Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:10-01-2015 01
Executado por XICOTE (administrador) em XICOTE-PC (16-01-2016 20:34:09)
Executando a partir de C:\Users\XICOTE\Desktop
Perfis Carregados: XICOTE (Perfis Disponíveis: XICOTE)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\PSafe\Total\safemon\QHActiveDefense.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe [2406208 2015-08-04] ()
HKU\S-1-5-21-4089904262-2759942926-1811272342-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-4089904262-2759942926-1811272342-1000\...\MountPoints2: {a09a0e47-2a4c-11e5-94e9-806e6f6e6963} - D:\Run.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 201.75.168.40 201.75.168.34
Tcpip\..\Interfaces\{F106ECD5-E7DF-4900-8E63-8F0A9F115843}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F106ECD5-E7DF-4900-8E63-8F0A9F115843}: [DhcpNameServer] 201.75.168.40 201.75.168.34
Tcpip\..\Interfaces\{F6033C0A-9608-4A69-9389-857F56F24660}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\S-1-5-21-4089904262-2759942926-1811272342-1000 -> {C9FB0128-9682-4DAE-B391-15A2AC119D7D} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-01] (Oracle Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-01] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\XICOTE\AppData\Roaming\Mozilla\Firefox\Profiles\32yzfwkj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Extension: YouTube High Definition - C:\Users\XICOTE\AppData\Roaming\Mozilla\Firefox\Profiles\32yzfwkj.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-01-10]
FF Extension: Adblock Plus - C:\Users\XICOTE\AppData\Roaming\Mozilla\Firefox\Profiles\32yzfwkj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
Chrome:
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_dnldstr_14_43_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FtDyEyCyC0Azz0AtByBtN0D0Tzu0StCtDtBtDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AyEtCtCtBtDtBtG0FtCyE0CtGtB0C0B0CtG0FyE0CtDtGtCzyyBtDzyyD0AtDzztB0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CyBzzyCyDtCzytGyB0BtAyEtGyEyCtB0BtG0B0AyE0AtGyByEtA0FtBzyyBtB0D0E0AyE2Q&cr=111045075&ir=
CHR StartupUrls: Default -> "hxxps://www.facebook.com/leandro55dasilva","hxxps://www.google.com.br/"
CHR Profile: C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-10]
CHR Extension: (Destiny) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bflambfdbpnngmacdbbodmpdgjppgjck [2015-08-05]
CHR Extension: (YouTube) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (AdBlock) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Arquivo não assinado]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
S4 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-24] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-24] (NVIDIA Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\PSafe\Total\safemon\QHActiveDefense.exe [704664 2015-08-04] ()
R4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-08-04] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-08-04] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-08-04] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-08-04] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [312400 2015-08-04] (Qihu 360 Software Co., Ltd.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-08-04] (Qihu 360 Software Co., Ltd.)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2015-10-24] (Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2015-10-24] (Dev47Apps)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-07-18] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows (R) Win 7 DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows (R) Win 7 DDK provider)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-24] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 1999-12-31] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-12-08] (SlimWare Utilities, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 20:34 - 2016-01-16 20:34 - 00014727 _____ C:\Users\XICOTE\Desktop\FRST.txt
2016-01-16 20:33 - 2016-01-16 20:34 - 00000000 ____D C:\FRST
2016-01-16 20:33 - 2016-01-16 20:33 - 02370560 _____ (Farbar) C:\Users\XICOTE\Desktop\FRST64.exe
2016-01-14 04:25 - 2016-01-14 04:25 - 00310864 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 04:25 - 2016-01-14 04:25 - 00071432 _____ C:\Users\XICOTE\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-07 19:17 - 2016-01-07 19:17 - 00003322 _____ C:\Windows\System32\Tasks\{2BDBAEEE-70BE-4BD6-8C08-1C22FC332A29}
2016-01-07 02:37 - 2016-01-07 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 18:11 - 2016-01-06 18:11 - 00000000 ____D C:\Users\XICOTE\Documents\Corel
2016-01-02 21:56 - 2016-01-02 21:56 - 00000126 _____ C:\Users\XICOTE\Desktop\ofere.txt
2015-12-28 20:32 - 2015-12-28 20:32 - 00000000 ____D C:\Users\XICOTE\AppData\Local\Xenocode
2015-12-19 21:28 - 2015-12-19 21:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-19 21:28 - 2015-12-19 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-18 03:27 - 2015-12-18 03:29 - 00000000 ____D C:\Users\XICOTE\Downloads\Colecao.Guerra.nas.Estrelas.1977.BRRip.1080p.AVC.DUAL-VET
2015-12-18 03:19 - 2015-12-18 03:33 - 00000000 ____D C:\Users\XICOTE\Downloads\Hitman.Agente.47.2015.720p.BluRay.x264-DRONES-DUAL-GuiVGA
2015-12-17 00:16 - 2016-01-12 05:26 - 00000000 ____D C:\Users\XICOTE\Desktop\Originals
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 20:33 - 2015-07-28 01:03 - 00000000 ____D C:\Users\XICOTE\Download google
2016-01-16 20:33 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2016-01-16 20:31 - 2015-07-15 01:36 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\Skype
2016-01-16 20:22 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-16 20:21 - 2009-07-14 02:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-16 20:21 - 2009-07-14 02:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-16 20:19 - 2015-12-09 05:07 - 00000000 ____D C:\Users\XICOTE\AppData\LocalLow\360WD
2016-01-16 20:08 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-16 20:07 - 2015-07-15 00:55 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-01-16 20:07 - 2015-07-15 00:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-16 20:07 - 2009-07-14 02:45 - 00015360 _____ C:\Windows\system32\umstartup.etl
2016-01-16 20:00 - 2015-11-26 03:09 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-16 15:57 - 2009-07-14 02:45 - 00012288 _____ C:\Windows\system32\umstartup000.etl
2016-01-15 05:46 - 2015-07-17 06:12 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\uTorrent
2016-01-14 05:56 - 2015-07-17 06:19 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\MPC-HC
2016-01-14 00:27 - 2015-07-20 03:31 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\PhotoScape
2016-01-13 03:07 - 2015-07-20 03:31 - 00067584 ____H C:\Users\XICOTE\Desktop\photothumb.db
2016-01-09 14:55 - 2015-09-22 01:35 - 00000000 ____D C:\Windows\Minidump
2016-01-07 14:13 - 2015-11-25 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-06 22:30 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-02 17:10 - 2010-11-21 07:37 - 00706836 _____ C:\Windows\system32\prfh0416.dat
2016-01-02 17:10 - 2010-11-21 07:37 - 00148174 _____ C:\Windows\system32\prfc0416.dat
2016-01-02 17:10 - 2009-07-14 03:13 - 01639248 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-30 09:01 - 2015-09-12 05:58 - 00003158 _____ C:\Windows\System32\Tasks\JetBoost_AutoUpdate
2015-12-29 15:00 - 2015-11-26 03:09 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 15:00 - 2015-11-26 03:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 15:00 - 2015-11-26 03:09 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-27 21:57 - 2015-07-17 06:19 - 00001748 _____ C:\Users\XICOTE\Desktop\MPC-HC x64.lnk
2015-12-27 15:33 - 2015-08-20 09:06 - 00000434 __RSH C:\Users\Todos os Usuários\ntuser.pol
2015-12-27 15:33 - 2015-08-20 09:06 - 00000434 __RSH C:\ProgramData\ntuser.pol
2015-12-19 21:28 - 2015-07-15 01:36 - 00000000 ____D C:\Users\XICOTE\AppData\Local\Skype
2015-12-19 21:28 - 2015-07-15 01:36 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-12-19 21:28 - 2015-07-15 01:36 - 00000000 ____D C:\ProgramData\Skype
2015-12-19 08:28 - 2015-12-09 05:07 - 00000000 ____D C:\Windows\Tasks\360Disabled
2015-12-19 00:18 - 2015-07-14 15:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-19 00:18 - 2015-07-14 15:36 - 00003826 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-18 03:33 - 2015-07-17 06:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-12-18 03:33 - 2015-07-17 06:19 - 00000000 ____D C:\Program Files\MPC-HC
==================== Arquivos na raiz de alguns diretórios =======
2015-07-17 04:07 - 2015-07-17 04:07 - 0000003 _____ () C:\Users\XICOTE\AppData\Local\updater.log
2015-07-17 04:07 - 2015-10-02 12:45 - 0000424 _____ () C:\Users\XICOTE\AppData\Local\UserProducts.xml
2015-10-24 04:55 - 2015-10-24 05:12 - 0000022 _____ () C:\ProgramData\droidcam-settings
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
Executado por XICOTE (administrador) em XICOTE-PC (16-01-2016 20:34:09)
Executando a partir de C:\Users\XICOTE\Desktop
Perfis Carregados: XICOTE (Perfis Disponíveis: XICOTE)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\PSafe\Total\safemon\QHActiveDefense.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe [2406208 2015-08-04] ()
HKU\S-1-5-21-4089904262-2759942926-1811272342-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-4089904262-2759942926-1811272342-1000\...\MountPoints2: {a09a0e47-2a4c-11e5-94e9-806e6f6e6963} - D:\Run.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 201.75.168.40 201.75.168.34
Tcpip\..\Interfaces\{F106ECD5-E7DF-4900-8E63-8F0A9F115843}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F106ECD5-E7DF-4900-8E63-8F0A9F115843}: [DhcpNameServer] 201.75.168.40 201.75.168.34
Tcpip\..\Interfaces\{F6033C0A-9608-4A69-9389-857F56F24660}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\S-1-5-21-4089904262-2759942926-1811272342-1000 -> {C9FB0128-9682-4DAE-B391-15A2AC119D7D} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-01] (Oracle Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-01] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\XICOTE\AppData\Roaming\Mozilla\Firefox\Profiles\32yzfwkj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Extension: YouTube High Definition - C:\Users\XICOTE\AppData\Roaming\Mozilla\Firefox\Profiles\32yzfwkj.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-01-10]
FF Extension: Adblock Plus - C:\Users\XICOTE\AppData\Roaming\Mozilla\Firefox\Profiles\32yzfwkj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
Chrome:
=======
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_dnldstr_14_43_ie&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0FtDyEyCyC0Azz0AtByBtN0D0Tzu0StCtDtBtDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AyEtCtCtBtDtBtG0FtCyE0CtGtB0C0B0CtG0FyE0CtDtGtCzyyBtDzyyD0AtDzztB0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0CyBzzyCyDtCzytGyB0BtAyEtGyEyCtB0BtG0B0AyE0AtGyByEtA0FtBzyyBtB0D0E0AyE2Q&cr=111045075&ir=
CHR StartupUrls: Default -> "hxxps://www.facebook.com/leandro55dasilva","hxxps://www.google.com.br/"
CHR Profile: C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-10]
CHR Extension: (Destiny) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bflambfdbpnngmacdbbodmpdgjppgjck [2015-08-05]
CHR Extension: (YouTube) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (AdBlock) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\XICOTE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Arquivo não assinado]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
S4 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-24] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-24] (NVIDIA Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\PSafe\Total\safemon\QHActiveDefense.exe [704664 2015-08-04] ()
R4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-08-04] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-08-04] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-08-04] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-08-04] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [312400 2015-08-04] (Qihu 360 Software Co., Ltd.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-08-04] (Qihu 360 Software Co., Ltd.)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2015-10-24] (Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2015-10-24] (Dev47Apps)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-07-18] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows (R) Win 7 DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows (R) Win 7 DDK provider)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-24] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 1999-12-31] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-12-08] (SlimWare Utilities, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 20:34 - 2016-01-16 20:34 - 00014727 _____ C:\Users\XICOTE\Desktop\FRST.txt
2016-01-16 20:33 - 2016-01-16 20:34 - 00000000 ____D C:\FRST
2016-01-16 20:33 - 2016-01-16 20:33 - 02370560 _____ (Farbar) C:\Users\XICOTE\Desktop\FRST64.exe
2016-01-14 04:25 - 2016-01-14 04:25 - 00310864 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 04:25 - 2016-01-14 04:25 - 00071432 _____ C:\Users\XICOTE\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-07 19:17 - 2016-01-07 19:17 - 00003322 _____ C:\Windows\System32\Tasks\{2BDBAEEE-70BE-4BD6-8C08-1C22FC332A29}
2016-01-07 02:37 - 2016-01-07 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 18:11 - 2016-01-06 18:11 - 00000000 ____D C:\Users\XICOTE\Documents\Corel
2016-01-02 21:56 - 2016-01-02 21:56 - 00000126 _____ C:\Users\XICOTE\Desktop\ofere.txt
2015-12-28 20:32 - 2015-12-28 20:32 - 00000000 ____D C:\Users\XICOTE\AppData\Local\Xenocode
2015-12-19 21:28 - 2015-12-19 21:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-19 21:28 - 2015-12-19 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-18 03:27 - 2015-12-18 03:29 - 00000000 ____D C:\Users\XICOTE\Downloads\Colecao.Guerra.nas.Estrelas.1977.BRRip.1080p.AVC.DUAL-VET
2015-12-18 03:19 - 2015-12-18 03:33 - 00000000 ____D C:\Users\XICOTE\Downloads\Hitman.Agente.47.2015.720p.BluRay.x264-DRONES-DUAL-GuiVGA
2015-12-17 00:16 - 2016-01-12 05:26 - 00000000 ____D C:\Users\XICOTE\Desktop\Originals
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 20:33 - 2015-07-28 01:03 - 00000000 ____D C:\Users\XICOTE\Download google
2016-01-16 20:33 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2016-01-16 20:31 - 2015-07-15 01:36 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\Skype
2016-01-16 20:22 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-16 20:21 - 2009-07-14 02:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-16 20:21 - 2009-07-14 02:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-16 20:19 - 2015-12-09 05:07 - 00000000 ____D C:\Users\XICOTE\AppData\LocalLow\360WD
2016-01-16 20:08 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-16 20:07 - 2015-07-15 00:55 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-01-16 20:07 - 2015-07-15 00:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-16 20:07 - 2009-07-14 02:45 - 00015360 _____ C:\Windows\system32\umstartup.etl
2016-01-16 20:00 - 2015-11-26 03:09 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-16 15:57 - 2009-07-14 02:45 - 00012288 _____ C:\Windows\system32\umstartup000.etl
2016-01-15 05:46 - 2015-07-17 06:12 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\uTorrent
2016-01-14 05:56 - 2015-07-17 06:19 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\MPC-HC
2016-01-14 00:27 - 2015-07-20 03:31 - 00000000 ____D C:\Users\XICOTE\AppData\Roaming\PhotoScape
2016-01-13 03:07 - 2015-07-20 03:31 - 00067584 ____H C:\Users\XICOTE\Desktop\photothumb.db
2016-01-09 14:55 - 2015-09-22 01:35 - 00000000 ____D C:\Windows\Minidump
2016-01-07 14:13 - 2015-11-25 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-06 22:30 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-02 17:10 - 2010-11-21 07:37 - 00706836 _____ C:\Windows\system32\prfh0416.dat
2016-01-02 17:10 - 2010-11-21 07:37 - 00148174 _____ C:\Windows\system32\prfc0416.dat
2016-01-02 17:10 - 2009-07-14 03:13 - 01639248 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-30 09:01 - 2015-09-12 05:58 - 00003158 _____ C:\Windows\System32\Tasks\JetBoost_AutoUpdate
2015-12-29 15:00 - 2015-11-26 03:09 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 15:00 - 2015-11-26 03:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 15:00 - 2015-11-26 03:09 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-27 21:57 - 2015-07-17 06:19 - 00001748 _____ C:\Users\XICOTE\Desktop\MPC-HC x64.lnk
2015-12-27 15:33 - 2015-08-20 09:06 - 00000434 __RSH C:\Users\Todos os Usuários\ntuser.pol
2015-12-27 15:33 - 2015-08-20 09:06 - 00000434 __RSH C:\ProgramData\ntuser.pol
2015-12-19 21:28 - 2015-07-15 01:36 - 00000000 ____D C:\Users\XICOTE\AppData\Local\Skype
2015-12-19 21:28 - 2015-07-15 01:36 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-12-19 21:28 - 2015-07-15 01:36 - 00000000 ____D C:\ProgramData\Skype
2015-12-19 08:28 - 2015-12-09 05:07 - 00000000 ____D C:\Windows\Tasks\360Disabled
2015-12-19 00:18 - 2015-07-14 15:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-19 00:18 - 2015-07-14 15:36 - 00003826 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-18 03:33 - 2015-07-17 06:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-12-18 03:33 - 2015-07-17 06:19 - 00000000 ____D C:\Program Files\MPC-HC
==================== Arquivos na raiz de alguns diretórios =======
2015-07-17 04:07 - 2015-07-17 04:07 - 0000003 _____ () C:\Users\XICOTE\AppData\Local\updater.log
2015-07-17 04:07 - 2015-10-02 12:45 - 0000424 _____ () C:\Users\XICOTE\AppData\Local\UserProducts.xml
2015-10-24 04:55 - 2015-10-24 05:12 - 0000022 _____ () C:\ProgramData\droidcam-settings
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente