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-08-17] (ELAN Microelectronics Corp.)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1588408 2016-02-04] ()
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-03-09] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-03-09] (TODO:  ) [Arquivo não assinado]
R2 hebisihuzbt; C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7\knse7E1A.tmp [262656 2016-03-10] () [Arquivo não assinado]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 kufudyruzbt; C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7\knsf1F4B.tmp [245248 2016-03-09] () [Arquivo não assinado]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-03-12] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRTP.exe [301728 2016-03-09] (Tencent)
U2 QQRepair1281; C:\WINDOWS\GJFix\QQRepair1281 [129504 2016-03-09] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TheScreenSnapshotService; C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenShotServ.exe [143520 2015-06-15] ()
R2 WdMan; C:\ProgramData\UWdMU\WdMan.exe [330504 2016-03-02] (TU-Funs LIMITED)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [302776 2016-02-02] ()
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [Arquivo não assinado]
R2 zigipyro; C:\Users\lelet\AppData\Local\DF938D4D-1457562069-11E4-944E-641C67711FA7\qnsgCDDE.tmp [158720 2015-12-26] () [Arquivo não assinado]
S2 dojygici; não ImagePath
S2 wucotusy; não ImagePath

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 BprotectEx; C:\WINDOWS\System32\drivers\BprotectEx.sys [78144 2013-09-03] (Baidu, Inc.)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34712 2016-03-02] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys [184536 2016-03-02] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQSysMonX64.sys [138552 2016-03-09] (电脑管家)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-18] (Realtek Semiconductor Corp.)
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys [35128 2016-03-09] (Tencent)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [89464 2016-03-09] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [128312 2016-03-09] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2016-03-09] (电脑管家)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TSDefenseBT64.sys [28984 2016-03-09] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [48440 2016-01-14] ()
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TSSysKit64.sys [87352 2016-03-09] (电脑管家)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 SRepairDrv; \??\C:\WINDOWS\GJFix\SRepairDrv [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-11 01:02 - 2016-03-11 01:03 - 00029970 _____ C:\Users\lelet\Downloads\FRST.txt
2016-03-11 01:02 - 2016-03-11 01:02 - 00000000 ____D C:\FRST
2016-03-11 01:01 - 2016-03-11 01:01 - 02374144 _____ (Farbar) C:\Users\lelet\Downloads\FRST64.exe
2016-03-11 01:01 - 2016-03-11 01:01 - 02374144 _____ (Farbar) C:\Users\lelet\Downloads\FRST64 (1).exe
2016-03-10 14:41 - 2016-03-10 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-03-09 23:58 - 2016-03-09 23:58 - 00000041 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-03-09 23:58 - 2016-03-09 23:58 - 00000041 _____ C:\ProgramData\xcgui_debug.txt
2016-03-09 23:07 - 2016-03-09 23:07 - 00001264 _____ C:\Users\lelet\Desktop\Continue Last version Installation.lnk
2016-03-09 22:24 - 2016-03-09 22:24 - 00005120 _____ C:\Users\lelet\AppData\Roaming\GiftBag.db
2016-03-09 22:24 - 2016-03-09 22:24 - 00000000 ____D C:\WINDOWS\GJFix
2016-03-09 22:24 - 2016-03-09 22:22 - 00128312 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-03-09 22:24 - 2016-03-09 22:22 - 00089464 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-03-09 22:24 - 2016-01-14 06:47 - 00128280 _____ (电脑管家) C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys
2016-03-09 22:23 - 2016-03-09 22:23 - 00002350 _____ C:\Users\Public\Desktop\软件管理.lnk
2016-03-09 22:23 - 2016-03-09 22:23 - 00002325 _____ C:\Users\Public\Desktop\电脑管家.lnk
2016-03-09 22:23 - 2016-03-09 22:23 - 00000000 _____ C:\Users\lelet\Desktop\$电脑管家-清理垃圾$.qmgc
2016-03-09 22:22 - 2016-03-09 22:22 - 00001683 ____R C:\Yeabeats Browser.lnk
2016-03-09 22:22 - 2016-03-09 22:22 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-09 22:22 - 2016-03-09 22:22 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-03-09 22:22 - 2016-03-09 22:22 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-09 22:22 - 2016-03-09 22:22 - 00000000 ____D C:\ProgramData\Windows Update
2016-03-09 22:22 - 2016-03-09 22:22 - 00000000 ____D C:\Program Files (x86)\osTip
2016-03-09 22:22 - 2016-03-09 17:49 - 01275392 _____ (TZ) C:\Users\Todos os Usuários\FrivLauncherUS.exe
2016-03-09 22:22 - 2016-03-09 17:49 - 01275392 _____ (TZ) C:\ProgramData\FrivLauncherUS.exe
2016-03-09 22:22 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-03-09 22:22 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-03-09 22:22 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-03-09 22:22 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-03-09 22:21 - 2016-03-09 22:21 - 01734656 _____ C:\Users\Todos os Usuários\service.exe
2016-03-09 22:21 - 2016-03-09 22:21 - 01734656 _____ C:\ProgramData\service.exe
2016-03-09 22:21 - 2016-03-09 22:21 - 00011633 _____ C:\Users\Todos os Usuários\webad.xml
2016-03-09 22:21 - 2016-03-09 22:21 - 00011633 _____ C:\ProgramData\webad.xml
2016-03-09 22:21 - 2016-03-09 22:21 - 00000925 _____ C:\Users\lelet\Desktop\AutoTime.LNK
2016-03-09 22:21 - 2016-03-09 22:21 - 00000000 ____D C:\Users\Todos os Usuários\Thunder Network
2016-03-09 22:21 - 2016-03-09 22:21 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-09 22:21 - 2016-03-09 22:21 - 00000000 ____D C:\Users\lelet\AppData\Roaming\UPUpdata
2016-03-09 22:21 - 2016-03-09 22:21 - 00000000 ____D C:\Users\lelet\AppData\Local\DF938D4D-1457562069-11E4-944E-641C67711FA7
2016-03-09 22:21 - 2016-03-09 22:21 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-09 22:21 - 2016-03-02 10:49 - 01888256 _____ C:\Users\Todos os Usuários\msiql.exe
2016-03-09 22:21 - 2016-03-02 10:49 - 01888256 _____ C:\ProgramData\msiql.exe
2016-03-09 21:39 - 2016-03-10 21:39 - 00000446 _____ C:\WINDOWS\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2016-03-09 21:39 - 2016-03-09 21:39 - 00003614 _____ C:\WINDOWS\System32\Tasks\ToolsUpdatePlatform_ScheduledTask
2016-03-09 21:39 - 2016-03-09 21:39 - 00000000 ____D C:\Program Files (x86)\ToolsUpdatePlatform
2016-03-09 00:27 - 2016-03-09 00:27 - 01019485 _____ C:\Users\lelet\Downloads\JavaPlugin.zip
2016-03-08 21:50 - 2016-03-08 21:50 - 735717364 _____ C:\WINDOWS\MEMORY.DMP
2016-03-08 21:50 - 2016-03-08 21:50 - 00118188 _____ C:\WINDOWS\Minidump\030816-40375-01.dmp
2016-03-08 21:50 - 2016-03-08 21:50 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-08 21:49 - 2016-03-08 21:49 - 00000000 ____D C:\Users\lelet\AppData\Local\sila
2016-03-08 21:49 - 2016-03-08 21:49 - 00000000 ____D C:\Users\lelet\AppData\Local\Setup520886000
2016-03-08 21:49 - 2016-03-08 21:49 - 00000000 ____D C:\Users\lelet\AppData\Local\{983BAE67-BC93-C2DF-D10B-E737F5631BAF}
2016-03-08 21:49 - 2016-03-08 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2016-03-08 21:49 - 2016-03-08 21:49 - 00000000 ____D C:\Program Files\ByteFence
2016-03-08 21:39 - 2016-03-10 15:02 - 00000274 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2016-03-08 21:39 - 2016-03-10 15:01 - 00003150 _____ C:\WINDOWS\System32\Tasks\RegClean Pro
2016-03-08 21:39 - 2016-03-09 21:39 - 00000282 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2016-03-08 21:39 - 2016-03-08 21:39 - 00003078 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2016-03-08 21:39 - 2016-03-08 21:39 - 00002922 _____ C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2016-03-08 21:39 - 2016-03-08 21:39 - 00001061 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2016-03-08 21:39 - 2016-03-08 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2016-03-08 21:39 - 2016-03-08 21:39 - 00000000 ____D C:\Program Files (x86)\RCP
2016-03-08 21:04 - 2016-03-08 21:04 - 00002219 _____ C:\Users\lelet\Desktop\chrome.lnk
2016-03-08 21:03 - 2016-03-08 21:39 - 00000000 ____D C:\Users\lelet\AppData\Roaming\systweak
2016-03-08 21:03 - 2015-11-20 19:27 - 00019888 _____ () C:\WINDOWS\system32\roboot64.exe
2016-03-08 21:01 - 2016-03-08 21:01 - 00000000 ____D C:\Users\Public\Documents\PC Faster
2016-03-02 23:58 - 2016-03-08 20:58 - 00003292 _____ C:\WINDOWS\System32\Tasks\BoBrowser
2016-03-02 23:58 - 2016-03-02 23:58 - 00003292 _____ C:\WINDOWS\System32\Tasks\Sunrise
2016-03-02 21:14 - 2016-03-09 22:24 - 00000000 ____D C:\Users\Todos os Usuários\TXQMPC
2016-03-02 21:14 - 2016-03-09 22:24 - 00000000 ____D C:\ProgramData\TXQMPC
2016-03-02 21:04 - 2016-03-02 21:04 - 00003262 _____ C:\WINDOWS\System32\Tasks\Run_Bobby_Browser
2016-03-02 21:03 - 2016-03-08 20:56 - 00000000 ____D C:\Users\lelet\AppData\Roaming\mysites123
2016-03-02 21:03 - 2016-03-02 21:04 - 00000000 ____D C:\Users\Todos os Usuários\UWdMU
2016-03-02 21:03 - 2016-03-02 21:04 - 00000000 ____D C:\ProgramData\UWdMU
2016-03-02 21:03 - 2016-03-02 21:03 - 00034712 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-03-02 21:03 - 2016-03-02 21:03 - 00003286 _____ C:\WINDOWS\System32\Tasks\crash_service
2016-03-02 21:03 - 2016-03-02 21:03 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-02 21:03 - 2016-03-02 21:03 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-03-02 20:38 - 2016-03-02 20:38 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-03-02 20:37 - 2016-03-09 22:23 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-03-02 20:37 - 2016-03-09 22:22 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-03-02 20:37 - 2016-03-02 20:38 - 00000000 ____D C:\Users\lelet\AppData\Local\DF938D4D-1456951067-11E4-944E-641C67711FA7
2016-03-02 20:37 - 2016-03-02 20:37 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2016-03-02 20:36 - 2016-03-02 23:58 - 00000858 _____ C:\Users\lelet\Desktop\Sound+.lnk
2016-03-02 20:36 - 2016-03-02 21:03 - 00000000 ____D C:\Program Files\Sound+
2016-03-02 20:36 - 2016-03-02 20:36 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0
2016-03-02 20:36 - 2016-03-02 20:33 - 00002041 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-03-02 20:35 - 2016-03-11 00:30 - 00000000 ____D C:\Program Files (x86)\DF938D4D-1456961717-11E4-944E-641C67711FA7
2016-03-02 20:35 - 2016-03-10 23:40 - 00000358 ____H C:\WINDOWS\Tasks\QGCAXVQCMXTMQSND.job
2016-03-02 20:35 - 2016-03-09 23:02 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Tencent
2016-03-02 20:35 - 2016-03-02 21:05 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-03-02 20:35 - 2016-03-02 21:05 - 00000000 ____D C:\ProgramData\Tencent
2016-03-02 20:35 - 2016-03-02 20:40 - 00000000 ____D C:\Users\Todos os Usuários\Service1291
2016-03-02 20:35 - 2016-03-02 20:40 - 00000000 ____D C:\ProgramData\Service1291
2016-03-02 20:35 - 2016-03-02 20:35 - 00003434 _____ C:\WINDOWS\System32\Tasks\QGCAXVQCMXTMQSND
2016-03-02 20:35 - 2016-03-02 20:35 - 00000000 ____D C:\Users\Todos os Usuários\28341ff220e0446c9fff27c4493d622e
2016-03-02 20:35 - 2016-03-02 20:35 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-03-02 20:35 - 2016-03-02 20:35 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-03-02 20:34 - 2016-03-08 21:07 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-03-02 20:34 - 2016-03-08 21:07 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-03-02 20:32 - 2016-03-02 20:32 - 00000000 ____D C:\Program Files (x86)\qq
2016-03-02 20:31 - 2016-03-08 21:50 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-03-02 20:31 - 2016-03-08 21:45 - 00000000 ____D C:\Users\lelet\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-02 20:31 - 2016-03-02 20:31 - 00015116 _____ C:\WINDOWS\System32\Tasks\WinTaske
2016-03-02 20:31 - 2016-03-02 20:31 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-02 20:31 - 2016-03-02 20:31 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-03-02 20:31 - 2016-03-02 20:31 - 00000000 ____D C:\Program Files (x86)\Winsere
2016-03-02 20:31 - 2016-03-02 20:31 - 00000000 ____D C:\extensions
2016-03-02 20:29 - 2016-03-02 20:32 - 00168055 _____ C:\Users\lelet\Downloads\iMindMap Ultimate 8 Full Crack.zip
2016-03-02 20:22 - 2016-03-02 20:25 - 186543080 _____ (Buzan Online) C:\Users\lelet\Downloads\imindmap_4.1.2_7lic.exe
2016-03-02 19:07 - 2016-03-02 19:07 - 00965482 _____ C:\Users\lelet\Downloads\UFPR programa.pdf
2016-02-24 20:08 - 2016-02-24 20:08 - 00082223 _____ C:\Users\lelet\Downloads\boleto_dirps.pdf
2016-02-18 15:44 - 2016-02-18 15:44 - 33011776 _____ (Popcorn Time) C:\Users\lelet\Downloads\Popcorn-Time-0.3.9-Setup.exe
2016-02-11 14:25 - 2016-02-11 14:25 - 00340009 _____ C:\Users\lelet\Downloads\IMG_20160211_0001.pdf
2016-02-11 13:20 - 2016-01-29 03:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-11 13:20 - 2016-01-29 03:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-11 13:20 - 2016-01-27 03:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-11 13:20 - 2016-01-27 03:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-11 13:20 - 2016-01-27 03:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-11 13:20 - 2016-01-27 03:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-11 13:20 - 2016-01-27 03:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-11 13:20 - 2016-01-27 02:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-11 13:20 - 2016-01-27 02:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-11 13:20 - 2016-01-27 02:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-11 13:20 - 2016-01-27 02:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-11 13:20 - 2016-01-27 02:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-11 13:20 - 2016-01-27 02:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-11 13:20 - 2016-01-27 02:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-11 13:20 - 2016-01-27 02:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-11 13:20 - 2016-01-27 02:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-11 13:20 - 2016-01-27 02:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-11 13:20 - 2016-01-27 02:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-11 13:20 - 2016-01-27 02:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-11 13:20 - 2016-01-27 02:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-11 13:20 - 2016-01-27 02:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-11 13:20 - 2016-01-27 02:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-11 13:20 - 2016-01-27 02:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-11 13:20 - 2016-01-27 02:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-11 13:20 - 2016-01-27 02:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-11 13:20 - 2016-01-27 02:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-11 13:20 - 2016-01-27 02:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-11 13:20 - 2016-01-27 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-11 13:20 - 2016-01-27 02:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-11 13:20 - 2016-01-27 02:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-11 13:20 - 2016-01-27 02:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-11 13:20 - 2016-01-27 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-11 13:20 - 2016-01-27 02:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-11 13:20 - 2016-01-27 02:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-11 13:20 - 2016-01-27 02:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-11 13:20 - 2016-01-27 02:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-11 13:20 - 2016-01-27 02:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-11 13:20 - 2016-01-27 02:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-11 13:20 - 2016-01-27 02:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-11 13:20 - 2016-01-27 02:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-11 13:20 - 2016-01-27 02:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-11 13:20 - 2016-01-27 02:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-11 13:20 - 2016-01-27 02:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-11 13:20 - 2016-01-27 01:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-11 13:20 - 2016-01-27 01:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-11 13:20 - 2016-01-27 01:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-11 13:20 - 2016-01-27 01:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-11 13:20 - 2016-01-27 01:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-11 13:20 - 2016-01-27 01:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-11 13:20 - 2016-01-27 01:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-11 13:20 - 2016-01-27 01:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-11 13:20 - 2016-01-27 01:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-11 13:20 - 2016-01-27 01:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-11 13:20 - 2016-01-27 01:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-11 13:20 - 2016-01-27 01:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-11 13:20 - 2016-01-27 01:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-11 13:20 - 2016-01-27 01:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-11 13:20 - 2016-01-27 01:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-11 13:20 - 2016-01-27 01:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-11 13:20 - 2016-01-27 01:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-11 13:20 - 2016-01-27 01:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-11 13:20 - 2016-01-27 01:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-11 13:20 - 2016-01-27 01:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-11 13:20 - 2016-01-27 01:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-11 13:20 - 2016-01-27 01:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-11 01:02 - 2015-04-17 18:33 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Skype
2016-03-11 01:00 - 2015-07-08 17:50 - 00000662 _____ C:\WINDOWS\Tasks\{61FFE1F9-137D-4c31-A181-3415FCAA5946}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job
2016-03-11 00:16 - 2015-04-10 16:38 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-10 23:45 - 2015-05-05 22:52 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Spotify
2016-03-10 22:54 - 2015-10-30 16:12 - 00786498 _____ C:\WINDOWS\system32\prfh0416.dat
2016-03-10 22:54 - 2015-10-30 16:12 - 00154782 _____ C:\WINDOWS\system32\prfc0416.dat
2016-03-10 22:54 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-10 22:54 - 2015-08-15 22:30 - 01822696 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-10 21:39 - 2015-07-08 17:50 - 00000000 ____D C:\Users\Todos os Usuários\ToolsUpdatePlatform
2016-03-10 21:39 - 2015-07-08 17:50 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2016-03-10 20:41 - 2015-08-15 22:52 - 00002380 _____ C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-10 20:41 - 2015-04-11 19:37 - 00000000 ___RD C:\Users\lelet\OneDrive
2016-03-10 20:25 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-10 20:23 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-10 14:41 - 2015-05-05 22:53 - 00000000 ____D C:\Users\lelet\AppData\Local\Spotify
2016-03-09 22:28 - 2016-01-11 18:35 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-03-09 22:22 - 2015-04-10 16:39 - 00002204 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-09 20:01 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 20:01 - 2015-08-15 22:46 - 00000000 ____D C:\Users\lelet\AppData\Local\Publishers
2016-03-09 00:10 - 2015-04-06 18:15 - 00000000 __SHD C:\Users\lelet\IntelGraphicsProfiles
2016-03-09 00:09 - 2015-12-09 03:50 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-09 00:09 - 2015-04-10 16:38 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-08 21:51 - 2015-12-09 03:54 - 00000000 ____D C:\Users\lelet
2016-03-08 21:50 - 2015-12-09 04:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-08 21:14 - 2015-03-12 10:52 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-03-08 21:11 - 2015-03-12 10:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-08 21:02 - 2015-04-06 18:15 - 00000000 ____D C:\Users\lelet\AppData\Local\VirtualStore
2016-03-08 21:01 - 2015-12-09 04:04 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2016-03-08 21:01 - 2015-04-10 20:04 - 00003720 _____ C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633
2016-03-08 21:01 - 2015-04-06 18:16 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Baidu Security
2016-03-08 21:01 - 2015-03-12 11:34 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2016-03-08 21:01 - 2015-03-12 11:34 - 00000000 ____D C:\ProgramData\Baidu Security
2016-03-08 20:57 - 2015-03-12 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-03-08 20:57 - 2015-03-12 11:29 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-03-08 20:56 - 2015-07-05 18:44 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-03-08 20:55 - 2015-04-06 18:15 - 00000000 ____D C:\Users\lelet\AppData\Local\Packages
2016-03-08 20:54 - 2015-08-15 23:37 - 00000000 ____D C:\Users\lelet\AppData\Local\MicrosoftEdge
2016-03-08 20:51 - 2015-10-29 21:30 - 00000000 ____D C:\Users\lelet\AppData\Roaming\Baidu
2016-03-08 20:50 - 2015-10-29 21:29 - 00000000 ____D C:\Program Files (x86)\baidu
2016-03-02 23:58 - 2016-01-17 18:32 - 00001434 _____ C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2016-03-02 23:58 - 2015-12-17 14:29 - 00001774 _____ C:\Users\lelet\Desktop\MPC-HC x64.lnk
2016-03-02 23:58 - 2015-07-12 16:42 - 00002145 _____ C:\Users\lelet\Desktop\Popcorn Time.lnk
2016-03-02 23:58 - 2015-06-26 16:17 - 00002066 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2016-03-02 23:58 - 2015-06-26 16:13 - 00002395 _____ C:\Users\Public\Desktop\Canon MG3500 series Manual Interativo.lnk
2016-03-02 23:58 - 2015-05-10 20:56 - 00002598 _____ C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk
2016-03-02 23:58 - 2015-05-10 20:56 - 00002315 _____ C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2016-03-02 23:58 - 2015-05-05 22:53 - 00001936 _____ C:\Users\lelet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-02 23:58 - 2015-05-05 22:53 - 00001930 _____ C:\Users\lelet\Desktop\Spotify.lnk
2016-03-02 23:58 - 2015-04-17 18:33 - 00002660 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-02 23:58 - 2015-03-12 11:42 - 00002135 _____ C:\Users\Public\Desktop\OneKey Recovery.lnk
2016-03-02 23:58 - 2015-03-12 11:27 - 00001811 _____ C:\Users\Public\Desktop\TIM.lnk
2016-03-02 21:35 - 2015-04-06 18:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 21:08 - 2015-12-09 03:45 - 00236504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-02 21:07 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-02 20:34 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-03-02 20:34 - 2013-08-22 12:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-27 00:03 - 2015-07-12 16:42 - 00000000 ____D C:\Users\lelet\AppData\Local\Popcorn-Time
2016-02-23 22:14 - 2015-10-30 04:24 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-02-23 22:14 - 2015-10-30 04:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 22:13 - 2015-07-15 17:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-18 10:32 - 2015-03-12 11:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-02-17 16:03 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-17 15:44 - 2015-10-30 16:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-16 18:21 - 2015-04-12 11:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-16 18:14 - 2015-04-12 11:35 - 146614896 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-11 14:25 - 2015-06-26 16:09 - 00000000 ____D C:\Users\Todos os Usuários\CanonIJPLM
2016-02-11 14:25 - 2015-06-26 16:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-02-11 13:12 - 2015-04-10 16:38 - 00004150 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-11 13:11 - 2015-04-10 16:38 - 00003918 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Arquivos na raiz de alguns diretórios =======

2016-03-09 22:24 - 2016-03-09 22:24 - 0005120 _____ () C:\Users\lelet\AppData\Roaming\GiftBag.db
2015-12-09 03:48 - 2015-12-09 03:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-10 20:04 - 2015-04-10 20:04 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js
2016-03-09 22:22 - 2016-03-09 17:49 - 1275392 _____ (TZ) C:\ProgramData\FrivLauncherUS.exe
2016-03-09 22:22 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-03-09 22:22 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-03-09 22:21 - 2016-03-02 10:49 - 1888256 _____ () C:\ProgramData\msiql.exe
2016-03-09 22:21 - 2016-03-09 22:21 - 1734656 _____ () C:\ProgramData\service.exe
2016-03-09 22:21 - 2016-03-09 22:21 - 0011633 _____ () C:\ProgramData\webad.xml
2016-03-09 23:58 - 2016-03-09 23:58 - 0000041 _____ () C:\ProgramData\xcgui_debug.txt
2016-03-02 21:03 - 2016-03-02 21:03 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\Duplicaterecord.js
C:\ProgramData\FrivLauncherUS.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\Duplicaterecord.js
C:\Users\Todos os Usuários\FrivLauncherUS.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Alguns arquivos em TEMP:
====================
C:\Users\lelet\AppData\Local\Temp\1002.tmp.exe
C:\Users\lelet\AppData\Local\Temp\1457481354.exe
C:\Users\lelet\AppData\Local\Temp\2AB.tmp.exe
C:\Users\lelet\AppData\Local\Temp\3297.tmp.exe
C:\Users\lelet\AppData\Local\Temp\339.tmp.exe
C:\Users\lelet\AppData\Local\Temp\6F89.tmp.exe
C:\Users\lelet\AppData\Local\Temp\7A12.tmp.exe
C:\Users\lelet\AppData\Local\Temp\81DA.tmp.exe
C:\Users\lelet\AppData\Local\Temp\851.tmp.exe
C:\Users\lelet\AppData\Local\Temp\A53.tmp.exe
C:\Users\lelet\AppData\Local\Temp\A6BE.tmp.exe
C:\Users\lelet\AppData\Local\Temp\AB45.tmp.exe
C:\Users\lelet\AppData\Local\Temp\AE1B.tmp.exe
C:\Users\lelet\AppData\Local\Temp\B83E.tmp.exe
C:\Users\lelet\AppData\Local\Temp\Browser_V5.5.10106.5_f_4674_(Build1601261105).exe
C:\Users\lelet\AppData\Local\Temp\E3C7.tmp.exe
C:\Users\lelet\AppData\Local\Temp\F8E3.tmp.exe
C:\Users\lelet\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.399.exe
C:\Users\lelet\AppData\Local\Temp\ICReinstall_E3C7.tmp.exe
C:\Users\lelet\AppData\Local\Temp\J02NNMFAOC.exe
C:\Users\lelet\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74672_Silence.exe
C:\Users\lelet\AppData\Local\Temp\qqpcmgr_v11.3.17201.218_123149965_Silence.exe
C:\Users\lelet\AppData\Local\Temp\set.exe
C:\Users\lelet\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-03-08 21:20

==================== Fim de FRST.txt ============================