Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:18-01-2016
Executado por vivo (administrador) em CEBOLA_NET (19-01-2016 12:56:32)
Executando a partir de C:\Users\vivo\Downloads
Perfis Carregados: vivo (Perfis Disponíveis: vivo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
() C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
() C:\Program Files\ASP\AdvancedSystemProtector.exe
() C:\Program Files\SystemHealer\SystemHealer.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\st_rsser.exe
(DotC United Inc) C:\Program Files\MPC Cleaner\MPCTray.exe
() C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe
() C:\Users\vivo\AppData\Roaming\XBox\XBLive.exe
(Irrational Number Applications) C:\ProgramData\EaCNKaIq\DlAnIvEtxGn.exe
() C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe
() C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe
() C:\Program Files\CalendarTool\2.0.0.11153\calendar.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(DotC United Inc) C:\Program Files\MPC Cleaner\MPCNews.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [18944 2013-03-05] (A.E.T. Europe B.V.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [5318992 2015-12-17] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [5557584 2015-12-17] (Crawler Group, LLC)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1905664 2016-01-16] ()
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\MountPoints2: {7b36672b-0739-11e3-9858-0090f5e162e3} - D:\SISetup.exe
HKU\S-1-5-18\...\Run: [Pritc] => C:\Windows\Temp\00003575\casrss.exe [2980352 2016-01-17] (VLOME) <===== ATENÇÃO
HKU\S-1-5-18\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1905664 2016-01-16] ()
HKU\S-1-5-18\...\Run: [-] => c:\programdata\msiql.exe [2412032 2016-01-14] ()
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-30] (Avast Software s.r.o.)
BootExecute: sasnative32autocheck autochk *
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll [2771896 2015-12-30] ()
Tcpip\Parameters: [DhcpNameServer] 189.39.152.35 189.39.152.45
Tcpip\..\Interfaces\{510BB6E6-DF01-4666-A571-7668D1B54E37}: [DhcpNameServer] 189.39.152.35 189.39.152.45
Tcpip\..\Interfaces\{92909C5A-44F2-4906-A6A4-75EB386B086F}: [DhcpNameServer] 189.39.152.35 189.39.152.45
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
URLSearchHook: HKU\S-1-5-21-2498198735-273976222-1782081069-1001 - (Sem Nome) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Nenhum Arquivo
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9317D6B6-D3BE-4619-9C89-B8E4D5C806B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=POSTDF&pc=POS2&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2498198735-273976222-1782081069-1001 -> DefaultScope {8D38BB1A-E8D7-4441-B21B-334FA4D1CE38} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2498198735-273976222-1782081069-1001 -> {8D38BB1A-E8D7-4441-B21B-334FA4D1CE38} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files\Spyware Terminator\STInternetGuard.dll [2015-12-17] (Crawler Group, LLC)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Nenhum Arquivo
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Nenhum Arquivo
FireFox:
========
FF ProfilePath: C:\Users\vivo\AppData\Roaming\Mozilla\Firefox\Profiles\n2iyvjrs.default-1453037212354
FF Homepage: hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=4fabd2b1af767563bf38c7edf7352b4f
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-15]
FF HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\vivo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-09]
CHR Extension: (Google Docs) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-09]
CHR Extension: (Google Drive) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-09]
CHR Extension: (YouTube) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-09]
CHR Extension: (Google Search) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Documentos Google off-line) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Avast Online Security) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-11]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09]
CHR Extension: (Gmail) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-09]
CHR Extension: (scroll back to top) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmopfkbilpnoidiclofkppbgppapnjeh [2015-12-31]
CHR Extension: () - C:\Users\vivo\AppData\Local\Experience Extension\Component [2015-11-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-30]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-30] (Avast Software)
R2 DlAnIvEtxGn; C:\ProgramData\EaCNKaIq\DlAnIvEtxGn.exe [3002360 2016-01-17] (Irrational Number Applications)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-10-16] (TODO: <公司名>) [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-01-14] (TODO: ) [Arquivo não assinado]
S2 hasplms; C:\Windows\system32\hasplms.exe [535807 2007-03-15] (Aladdin Knowledge Systems Ltd.) [Arquivo não assinado]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2283296 2016-01-17] (IObit)
S2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [349152 2016-01-17] (DotC United Inc)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [2114384 2015-12-17] (Crawler Group, LLC) [Arquivo não assinado]
R2 TheCalendarService; C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe [153224 2015-12-10] ()
R2 WajaNetEn Monitor; C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe [2314752 2016-01-13] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 XBox; C:\Users\vivo\AppData\Roaming\XBox\XBLive.exe [7142328 2015-12-08] ()
S2 WindowsSecurity; C:\Windows\system32\config\systemprofile\AppData\Roaming\winsecurity\winsecurity.exe [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [438640 2015-09-23] (SafeNet Inc.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [261464 2015-09-23] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [313624 2015-09-23] (SafeNet Inc.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-30] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-30] ()
S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-04-05] (HID Global Corporation)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [Arquivo não assinado]
R0 MPCBase; C:\Windows\System32\drivers\MPCBase.sys [29032 2016-01-17] (DotC United Inc)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [52968 2016-01-17] (DotC United Inc)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [56704 2009-03-26] (Chingachguk & Denger2k (Elite & SP edition)) [Arquivo não assinado]
R1 Ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-12-30] (GAS Tecnologia)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [726120 2011-12-22] (Realtek Semiconductor Corporation )
R2 SoilIO; C:\Windows\system32\Drivers\SoilIO.sys [16248 2009-12-04] ()
R3 soilkbc; C:\Windows\system32\Drivers\soilkbc.sys [10744 2009-12-04] (Systems Internals)
R3 SoilMC; C:\Windows\system32\Drivers\SoilMC.sys [10616 2009-12-04] (Systems Internals)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [Arquivo não assinado]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-30] (Avast Software)
R3 vpcbus; C:\Windows\system32\drivers\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 NdisrdMP; system32\DRIVERS\gbpndisrd.sys [X]
S3 STHDA; system32\DRIVERS\stwrt.sys [X]
S1 UGProtect; \??\C:\Program Files\UPCleaner\1.1.30.13470\UGProtect.sys [X]
U5 wntpport; C:\Windows\System32\Drivers\wntpport.sys [28416 2001-01-19] (Vireo Software) [Arquivo não assinado]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-19 12:56 - 2016-01-19 12:58 - 00016476 _____ C:\Users\vivo\Downloads\FRST.txt
2016-01-19 12:55 - 2016-01-19 12:56 - 00000000 ____D C:\FRST
2016-01-19 12:55 - 2016-01-19 12:55 - 01721856 _____ (Farbar) C:\Users\vivo\Downloads\FRST.exe
2016-01-19 12:51 - 2016-01-19 12:51 - 01136375 _____ C:\Users\vivo\Desktop\fachada.psd
2016-01-19 08:18 - 2016-01-19 08:18 - 00000000 ____D C:\Program Files\CalendarTool
2016-01-19 08:12 - 2016-01-19 08:12 - 00001687 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-01-19 08:12 - 2016-01-19 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-01-18 09:03 - 2016-01-18 09:03 - 00000000 ____D C:\Users\vivo\AppData\LocalLow\mystarttb
2016-01-18 08:40 - 2016-01-18 08:40 - 00000000 ____D C:\Users\Todos os Usuários\Browser
2016-01-18 08:40 - 2016-01-18 08:40 - 00000000 ____D C:\ProgramData\Browser
2016-01-17 22:41 - 2016-01-17 22:41 - 01069796 _____ C:\Users\vivo\Downloads\Advanced System Protector v2.1 Full Serial Keys__3111_il2323544.rar
2016-01-17 22:26 - 2016-01-17 22:26 - 00000000 ____D C:\Users\vivo\AppData\Local\gmsd_br_004010210
2016-01-17 17:38 - 2016-01-17 17:38 - 00000000 ____D C:\Users\Todos os Usuários\736c6878-4e95-0
2016-01-17 17:38 - 2016-01-17 17:38 - 00000000 ____D C:\ProgramData\736c6878-4e95-0
2016-01-17 17:36 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-01-17 17:36 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-01-17 17:35 - 2016-01-17 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn
2016-01-17 17:34 - 2016-01-19 08:12 - 00000264 _____ C:\Windows\Tasks\System HealerStartUp.job
2016-01-17 17:34 - 2016-01-17 22:25 - 00000264 _____ C:\Windows\Tasks\System HealerPeriod.job
2016-01-17 17:34 - 2016-01-17 17:35 - 00000000 ____D C:\Program Files\WajaNetEn
2016-01-17 17:33 - 2016-01-17 17:34 - 00000000 ____D C:\Program Files\SystemHealer
2016-01-17 17:33 - 2016-01-17 17:33 - 00000000 ____D C:\Users\Todos os Usuários\736c6878-29d3-1
2016-01-17 17:33 - 2016-01-17 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2016-01-17 17:33 - 2016-01-17 17:33 - 00000000 ____D C:\ProgramData\736c6878-29d3-1
2016-01-17 17:32 - 2016-01-17 17:32 - 00000000 ____D C:\Users\Todos os Usuários\Ancropafe
2016-01-17 17:32 - 2016-01-17 17:32 - 00000000 ____D C:\ProgramData\Ancropafe
2016-01-17 17:28 - 2016-01-18 16:50 - 00000000 ____D C:\Users\vivo\AppData\Local\WebShield
2016-01-17 17:27 - 2016-01-17 17:29 - 00000000 ____D C:\Users\Todos os Usuários\EaCNKaIq
2016-01-17 17:27 - 2016-01-17 17:29 - 00000000 ____D C:\ProgramData\EaCNKaIq
2016-01-17 17:26 - 2016-01-17 22:34 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-01-17 17:26 - 2016-01-17 17:27 - 00000000 ____D C:\Users\Todos os Usuários\WebShield
2016-01-17 17:26 - 2016-01-17 17:27 - 00000000 ____D C:\ProgramData\WebShield
2016-01-17 17:26 - 2016-01-17 17:27 - 00000000 ____D C:\Program Files\gmsd_br_004010210
2016-01-17 17:26 - 2016-01-17 17:26 - 00052968 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-01-17 17:26 - 2016-01-17 17:26 - 00029032 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCBase.sys
2016-01-17 17:26 - 2016-01-17 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
2016-01-17 17:25 - 2016-01-17 17:25 - 00000216 _____ C:\Windows\Tasks\dsmonitor.job
2016-01-17 17:25 - 2016-01-17 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-01-17 17:24 - 2016-01-17 17:26 - 00000000 ____D C:\Program Files\mystarttb
2016-01-17 17:24 - 2016-01-17 17:24 - 00000000 ____D C:\Program Files\Uniblue
2016-01-17 17:23 - 2016-01-17 17:24 - 00000000 ____D C:\Program Files\OLBPre
2016-01-17 17:23 - 2016-01-14 07:46 - 02412032 _____ C:\Users\Todos os Usuários\msiql.exe
2016-01-17 17:23 - 2016-01-14 07:46 - 02412032 _____ C:\ProgramData\msiql.exe
2016-01-17 16:53 - 2016-01-17 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ttwifi
2016-01-17 16:53 - 2016-01-17 16:53 - 00000000 ____D C:\Program Files\ttwifi
2016-01-17 16:37 - 2016-01-17 16:37 - 00000000 ____D C:\Users\vivo\AppData\Roaming\ASP
2016-01-17 14:10 - 2016-01-17 14:10 - 00000000 ____D C:\Users\vivo\AppData\Roaming\Systweak
2016-01-17 14:09 - 2016-01-17 16:49 - 00000000 ____D C:\Program Files\ASP
2016-01-17 14:09 - 2016-01-17 14:09 - 00000999 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\Users\vivo\AppData\Local\Systweak
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\Users\Todos os Usuários\Systweak
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\ProgramData\Systweak
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2016-01-17 14:09 - 2015-11-20 16:13 - 00017872 _____ C:\Windows\system32\sasnative32.exe
2016-01-17 14:08 - 2016-01-17 14:08 - 05822720 _____ (Advanced System Protector ) C:\Users\vivo\Downloads\aspsetup.exe
2016-01-17 13:57 - 2016-01-19 09:29 - 00000000 ____D C:\Users\vivo\AppData\Roaming\CalendarTool
2016-01-17 13:56 - 2016-01-17 13:56 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-01-17 13:55 - 2016-01-17 13:55 - 00002109 _____ C:\Users\vivo\Desktop\AdwCleaner[C8].txt
2016-01-17 13:52 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2016-01-17 13:33 - 2016-01-17 13:33 - 02370560 _____ (Farbar) C:\Users\vivo\Downloads\FRST64.exe
2016-01-17 13:20 - 2016-01-17 13:20 - 395234850 _____ C:\Windows\MEMORY.DMP
2016-01-17 13:20 - 2016-01-17 13:20 - 00143776 _____ C:\Windows\Minidump\011716-28111-01.dmp
2016-01-17 13:02 - 2016-01-17 13:02 - 00000000 ____D C:\Users\vivo\AppData\Roaming\ProductData
2016-01-17 13:01 - 2016-01-17 13:02 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-01-17 13:01 - 2016-01-17 13:02 - 00000000 ____D C:\ProgramData\IObit
2016-01-17 13:01 - 2016-01-17 13:01 - 00000000 ____D C:\Users\vivo\AppData\LocalLow\IObit
2016-01-17 13:00 - 2016-01-17 13:01 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-01-17 13:00 - 2016-01-17 13:01 - 00000000 ____D C:\ProgramData\ProductData
2016-01-17 12:58 - 2016-01-17 13:01 - 00000000 ____D C:\Program Files\IObit
2016-01-17 12:56 - 2016-01-17 12:56 - 00000000 ____D C:\Users\vivo\AppData\Roaming\IObit
2016-01-17 12:54 - 2016-01-17 12:56 - 17091360 _____ (IObit) C:\Users\vivo\Downloads\iobituninstaller-pro.exe
2016-01-17 12:14 - 2016-01-18 08:35 - 00006413 _____ C:\Users\Todos os Usuários\webad.xml
2016-01-17 12:14 - 2016-01-18 08:35 - 00006413 _____ C:\ProgramData\webad.xml
2016-01-17 11:27 - 2016-01-17 11:27 - 00000000 ____D C:\Users\vivo\Desktop\Dados anteriores do Firefox
2016-01-17 11:08 - 2016-01-17 13:49 - 00000000 ____D C:\AdwCleaner
2016-01-17 09:07 - 2016-01-19 09:04 - 00000000 ____D C:\Users\Todos os Usuários\Spyware Terminator
2016-01-17 09:07 - 2016-01-19 09:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2016-01-17 09:07 - 2016-01-17 09:07 - 00001008 _____ C:\Users\Public\Desktop\Spyware Terminator 2015.lnk
2016-01-17 09:07 - 2016-01-17 09:07 - 00000000 ____D C:\Users\vivo\AppData\Roaming\Spyware Terminator
2016-01-17 09:07 - 2016-01-17 09:07 - 00000000 ____D C:\Users\vivo\AppData\LocalLow\Spyware Terminator
2016-01-17 09:07 - 2016-01-17 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
2016-01-17 09:06 - 2016-01-17 09:44 - 00000000 ____D C:\Program Files\Spyware Terminator
2016-01-17 08:46 - 2016-01-17 08:46 - 09641808 _____ (Crawler Group ) C:\Users\vivo\Downloads\SpywareTerminatorSetup.exe
2016-01-17 08:45 - 2016-01-17 08:45 - 00780256 _____ (Carifred) C:\Users\vivo\Downloads\UltraAdwareKiller(1).exe
2016-01-16 18:54 - 2016-01-16 21:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-15 15:03 - 2016-01-17 16:53 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-01-15 15:03 - 2016-01-17 16:53 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-01-15 15:03 - 2016-01-17 16:53 - 00000000 ____D C:\Program Files\osTip
2016-01-15 10:21 - 2016-01-15 10:21 - 00191488 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\hlvdd.dll
2016-01-15 10:21 - 2016-01-15 10:21 - 00047616 _____ (Aladdin Knowledge Systems) C:\Windows\system32\Drivers\Haspnt.sys
2016-01-15 10:21 - 2016-01-15 10:21 - 00006656 _____ (Aladdin Knowledge Systems.) C:\Windows\system32\haspvdd.dll
2016-01-15 10:21 - 2016-01-15 10:21 - 00000383 _____ C:\Windows\system32\haspdos.sys
2016-01-15 10:15 - 2016-01-15 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-15 10:15 - 2015-06-30 14:54 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2016-01-15 09:48 - 2016-01-15 09:48 - 00491127 _____ C:\Users\vivo\Desktop\Sem Título-1.psd
2016-01-15 08:23 - 2016-01-15 08:23 - 00000000 ____D C:\Users\vivo\AppData\Roaming\XBox
2016-01-14 15:25 - 2016-01-14 15:25 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-01-14 15:25 - 2016-01-14 15:25 - 00000000 ____D C:\ProgramData\Windows Update
2016-01-14 10:39 - 2016-01-13 20:32 - 00091144 _____ C:\Users\Public\Doc2.pdf
2016-01-13 14:02 - 2015-12-23 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 14:02 - 2015-12-12 16:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 14:02 - 2015-12-12 15:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 14:02 - 2015-12-12 15:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 14:02 - 2015-12-12 15:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 14:02 - 2015-12-12 15:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 14:02 - 2015-12-12 15:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 14:02 - 2015-12-12 15:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 14:02 - 2015-12-12 15:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 14:02 - 2015-12-12 15:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 14:02 - 2015-12-12 15:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 14:02 - 2015-12-12 15:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 14:02 - 2015-12-12 15:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 14:02 - 2015-12-12 15:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 14:02 - 2015-12-12 15:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 14:02 - 2015-12-12 15:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 14:02 - 2015-12-12 15:27 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 14:02 - 2015-12-12 15:22 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 14:02 - 2015-12-12 15:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 14:02 - 2015-12-12 15:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 14:02 - 2015-12-12 15:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 14:02 - 2015-12-12 15:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 14:02 - 2015-12-12 15:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 14:02 - 2015-12-12 15:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 14:02 - 2015-12-12 15:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 14:02 - 2015-12-12 15:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 14:02 - 2015-12-12 15:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 14:02 - 2015-12-12 14:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 14:02 - 2015-12-12 14:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 14:02 - 2015-12-12 14:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 14:01 - 2015-12-30 16:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-01-13 14:01 - 2015-12-30 16:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 14:01 - 2015-12-30 16:47 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 14:01 - 2015-12-30 16:47 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 14:01 - 2015-12-30 16:44 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 14:01 - 2015-12-30 16:40 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 14:01 - 2015-12-30 16:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 14:01 - 2015-12-30 16:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 14:01 - 2015-12-30 16:39 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 14:01 - 2015-12-30 16:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 14:01 - 2015-12-30 16:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 14:01 - 2015-12-30 16:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 14:01 - 2015-12-30 16:38 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 14:01 - 2015-12-30 16:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 14:01 - 2015-12-30 16:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 14:01 - 2015-12-30 15:38 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 14:01 - 2015-12-30 15:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 14:01 - 2015-12-30 15:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 14:01 - 2015-12-30 15:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 14:01 - 2015-12-30 15:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 14:01 - 2015-12-30 15:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 14:01 - 2015-12-30 15:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 14:01 - 2015-12-08 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 14:01 - 2015-11-16 22:45 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 14:01 - 2015-11-16 22:42 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 14:00 - 2015-12-30 16:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 14:00 - 2015-12-30 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 14:00 - 2015-12-30 16:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 14:00 - 2015-12-30 15:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 14:00 - 2015-12-30 15:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 13:59 - 2015-12-11 16:35 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 13:59 - 2015-12-08 19:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 13:59 - 2015-12-08 19:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 13:59 - 2015-12-08 19:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 13:59 - 2015-12-08 19:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 13:59 - 2015-12-08 19:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 13:59 - 2015-12-08 19:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 13:59 - 2015-12-08 19:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 13:59 - 2015-12-08 19:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 13:59 - 2015-12-08 19:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 13:59 - 2015-12-08 19:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 13:59 - 2015-12-08 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 13:59 - 2015-11-16 18:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 13:59 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 13:59 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 13:59 - 2015-11-13 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-12 17:47 - 2016-01-12 17:59 - 33026048 _____ C:\Users\vivo\Downloads\VAIQC0L4HD.rar.part
2016-01-12 09:28 - 2016-01-18 11:01 - 00212992 ___SH C:\Users\Public\Thumbs.db
2016-01-10 19:55 - 2016-01-16 18:57 - 00000000 ____D C:\Design
2016-01-10 19:52 - 2016-01-16 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wilcom 2006
2016-01-10 19:52 - 2016-01-16 18:57 - 00000000 ____D C:\Clipart
2016-01-10 19:52 - 2000-02-29 14:01 - 00013425 _____ C:\Windows\system32\W9XPPORT.VXD
2016-01-10 19:52 - 2000-02-21 14:00 - 00013712 _____ C:\Windows\system32\SYDEXFDD.VXD
2016-01-10 19:12 - 2016-01-10 19:12 - 00000000 _____ C:\Windows\PURREC.INI
2016-01-10 17:20 - 2007-03-15 14:48 - 00535807 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\hasplms.exe
2016-01-09 08:29 - 2016-01-09 08:29 - 00000000 ____D C:\Users\vivo\Desktop\Wilcom 2006 SP4 7
2016-01-09 08:29 - 2009-03-26 15:53 - 00056704 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2016-01-07 11:37 - 2016-01-07 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSizer Wilcom e3.0
2016-01-07 11:37 - 2016-01-07 11:37 - 00001892 _____ C:\Users\Public\Desktop\TrueSizer Wilcom e3.0.lnk
2016-01-07 11:37 - 2016-01-07 11:37 - 00000000 ____D C:\Samples - TrueSizer e3.0
2016-01-07 11:36 - 2016-01-07 11:36 - 00000000 ____D C:\Program Files\WinRAR
2016-01-07 11:35 - 2016-01-07 11:35 - 03332472 _____ C:\Users\vivo\Downloads\wrar530br.exe
2016-01-07 11:26 - 2016-01-07 11:28 - 00000000 ____D C:\Users\vivo\Desktop\Disco removível
2016-01-07 10:54 - 2016-01-07 11:05 - 501490579 _____ C:\Users\vivo\Downloads\Wilcom_9_SP4_FULL_CD_Multilanguage.rar
2016-01-07 10:53 - 2016-01-07 11:05 - 612050944 _____ C:\Users\vivo\Downloads\WILCOM9.iso
2016-01-07 10:51 - 2016-01-07 11:10 - 906090740 _____ C:\Users\vivo\Downloads\Wilcom 2006 SP4.zip
2016-01-05 16:00 - 2016-01-05 16:00 - 00007916 _____ C:\Users\vivo\Documents\cc_20160105_155945.reg
2016-01-05 16:00 - 2016-01-05 16:00 - 00000718 _____ C:\Users\vivo\Documents\cc_20160105_160045.reg
2016-01-05 14:54 - 2016-01-05 15:44 - 00000000 ____D C:\Vendas2.0
2016-01-05 09:39 - 2016-01-12 09:56 - 00000000 ____D C:\Windows\19
2016-01-04 16:32 - 2016-01-04 16:32 - 03019681 _____ C:\Users\vivo\Desktop\apresentaçãohpp.pdf
2016-01-04 16:01 - 2016-01-04 16:01 - 02604452 _____ C:\Users\vivo\Desktop\catalogo original3.pdf
2016-01-04 15:56 - 2016-01-04 16:30 - 10305499 _____ C:\Users\vivo\Desktop\catalogo original.pdf
2016-01-04 10:38 - 2016-01-17 11:11 - 00000000 ____D C:\Users\Todos os Usuários\AdobeCatchTemp
2016-01-04 10:38 - 2016-01-17 11:11 - 00000000 ____D C:\ProgramData\AdobeCatchTemp
2015-12-31 08:35 - 2016-01-17 16:50 - 00000000 ____D C:\Program Files\Valve
2015-12-31 08:35 - 2015-12-31 08:35 - 00001618 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2015-12-29 09:18 - 2015-12-29 11:39 - 00013312 ___SH C:\Users\vivo\Downloads\Thumbs.db
2015-12-28 10:27 - 2016-01-15 08:23 - 00000000 ____D C:\Users\Todos os Usuários\System32
2015-12-28 10:27 - 2016-01-15 08:23 - 00000000 ____D C:\ProgramData\System32
2015-12-28 09:56 - 2015-12-28 09:56 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2015-12-28 09:51 - 2015-12-25 07:18 - 04540096 _____ (${COMPANY_NAME}) C:\Users\Todos os Usuários\setup.exe
2015-12-28 09:51 - 2015-12-25 07:18 - 04540096 _____ (${COMPANY_NAME}) C:\ProgramData\setup.exe
2015-12-21 18:47 - 2015-12-21 18:47 - 39615463 _____ C:\Users\vivo\Downloads\Zipper vector templates.rar
2015-12-21 13:53 - 2015-12-17 14:31 - 02245032 _____ (UpAurora.COM) C:\Users\Todos os Usuários\UpAurora_1.0.0.3034__101br.exe
2015-12-21 13:53 - 2015-12-17 14:31 - 02245032 _____ (UpAurora.COM) C:\ProgramData\UpAurora_1.0.0.3034__101br.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-19 13:02 - 2015-11-14 22:36 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-19 12:56 - 2009-07-14 00:37 - 00000000 ____D C:\Windows
2016-01-19 08:28 - 2009-07-14 02:34 - 00024832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-19 08:28 - 2009-07-14 02:34 - 00024832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-19 08:12 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 14:00 - 2015-11-09 20:11 - 00000000 ____D C:\Users\Todos os Usuários\Ultra Adware Killer
2016-01-18 14:00 - 2015-11-09 20:11 - 00000000 ____D C:\ProgramData\Ultra Adware Killer
2016-01-18 13:58 - 2015-09-04 10:25 - 00002517 _____ C:\Users\vivo\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk
2016-01-18 13:58 - 2013-07-31 17:25 - 00000000 ____D C:\Program Files\Java
2016-01-18 11:32 - 2011-02-08 10:26 - 01748958 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-18 11:32 - 2009-07-14 06:31 - 00745724 _____ C:\Windows\system32\prfh0416.dat
2016-01-18 11:32 - 2009-07-14 06:31 - 00164532 _____ C:\Windows\system32\prfc0416.dat
2016-01-18 11:32 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf
2016-01-18 11:18 - 2014-11-02 08:17 - 00000000 ____D C:\Users\vivo\Desktop\loja
2016-01-18 08:55 - 2015-11-26 09:39 - 00002415 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-01-18 08:55 - 2015-11-26 09:39 - 00002415 _____ C:\ProgramData\xcgui_debug.txt
2016-01-18 08:35 - 2015-12-10 14:14 - 00000000 ____D C:\Users\vivo\AppData\Roaming\LightGate
2016-01-18 08:35 - 2015-11-29 12:26 - 00001165 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-18 08:35 - 2015-11-29 12:26 - 00001153 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-18 08:34 - 2009-07-14 02:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-17 13:20 - 2013-09-05 08:40 - 00000000 ____D C:\Windows\Minidump
2016-01-17 12:06 - 2015-10-30 21:05 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-17 12:06 - 2015-10-30 21:05 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-17 12:06 - 2013-08-03 18:53 - 00000008 __RSH C:\Users\vivo\ntuser.pol
2016-01-17 12:06 - 2013-07-30 15:01 - 00000000 ____D C:\Users\vivo
2016-01-17 09:33 - 2013-08-17 11:51 - 00000000 ____D C:\Program Files\HP
2016-01-17 08:15 - 2015-11-29 12:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-16 21:25 - 2013-07-30 17:57 - 00000000 ____D C:\Program Files\Google
2016-01-16 18:57 - 2015-09-16 17:04 - 00000000 ____D C:\Program Files\Wilcom
2016-01-15 15:04 - 2015-08-14 11:29 - 00002840 _____ C:\Users\vivo\Desktop\Photoshop - Atalho.lnk
2016-01-15 10:21 - 2009-07-14 00:04 - 00002731 _____ C:\Windows\system32\config.nt
2016-01-15 10:09 - 2015-09-09 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2016-01-14 15:01 - 2009-07-14 02:33 - 00500800 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 14:58 - 2014-12-23 11:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 14:58 - 2014-08-21 14:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 09:08 - 2013-08-12 19:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-01-14 09:08 - 2013-08-12 19:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-14 08:57 - 2013-08-14 19:08 - 00000000 ____D C:\Windows\system32\MRT
2016-01-14 08:43 - 2011-02-09 15:22 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 10:40 - 2013-08-17 11:17 - 00000000 ____D C:\Users\vivo\AppData\Local\ElevatedDiagnostics
2016-01-11 14:04 - 2013-08-17 12:05 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-01-11 14:04 - 2013-08-17 12:05 - 00000000 ____D C:\ProgramData\HP
2016-01-09 08:37 - 2013-10-08 09:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-01-07 11:42 - 2013-11-19 13:40 - 00139800 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2016-01-07 11:39 - 2015-09-16 17:41 - 00000000 ____D C:\Program Files\Common Files\Wilcom
2016-01-07 11:37 - 2011-02-08 10:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-01-07 11:36 - 2013-08-12 19:26 - 00000000 ____D C:\Users\vivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-07 11:36 - 2013-08-12 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-05 09:48 - 2015-07-01 14:09 - 00125440 ___SH C:\Users\Public\Downloads\Thumbs.db
2016-01-04 11:51 - 2015-07-01 11:06 - 00134144 ___SH C:\Users\Public\Documents\Thumbs.db
2015-12-30 18:02 - 2015-07-01 15:27 - 00000000 ____D C:\Users\Public\Downloads\Images
2015-12-30 11:23 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\rescache
2015-12-30 09:48 - 2015-06-30 18:11 - 00000000 ____D C:\Users\Public\Documents\silk sert
2015-12-30 09:48 - 2015-06-30 17:44 - 00000000 ____D C:\Users\Public\Documents\rafael
2015-12-30 08:51 - 2015-06-30 14:16 - 00000000 ____D C:\Users\Public\Documents\documentos
2015-12-29 12:10 - 2009-07-14 02:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-29 11:46 - 2015-06-30 17:39 - 00000000 ____D C:\Users\Public\Documents\nicolas
2015-12-29 11:45 - 2015-06-30 13:58 - 00000000 ____D C:\Users\Public\Documents\daps
2015-12-29 09:18 - 2015-06-30 17:15 - 00000000 ____D C:\Users\Public\Documents\IMPACTO JOVEM
2015-12-28 17:02 - 2015-11-14 22:36 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-28 17:02 - 2015-11-14 22:36 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-22 11:03 - 2015-12-18 19:08 - 00000000 ____D C:\Program Files\EmissaoRecibo
2015-12-21 13:36 - 2015-04-13 21:09 - 00000000 ___SD C:\Windows\system32\GWX
==================== Arquivos na raiz de alguns diretórios =======
2015-04-19 10:20 - 2015-11-03 00:40 - 0000626 _____ () C:\Users\vivo\AppData\Roaming\7v1sqeZDM0j5Dlzrkf4THVI6K
2013-09-28 17:42 - 2013-09-28 17:42 - 0000173 _____ () C:\Users\vivo\AppData\Local\msmathematics.qat.vivo
2015-10-04 19:59 - 2015-10-04 19:59 - 0007605 _____ () C:\Users\vivo\AppData\Local\Resmon.ResmonCfg
2014-09-04 19:02 - 2014-09-04 19:02 - 0000000 _____ () C:\Users\vivo\AppData\Local\{69BF3879-4D49-4D31-B1FC-509AF90248E9}
2015-12-15 09:03 - 2015-12-15 13:50 - 1852416 _____ () C:\ProgramData\carssb.exe
2015-12-15 09:00 - 2015-11-26 07:58 - 4127064 _____ () C:\ProgramData\ch_dl_url
2011-02-08 10:29 - 2011-02-08 10:29 - 0489984 _____ () C:\ProgramData\Dri10.tmp
2011-02-08 10:29 - 2011-02-08 10:29 - 16700416 _____ (OEM) C:\ProgramData\E2010.tmp
2016-01-17 17:36 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-01-11 14:04 - 2016-01-11 14:06 - 0000349 _____ () C:\ProgramData\hpzinstall.log
2015-12-04 12:23 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-01-17 17:23 - 2016-01-14 07:46 - 2412032 _____ () C:\ProgramData\msiql.exe
2015-12-28 09:51 - 2015-12-25 07:18 - 4540096 _____ (${COMPANY_NAME}) C:\ProgramData\setup.exe
2015-12-21 13:53 - 2015-12-17 14:31 - 2245032 _____ (UpAurora.COM) C:\ProgramData\UpAurora_1.0.0.3034__101br.exe
2015-11-11 18:37 - 2015-11-02 10:19 - 1202560 _____ (Beijing Fantasy Game Network Technology Co., Ltd.) C:\ProgramData\upcinst.exe
2015-10-29 23:01 - 2015-10-16 06:43 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2016-01-17 12:14 - 2016-01-18 08:35 - 0006413 _____ () C:\ProgramData\webad.xml
2015-11-26 09:39 - 2016-01-18 08:55 - 0002415 _____ () C:\ProgramData\xcgui_debug.txt
2015-12-11 06:02 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Temp\00003575\casrss.exe
C:\ProgramData\carssb.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\setup.exe
C:\ProgramData\UpAurora_1.0.0.3034__101br.exe
C:\ProgramData\upcinst.exe
C:\ProgramData\upgsvr.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\carssb.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\setup.exe
C:\Users\Todos os Usuários\UpAurora_1.0.0.3034__101br.exe
C:\Users\Todos os Usuários\upcinst.exe
C:\Users\Todos os Usuários\upgsvr.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
Alguns arquivos em TEMP:
====================
C:\Users\vivo\AppData\Local\Temp\a5l7rqig.dll
C:\Users\vivo\AppData\Local\Temp\Advanced System Protector v2.1 Full Serial Keys__3111_il2323544.exe
C:\Users\vivo\AppData\Local\Temp\BgonAfijAkJWrknyelll.DLL
C:\Users\vivo\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\vivo\AppData\Local\Temp\fsd5D8A.exe
C:\Users\vivo\AppData\Local\Temp\InstallHelper.exe
C:\Users\vivo\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\vivo\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\vivo\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe
C:\Users\vivo\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\vivo\AppData\Local\Temp\RegSetup.exe
C:\Users\vivo\AppData\Local\Temp\siuninst.exe
C:\Users\vivo\AppData\Local\Temp\sqlite3.dll
C:\Users\vivo\AppData\Local\Temp\startw.exe
C:\Users\vivo\AppData\Local\Temp\ulewntpSuwcWqhHlPZTj.DLL
C:\Users\vivo\AppData\Local\Temp\ultimate_pc_cleaner.exe
C:\Users\vivo\AppData\Local\Temp\UninstallModule.exe
C:\Users\vivo\AppData\Local\Temp\unpack.exe
C:\Users\vivo\AppData\Local\Temp\uXGFHopnJF.DLL
C:\Users\vivo\AppData\Local\Temp\yqmGTubvrRevLtLQbZHE.DLL
C:\Users\vivo\AppData\Local\Temp\ytb.exe
C:\Users\vivo\AppData\Local\Temp\_shfoldr.dll
C:\Users\vivo\AppData\Local\Temp\_unps.exe
C:\Users\vivo\AppData\Local\Temp\_WUTL95.DLL
Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\host27nt.dll
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-09 09:57
==================== Fim de FRST.txt ============================
Executado por vivo (administrador) em CEBOLA_NET (19-01-2016 12:56:32)
Executando a partir de C:\Users\vivo\Downloads
Perfis Carregados: vivo (Perfis Disponíveis: vivo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
() C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
() C:\Program Files\ASP\AdvancedSystemProtector.exe
() C:\Program Files\SystemHealer\SystemHealer.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\st_rsser.exe
(DotC United Inc) C:\Program Files\MPC Cleaner\MPCTray.exe
() C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe
() C:\Users\vivo\AppData\Roaming\XBox\XBLive.exe
(Irrational Number Applications) C:\ProgramData\EaCNKaIq\DlAnIvEtxGn.exe
() C:\ProgramData\Ancropafe\1.0.7.1\erwrolnu.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe
() C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe
() C:\Program Files\CalendarTool\2.0.0.11153\calendar.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(DotC United Inc) C:\Program Files\MPC Cleaner\MPCNews.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [18944 2013-03-05] (A.E.T. Europe B.V.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [5318992 2015-12-17] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [5557584 2015-12-17] (Crawler Group, LLC)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-08-19] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1905664 2016-01-16] ()
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\MountPoints2: {7b36672b-0739-11e3-9858-0090f5e162e3} - D:\SISetup.exe
HKU\S-1-5-18\...\Run: [Pritc] => C:\Windows\Temp\00003575\casrss.exe [2980352 2016-01-17] (VLOME) <===== ATENÇÃO
HKU\S-1-5-18\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [1905664 2016-01-16] ()
HKU\S-1-5-18\...\Run: [-] => c:\programdata\msiql.exe [2412032 2016-01-14] ()
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1896320 2015-08-19] (Banco do Brasil)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-30] (Avast Software s.r.o.)
BootExecute: sasnative32autocheck autochk *
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll [2771896 2015-12-30] ()
Tcpip\Parameters: [DhcpNameServer] 189.39.152.35 189.39.152.45
Tcpip\..\Interfaces\{510BB6E6-DF01-4666-A571-7668D1B54E37}: [DhcpNameServer] 189.39.152.35 189.39.152.45
Tcpip\..\Interfaces\{92909C5A-44F2-4906-A6A4-75EB386B086F}: [DhcpNameServer] 189.39.152.35 189.39.152.45
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-2498198735-273976222-1782081069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
URLSearchHook: HKU\S-1-5-21-2498198735-273976222-1782081069-1001 - (Sem Nome) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Nenhum Arquivo
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9317D6B6-D3BE-4619-9C89-B8E4D5C806B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=POSTDF&pc=POS2&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2498198735-273976222-1782081069-1001 -> DefaultScope {8D38BB1A-E8D7-4441-B21B-334FA4D1CE38} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2498198735-273976222-1782081069-1001 -> {8D38BB1A-E8D7-4441-B21B-334FA4D1CE38} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files\Spyware Terminator\STInternetGuard.dll [2015-12-17] (Crawler Group, LLC)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-08-19] (Banco do Brasil)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Nenhum Arquivo
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Nenhum Arquivo
FireFox:
========
FF ProfilePath: C:\Users\vivo\AppData\Roaming\Mozilla\Firefox\Profiles\n2iyvjrs.default-1453037212354
FF Homepage: hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=4fabd2b1af767563bf38c7edf7352b4f
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-15]
FF HKU\S-1-5-21-2498198735-273976222-1782081069-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\vivo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-09]
CHR Extension: (Google Docs) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-09]
CHR Extension: (Google Drive) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-09]
CHR Extension: (YouTube) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-09]
CHR Extension: (Google Search) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Documentos Google off-line) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Avast Online Security) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-11]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09]
CHR Extension: (Gmail) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-09]
CHR Extension: (scroll back to top) - C:\Users\vivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmopfkbilpnoidiclofkppbgppapnjeh [2015-12-31]
CHR Extension: () - C:\Users\vivo\AppData\Local\Experience Extension\Component [2015-11-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-30]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-30] (Avast Software)
R2 DlAnIvEtxGn; C:\ProgramData\EaCNKaIq\DlAnIvEtxGn.exe [3002360 2016-01-17] (Irrational Number Applications)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-10-16] (TODO: <公司名>) [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-01-14] (TODO: ) [Arquivo não assinado]
S2 hasplms; C:\Windows\system32\hasplms.exe [535807 2007-03-15] (Aladdin Knowledge Systems Ltd.) [Arquivo não assinado]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2283296 2016-01-17] (IObit)
S2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [349152 2016-01-17] (DotC United Inc)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [2114384 2015-12-17] (Crawler Group, LLC) [Arquivo não assinado]
R2 TheCalendarService; C:\Program Files\CalendarTool\2.0.0.11153\CalendarServ.exe [153224 2015-12-10] ()
R2 WajaNetEn Monitor; C:\Program Files\WajaNetEn\bde72a8dc6eba2c602b262b1c7a1da23.exe [2314752 2016-01-13] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 XBox; C:\Users\vivo\AppData\Roaming\XBox\XBLive.exe [7142328 2015-12-08] ()
S2 WindowsSecurity; C:\Windows\system32\config\systemprofile\AppData\Roaming\winsecurity\winsecurity.exe [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [438640 2015-09-23] (SafeNet Inc.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [261464 2015-09-23] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [313624 2015-09-23] (SafeNet Inc.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-30] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-30] ()
S3 cxbu0wdm; C:\Windows\System32\DRIVERS\cxbu0wdm.sys [131064 2014-04-05] (HID Global Corporation)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [Arquivo não assinado]
R0 MPCBase; C:\Windows\System32\drivers\MPCBase.sys [29032 2016-01-17] (DotC United Inc)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [52968 2016-01-17] (DotC United Inc)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [56704 2009-03-26] (Chingachguk & Denger2k (Elite & SP edition)) [Arquivo não assinado]
R1 Ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-12-30] (GAS Tecnologia)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [726120 2011-12-22] (Realtek Semiconductor Corporation )
R2 SoilIO; C:\Windows\system32\Drivers\SoilIO.sys [16248 2009-12-04] ()
R3 soilkbc; C:\Windows\system32\Drivers\soilkbc.sys [10744 2009-12-04] (Systems Internals)
R3 SoilMC; C:\Windows\system32\Drivers\SoilMC.sys [10616 2009-12-04] (Systems Internals)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [Arquivo não assinado]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-30] (Avast Software)
R3 vpcbus; C:\Windows\system32\drivers\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 NdisrdMP; system32\DRIVERS\gbpndisrd.sys [X]
S3 STHDA; system32\DRIVERS\stwrt.sys [X]
S1 UGProtect; \??\C:\Program Files\UPCleaner\1.1.30.13470\UGProtect.sys [X]
U5 wntpport; C:\Windows\System32\Drivers\wntpport.sys [28416 2001-01-19] (Vireo Software) [Arquivo não assinado]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-19 12:56 - 2016-01-19 12:58 - 00016476 _____ C:\Users\vivo\Downloads\FRST.txt
2016-01-19 12:55 - 2016-01-19 12:56 - 00000000 ____D C:\FRST
2016-01-19 12:55 - 2016-01-19 12:55 - 01721856 _____ (Farbar) C:\Users\vivo\Downloads\FRST.exe
2016-01-19 12:51 - 2016-01-19 12:51 - 01136375 _____ C:\Users\vivo\Desktop\fachada.psd
2016-01-19 08:18 - 2016-01-19 08:18 - 00000000 ____D C:\Program Files\CalendarTool
2016-01-19 08:12 - 2016-01-19 08:12 - 00001687 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-01-19 08:12 - 2016-01-19 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-01-18 09:03 - 2016-01-18 09:03 - 00000000 ____D C:\Users\vivo\AppData\LocalLow\mystarttb
2016-01-18 08:40 - 2016-01-18 08:40 - 00000000 ____D C:\Users\Todos os Usuários\Browser
2016-01-18 08:40 - 2016-01-18 08:40 - 00000000 ____D C:\ProgramData\Browser
2016-01-17 22:41 - 2016-01-17 22:41 - 01069796 _____ C:\Users\vivo\Downloads\Advanced System Protector v2.1 Full Serial Keys__3111_il2323544.rar
2016-01-17 22:26 - 2016-01-17 22:26 - 00000000 ____D C:\Users\vivo\AppData\Local\gmsd_br_004010210
2016-01-17 17:38 - 2016-01-17 17:38 - 00000000 ____D C:\Users\Todos os Usuários\736c6878-4e95-0
2016-01-17 17:38 - 2016-01-17 17:38 - 00000000 ____D C:\ProgramData\736c6878-4e95-0
2016-01-17 17:36 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-01-17 17:36 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-01-17 17:35 - 2016-01-17 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaNetEn
2016-01-17 17:34 - 2016-01-19 08:12 - 00000264 _____ C:\Windows\Tasks\System HealerStartUp.job
2016-01-17 17:34 - 2016-01-17 22:25 - 00000264 _____ C:\Windows\Tasks\System HealerPeriod.job
2016-01-17 17:34 - 2016-01-17 17:35 - 00000000 ____D C:\Program Files\WajaNetEn
2016-01-17 17:33 - 2016-01-17 17:34 - 00000000 ____D C:\Program Files\SystemHealer
2016-01-17 17:33 - 2016-01-17 17:33 - 00000000 ____D C:\Users\Todos os Usuários\736c6878-29d3-1
2016-01-17 17:33 - 2016-01-17 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2016-01-17 17:33 - 2016-01-17 17:33 - 00000000 ____D C:\ProgramData\736c6878-29d3-1
2016-01-17 17:32 - 2016-01-17 17:32 - 00000000 ____D C:\Users\Todos os Usuários\Ancropafe
2016-01-17 17:32 - 2016-01-17 17:32 - 00000000 ____D C:\ProgramData\Ancropafe
2016-01-17 17:28 - 2016-01-18 16:50 - 00000000 ____D C:\Users\vivo\AppData\Local\WebShield
2016-01-17 17:27 - 2016-01-17 17:29 - 00000000 ____D C:\Users\Todos os Usuários\EaCNKaIq
2016-01-17 17:27 - 2016-01-17 17:29 - 00000000 ____D C:\ProgramData\EaCNKaIq
2016-01-17 17:26 - 2016-01-17 22:34 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-01-17 17:26 - 2016-01-17 17:27 - 00000000 ____D C:\Users\Todos os Usuários\WebShield
2016-01-17 17:26 - 2016-01-17 17:27 - 00000000 ____D C:\ProgramData\WebShield
2016-01-17 17:26 - 2016-01-17 17:27 - 00000000 ____D C:\Program Files\gmsd_br_004010210
2016-01-17 17:26 - 2016-01-17 17:26 - 00052968 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-01-17 17:26 - 2016-01-17 17:26 - 00029032 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCBase.sys
2016-01-17 17:26 - 2016-01-17 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
2016-01-17 17:25 - 2016-01-17 17:25 - 00000216 _____ C:\Windows\Tasks\dsmonitor.job
2016-01-17 17:25 - 2016-01-17 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-01-17 17:24 - 2016-01-17 17:26 - 00000000 ____D C:\Program Files\mystarttb
2016-01-17 17:24 - 2016-01-17 17:24 - 00000000 ____D C:\Program Files\Uniblue
2016-01-17 17:23 - 2016-01-17 17:24 - 00000000 ____D C:\Program Files\OLBPre
2016-01-17 17:23 - 2016-01-14 07:46 - 02412032 _____ C:\Users\Todos os Usuários\msiql.exe
2016-01-17 17:23 - 2016-01-14 07:46 - 02412032 _____ C:\ProgramData\msiql.exe
2016-01-17 16:53 - 2016-01-17 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ttwifi
2016-01-17 16:53 - 2016-01-17 16:53 - 00000000 ____D C:\Program Files\ttwifi
2016-01-17 16:37 - 2016-01-17 16:37 - 00000000 ____D C:\Users\vivo\AppData\Roaming\ASP
2016-01-17 14:10 - 2016-01-17 14:10 - 00000000 ____D C:\Users\vivo\AppData\Roaming\Systweak
2016-01-17 14:09 - 2016-01-17 16:49 - 00000000 ____D C:\Program Files\ASP
2016-01-17 14:09 - 2016-01-17 14:09 - 00000999 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\Users\vivo\AppData\Local\Systweak
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\Users\Todos os Usuários\Systweak
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\ProgramData\Systweak
2016-01-17 14:09 - 2016-01-17 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2016-01-17 14:09 - 2015-11-20 16:13 - 00017872 _____ C:\Windows\system32\sasnative32.exe
2016-01-17 14:08 - 2016-01-17 14:08 - 05822720 _____ (Advanced System Protector ) C:\Users\vivo\Downloads\aspsetup.exe
2016-01-17 13:57 - 2016-01-19 09:29 - 00000000 ____D C:\Users\vivo\AppData\Roaming\CalendarTool
2016-01-17 13:56 - 2016-01-17 13:56 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-01-17 13:55 - 2016-01-17 13:55 - 00002109 _____ C:\Users\vivo\Desktop\AdwCleaner[C8].txt
2016-01-17 13:52 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2016-01-17 13:33 - 2016-01-17 13:33 - 02370560 _____ (Farbar) C:\Users\vivo\Downloads\FRST64.exe
2016-01-17 13:20 - 2016-01-17 13:20 - 395234850 _____ C:\Windows\MEMORY.DMP
2016-01-17 13:20 - 2016-01-17 13:20 - 00143776 _____ C:\Windows\Minidump\011716-28111-01.dmp
2016-01-17 13:02 - 2016-01-17 13:02 - 00000000 ____D C:\Users\vivo\AppData\Roaming\ProductData
2016-01-17 13:01 - 2016-01-17 13:02 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-01-17 13:01 - 2016-01-17 13:02 - 00000000 ____D C:\ProgramData\IObit
2016-01-17 13:01 - 2016-01-17 13:01 - 00000000 ____D C:\Users\vivo\AppData\LocalLow\IObit
2016-01-17 13:00 - 2016-01-17 13:01 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-01-17 13:00 - 2016-01-17 13:01 - 00000000 ____D C:\ProgramData\ProductData
2016-01-17 12:58 - 2016-01-17 13:01 - 00000000 ____D C:\Program Files\IObit
2016-01-17 12:56 - 2016-01-17 12:56 - 00000000 ____D C:\Users\vivo\AppData\Roaming\IObit
2016-01-17 12:54 - 2016-01-17 12:56 - 17091360 _____ (IObit) C:\Users\vivo\Downloads\iobituninstaller-pro.exe
2016-01-17 12:14 - 2016-01-18 08:35 - 00006413 _____ C:\Users\Todos os Usuários\webad.xml
2016-01-17 12:14 - 2016-01-18 08:35 - 00006413 _____ C:\ProgramData\webad.xml
2016-01-17 11:27 - 2016-01-17 11:27 - 00000000 ____D C:\Users\vivo\Desktop\Dados anteriores do Firefox
2016-01-17 11:08 - 2016-01-17 13:49 - 00000000 ____D C:\AdwCleaner
2016-01-17 09:07 - 2016-01-19 09:04 - 00000000 ____D C:\Users\Todos os Usuários\Spyware Terminator
2016-01-17 09:07 - 2016-01-19 09:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2016-01-17 09:07 - 2016-01-17 09:07 - 00001008 _____ C:\Users\Public\Desktop\Spyware Terminator 2015.lnk
2016-01-17 09:07 - 2016-01-17 09:07 - 00000000 ____D C:\Users\vivo\AppData\Roaming\Spyware Terminator
2016-01-17 09:07 - 2016-01-17 09:07 - 00000000 ____D C:\Users\vivo\AppData\LocalLow\Spyware Terminator
2016-01-17 09:07 - 2016-01-17 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
2016-01-17 09:06 - 2016-01-17 09:44 - 00000000 ____D C:\Program Files\Spyware Terminator
2016-01-17 08:46 - 2016-01-17 08:46 - 09641808 _____ (Crawler Group ) C:\Users\vivo\Downloads\SpywareTerminatorSetup.exe
2016-01-17 08:45 - 2016-01-17 08:45 - 00780256 _____ (Carifred) C:\Users\vivo\Downloads\UltraAdwareKiller(1).exe
2016-01-16 18:54 - 2016-01-16 21:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-15 15:03 - 2016-01-17 16:53 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-01-15 15:03 - 2016-01-17 16:53 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-01-15 15:03 - 2016-01-17 16:53 - 00000000 ____D C:\Program Files\osTip
2016-01-15 10:21 - 2016-01-15 10:21 - 00191488 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\hlvdd.dll
2016-01-15 10:21 - 2016-01-15 10:21 - 00047616 _____ (Aladdin Knowledge Systems) C:\Windows\system32\Drivers\Haspnt.sys
2016-01-15 10:21 - 2016-01-15 10:21 - 00006656 _____ (Aladdin Knowledge Systems.) C:\Windows\system32\haspvdd.dll
2016-01-15 10:21 - 2016-01-15 10:21 - 00000383 _____ C:\Windows\system32\haspdos.sys
2016-01-15 10:15 - 2016-01-15 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-15 10:15 - 2015-06-30 14:54 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2016-01-15 09:48 - 2016-01-15 09:48 - 00491127 _____ C:\Users\vivo\Desktop\Sem Título-1.psd
2016-01-15 08:23 - 2016-01-15 08:23 - 00000000 ____D C:\Users\vivo\AppData\Roaming\XBox
2016-01-14 15:25 - 2016-01-14 15:25 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-01-14 15:25 - 2016-01-14 15:25 - 00000000 ____D C:\ProgramData\Windows Update
2016-01-14 10:39 - 2016-01-13 20:32 - 00091144 _____ C:\Users\Public\Doc2.pdf
2016-01-13 14:02 - 2015-12-23 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 14:02 - 2015-12-12 16:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 14:02 - 2015-12-12 15:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 14:02 - 2015-12-12 15:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 14:02 - 2015-12-12 15:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 14:02 - 2015-12-12 15:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 14:02 - 2015-12-12 15:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 14:02 - 2015-12-12 15:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 14:02 - 2015-12-12 15:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 14:02 - 2015-12-12 15:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 14:02 - 2015-12-12 15:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 14:02 - 2015-12-12 15:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 14:02 - 2015-12-12 15:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 14:02 - 2015-12-12 15:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 14:02 - 2015-12-12 15:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 14:02 - 2015-12-12 15:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 14:02 - 2015-12-12 15:27 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 14:02 - 2015-12-12 15:22 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 14:02 - 2015-12-12 15:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 14:02 - 2015-12-12 15:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 14:02 - 2015-12-12 15:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 14:02 - 2015-12-12 15:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 14:02 - 2015-12-12 15:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 14:02 - 2015-12-12 15:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 14:02 - 2015-12-12 15:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 14:02 - 2015-12-12 15:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 14:02 - 2015-12-12 15:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 14:02 - 2015-12-12 15:00 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 14:02 - 2015-12-12 14:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 14:02 - 2015-12-12 14:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 14:02 - 2015-12-12 14:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 14:01 - 2015-12-30 16:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-01-13 14:01 - 2015-12-30 16:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 14:01 - 2015-12-30 16:47 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 14:01 - 2015-12-30 16:47 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 14:01 - 2015-12-30 16:44 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 14:01 - 2015-12-30 16:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 14:01 - 2015-12-30 16:40 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 14:01 - 2015-12-30 16:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 14:01 - 2015-12-30 16:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 14:01 - 2015-12-30 16:39 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 14:01 - 2015-12-30 16:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 14:01 - 2015-12-30 16:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 14:01 - 2015-12-30 16:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 14:01 - 2015-12-30 16:38 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 14:01 - 2015-12-30 16:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 14:01 - 2015-12-30 16:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 14:01 - 2015-12-30 15:38 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 14:01 - 2015-12-30 15:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 14:01 - 2015-12-30 15:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 14:01 - 2015-12-30 15:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 14:01 - 2015-12-30 15:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 14:01 - 2015-12-30 15:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 14:01 - 2015-12-30 15:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 14:01 - 2015-12-08 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 14:01 - 2015-11-16 22:45 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 14:01 - 2015-11-16 22:42 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 14:01 - 2015-11-16 22:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 14:00 - 2015-12-30 16:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 14:00 - 2015-12-30 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 14:00 - 2015-12-30 16:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 14:00 - 2015-12-30 15:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 14:00 - 2015-12-30 15:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 13:59 - 2015-12-11 16:35 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 13:59 - 2015-12-08 19:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 13:59 - 2015-12-08 19:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 13:59 - 2015-12-08 19:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 13:59 - 2015-12-08 19:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 13:59 - 2015-12-08 19:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 13:59 - 2015-12-08 19:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 13:59 - 2015-12-08 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 13:59 - 2015-12-08 19:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 13:59 - 2015-12-08 19:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 13:59 - 2015-12-08 19:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 13:59 - 2015-12-08 19:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 13:59 - 2015-12-08 19:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 13:59 - 2015-12-08 19:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 13:59 - 2015-12-08 19:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 13:59 - 2015-11-16 18:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 13:59 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 13:59 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 13:59 - 2015-11-13 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-12 17:47 - 2016-01-12 17:59 - 33026048 _____ C:\Users\vivo\Downloads\VAIQC0L4HD.rar.part
2016-01-12 09:28 - 2016-01-18 11:01 - 00212992 ___SH C:\Users\Public\Thumbs.db
2016-01-10 19:55 - 2016-01-16 18:57 - 00000000 ____D C:\Design
2016-01-10 19:52 - 2016-01-16 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wilcom 2006
2016-01-10 19:52 - 2016-01-16 18:57 - 00000000 ____D C:\Clipart
2016-01-10 19:52 - 2000-02-29 14:01 - 00013425 _____ C:\Windows\system32\W9XPPORT.VXD
2016-01-10 19:52 - 2000-02-21 14:00 - 00013712 _____ C:\Windows\system32\SYDEXFDD.VXD
2016-01-10 19:12 - 2016-01-10 19:12 - 00000000 _____ C:\Windows\PURREC.INI
2016-01-10 17:20 - 2007-03-15 14:48 - 00535807 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\hasplms.exe
2016-01-09 08:29 - 2016-01-09 08:29 - 00000000 ____D C:\Users\vivo\Desktop\Wilcom 2006 SP4 7
2016-01-09 08:29 - 2009-03-26 15:53 - 00056704 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2016-01-07 11:37 - 2016-01-07 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSizer Wilcom e3.0
2016-01-07 11:37 - 2016-01-07 11:37 - 00001892 _____ C:\Users\Public\Desktop\TrueSizer Wilcom e3.0.lnk
2016-01-07 11:37 - 2016-01-07 11:37 - 00000000 ____D C:\Samples - TrueSizer e3.0
2016-01-07 11:36 - 2016-01-07 11:36 - 00000000 ____D C:\Program Files\WinRAR
2016-01-07 11:35 - 2016-01-07 11:35 - 03332472 _____ C:\Users\vivo\Downloads\wrar530br.exe
2016-01-07 11:26 - 2016-01-07 11:28 - 00000000 ____D C:\Users\vivo\Desktop\Disco removível
2016-01-07 10:54 - 2016-01-07 11:05 - 501490579 _____ C:\Users\vivo\Downloads\Wilcom_9_SP4_FULL_CD_Multilanguage.rar
2016-01-07 10:53 - 2016-01-07 11:05 - 612050944 _____ C:\Users\vivo\Downloads\WILCOM9.iso
2016-01-07 10:51 - 2016-01-07 11:10 - 906090740 _____ C:\Users\vivo\Downloads\Wilcom 2006 SP4.zip
2016-01-05 16:00 - 2016-01-05 16:00 - 00007916 _____ C:\Users\vivo\Documents\cc_20160105_155945.reg
2016-01-05 16:00 - 2016-01-05 16:00 - 00000718 _____ C:\Users\vivo\Documents\cc_20160105_160045.reg
2016-01-05 14:54 - 2016-01-05 15:44 - 00000000 ____D C:\Vendas2.0
2016-01-05 09:39 - 2016-01-12 09:56 - 00000000 ____D C:\Windows\19
2016-01-04 16:32 - 2016-01-04 16:32 - 03019681 _____ C:\Users\vivo\Desktop\apresentaçãohpp.pdf
2016-01-04 16:01 - 2016-01-04 16:01 - 02604452 _____ C:\Users\vivo\Desktop\catalogo original3.pdf
2016-01-04 15:56 - 2016-01-04 16:30 - 10305499 _____ C:\Users\vivo\Desktop\catalogo original.pdf
2016-01-04 10:38 - 2016-01-17 11:11 - 00000000 ____D C:\Users\Todos os Usuários\AdobeCatchTemp
2016-01-04 10:38 - 2016-01-17 11:11 - 00000000 ____D C:\ProgramData\AdobeCatchTemp
2015-12-31 08:35 - 2016-01-17 16:50 - 00000000 ____D C:\Program Files\Valve
2015-12-31 08:35 - 2015-12-31 08:35 - 00001618 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2015-12-29 09:18 - 2015-12-29 11:39 - 00013312 ___SH C:\Users\vivo\Downloads\Thumbs.db
2015-12-28 10:27 - 2016-01-15 08:23 - 00000000 ____D C:\Users\Todos os Usuários\System32
2015-12-28 10:27 - 2016-01-15 08:23 - 00000000 ____D C:\ProgramData\System32
2015-12-28 09:56 - 2015-12-28 09:56 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2015-12-28 09:51 - 2015-12-25 07:18 - 04540096 _____ (${COMPANY_NAME}) C:\Users\Todos os Usuários\setup.exe
2015-12-28 09:51 - 2015-12-25 07:18 - 04540096 _____ (${COMPANY_NAME}) C:\ProgramData\setup.exe
2015-12-21 18:47 - 2015-12-21 18:47 - 39615463 _____ C:\Users\vivo\Downloads\Zipper vector templates.rar
2015-12-21 13:53 - 2015-12-17 14:31 - 02245032 _____ (UpAurora.COM) C:\Users\Todos os Usuários\UpAurora_1.0.0.3034__101br.exe
2015-12-21 13:53 - 2015-12-17 14:31 - 02245032 _____ (UpAurora.COM) C:\ProgramData\UpAurora_1.0.0.3034__101br.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-19 13:02 - 2015-11-14 22:36 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-19 12:56 - 2009-07-14 00:37 - 00000000 ____D C:\Windows
2016-01-19 08:28 - 2009-07-14 02:34 - 00024832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-19 08:28 - 2009-07-14 02:34 - 00024832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-19 08:12 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 14:00 - 2015-11-09 20:11 - 00000000 ____D C:\Users\Todos os Usuários\Ultra Adware Killer
2016-01-18 14:00 - 2015-11-09 20:11 - 00000000 ____D C:\ProgramData\Ultra Adware Killer
2016-01-18 13:58 - 2015-09-04 10:25 - 00002517 _____ C:\Users\vivo\Desktop\Emissor de Nota Fiscal Eletronica (NF-e) 3.10.lnk
2016-01-18 13:58 - 2013-07-31 17:25 - 00000000 ____D C:\Program Files\Java
2016-01-18 11:32 - 2011-02-08 10:26 - 01748958 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-18 11:32 - 2009-07-14 06:31 - 00745724 _____ C:\Windows\system32\prfh0416.dat
2016-01-18 11:32 - 2009-07-14 06:31 - 00164532 _____ C:\Windows\system32\prfc0416.dat
2016-01-18 11:32 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf
2016-01-18 11:18 - 2014-11-02 08:17 - 00000000 ____D C:\Users\vivo\Desktop\loja
2016-01-18 08:55 - 2015-11-26 09:39 - 00002415 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-01-18 08:55 - 2015-11-26 09:39 - 00002415 _____ C:\ProgramData\xcgui_debug.txt
2016-01-18 08:35 - 2015-12-10 14:14 - 00000000 ____D C:\Users\vivo\AppData\Roaming\LightGate
2016-01-18 08:35 - 2015-11-29 12:26 - 00001165 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-18 08:35 - 2015-11-29 12:26 - 00001153 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-18 08:34 - 2009-07-14 02:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-17 13:20 - 2013-09-05 08:40 - 00000000 ____D C:\Windows\Minidump
2016-01-17 12:06 - 2015-10-30 21:05 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-17 12:06 - 2015-10-30 21:05 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-17 12:06 - 2013-08-03 18:53 - 00000008 __RSH C:\Users\vivo\ntuser.pol
2016-01-17 12:06 - 2013-07-30 15:01 - 00000000 ____D C:\Users\vivo
2016-01-17 09:33 - 2013-08-17 11:51 - 00000000 ____D C:\Program Files\HP
2016-01-17 08:15 - 2015-11-29 12:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-16 21:25 - 2013-07-30 17:57 - 00000000 ____D C:\Program Files\Google
2016-01-16 18:57 - 2015-09-16 17:04 - 00000000 ____D C:\Program Files\Wilcom
2016-01-15 15:04 - 2015-08-14 11:29 - 00002840 _____ C:\Users\vivo\Desktop\Photoshop - Atalho.lnk
2016-01-15 10:21 - 2009-07-14 00:04 - 00002731 _____ C:\Windows\system32\config.nt
2016-01-15 10:09 - 2015-09-09 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2016-01-14 15:01 - 2009-07-14 02:33 - 00500800 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 14:58 - 2014-12-23 11:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 14:58 - 2014-08-21 14:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-14 09:08 - 2013-08-12 19:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-01-14 09:08 - 2013-08-12 19:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-14 08:57 - 2013-08-14 19:08 - 00000000 ____D C:\Windows\system32\MRT
2016-01-14 08:43 - 2011-02-09 15:22 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 10:40 - 2013-08-17 11:17 - 00000000 ____D C:\Users\vivo\AppData\Local\ElevatedDiagnostics
2016-01-11 14:04 - 2013-08-17 12:05 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-01-11 14:04 - 2013-08-17 12:05 - 00000000 ____D C:\ProgramData\HP
2016-01-09 08:37 - 2013-10-08 09:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-01-07 11:42 - 2013-11-19 13:40 - 00139800 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2016-01-07 11:39 - 2015-09-16 17:41 - 00000000 ____D C:\Program Files\Common Files\Wilcom
2016-01-07 11:37 - 2011-02-08 10:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-01-07 11:36 - 2013-08-12 19:26 - 00000000 ____D C:\Users\vivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-07 11:36 - 2013-08-12 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-01-05 09:48 - 2015-07-01 14:09 - 00125440 ___SH C:\Users\Public\Downloads\Thumbs.db
2016-01-04 11:51 - 2015-07-01 11:06 - 00134144 ___SH C:\Users\Public\Documents\Thumbs.db
2015-12-30 18:02 - 2015-07-01 15:27 - 00000000 ____D C:\Users\Public\Downloads\Images
2015-12-30 11:23 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\rescache
2015-12-30 09:48 - 2015-06-30 18:11 - 00000000 ____D C:\Users\Public\Documents\silk sert
2015-12-30 09:48 - 2015-06-30 17:44 - 00000000 ____D C:\Users\Public\Documents\rafael
2015-12-30 08:51 - 2015-06-30 14:16 - 00000000 ____D C:\Users\Public\Documents\documentos
2015-12-29 12:10 - 2009-07-14 02:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-29 11:46 - 2015-06-30 17:39 - 00000000 ____D C:\Users\Public\Documents\nicolas
2015-12-29 11:45 - 2015-06-30 13:58 - 00000000 ____D C:\Users\Public\Documents\daps
2015-12-29 09:18 - 2015-06-30 17:15 - 00000000 ____D C:\Users\Public\Documents\IMPACTO JOVEM
2015-12-28 17:02 - 2015-11-14 22:36 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-28 17:02 - 2015-11-14 22:36 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-22 11:03 - 2015-12-18 19:08 - 00000000 ____D C:\Program Files\EmissaoRecibo
2015-12-21 13:36 - 2015-04-13 21:09 - 00000000 ___SD C:\Windows\system32\GWX
==================== Arquivos na raiz de alguns diretórios =======
2015-04-19 10:20 - 2015-11-03 00:40 - 0000626 _____ () C:\Users\vivo\AppData\Roaming\7v1sqeZDM0j5Dlzrkf4THVI6K
2013-09-28 17:42 - 2013-09-28 17:42 - 0000173 _____ () C:\Users\vivo\AppData\Local\msmathematics.qat.vivo
2015-10-04 19:59 - 2015-10-04 19:59 - 0007605 _____ () C:\Users\vivo\AppData\Local\Resmon.ResmonCfg
2014-09-04 19:02 - 2014-09-04 19:02 - 0000000 _____ () C:\Users\vivo\AppData\Local\{69BF3879-4D49-4D31-B1FC-509AF90248E9}
2015-12-15 09:03 - 2015-12-15 13:50 - 1852416 _____ () C:\ProgramData\carssb.exe
2015-12-15 09:00 - 2015-11-26 07:58 - 4127064 _____ () C:\ProgramData\ch_dl_url
2011-02-08 10:29 - 2011-02-08 10:29 - 0489984 _____ () C:\ProgramData\Dri10.tmp
2011-02-08 10:29 - 2011-02-08 10:29 - 16700416 _____ (OEM) C:\ProgramData\E2010.tmp
2016-01-17 17:36 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-01-11 14:04 - 2016-01-11 14:06 - 0000349 _____ () C:\ProgramData\hpzinstall.log
2015-12-04 12:23 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-01-17 17:23 - 2016-01-14 07:46 - 2412032 _____ () C:\ProgramData\msiql.exe
2015-12-28 09:51 - 2015-12-25 07:18 - 4540096 _____ (${COMPANY_NAME}) C:\ProgramData\setup.exe
2015-12-21 13:53 - 2015-12-17 14:31 - 2245032 _____ (UpAurora.COM) C:\ProgramData\UpAurora_1.0.0.3034__101br.exe
2015-11-11 18:37 - 2015-11-02 10:19 - 1202560 _____ (Beijing Fantasy Game Network Technology Co., Ltd.) C:\ProgramData\upcinst.exe
2015-10-29 23:01 - 2015-10-16 06:43 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2016-01-17 12:14 - 2016-01-18 08:35 - 0006413 _____ () C:\ProgramData\webad.xml
2015-11-26 09:39 - 2016-01-18 08:55 - 0002415 _____ () C:\ProgramData\xcgui_debug.txt
2015-12-11 06:02 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Temp\00003575\casrss.exe
C:\ProgramData\carssb.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\setup.exe
C:\ProgramData\UpAurora_1.0.0.3034__101br.exe
C:\ProgramData\upcinst.exe
C:\ProgramData\upgsvr.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\carssb.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\setup.exe
C:\Users\Todos os Usuários\UpAurora_1.0.0.3034__101br.exe
C:\Users\Todos os Usuários\upcinst.exe
C:\Users\Todos os Usuários\upgsvr.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
Alguns arquivos em TEMP:
====================
C:\Users\vivo\AppData\Local\Temp\a5l7rqig.dll
C:\Users\vivo\AppData\Local\Temp\Advanced System Protector v2.1 Full Serial Keys__3111_il2323544.exe
C:\Users\vivo\AppData\Local\Temp\BgonAfijAkJWrknyelll.DLL
C:\Users\vivo\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\vivo\AppData\Local\Temp\fsd5D8A.exe
C:\Users\vivo\AppData\Local\Temp\InstallHelper.exe
C:\Users\vivo\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\vivo\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\vivo\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe
C:\Users\vivo\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\vivo\AppData\Local\Temp\RegSetup.exe
C:\Users\vivo\AppData\Local\Temp\siuninst.exe
C:\Users\vivo\AppData\Local\Temp\sqlite3.dll
C:\Users\vivo\AppData\Local\Temp\startw.exe
C:\Users\vivo\AppData\Local\Temp\ulewntpSuwcWqhHlPZTj.DLL
C:\Users\vivo\AppData\Local\Temp\ultimate_pc_cleaner.exe
C:\Users\vivo\AppData\Local\Temp\UninstallModule.exe
C:\Users\vivo\AppData\Local\Temp\unpack.exe
C:\Users\vivo\AppData\Local\Temp\uXGFHopnJF.DLL
C:\Users\vivo\AppData\Local\Temp\yqmGTubvrRevLtLQbZHE.DLL
C:\Users\vivo\AppData\Local\Temp\ytb.exe
C:\Users\vivo\AppData\Local\Temp\_shfoldr.dll
C:\Users\vivo\AppData\Local\Temp\_unps.exe
C:\Users\vivo\AppData\Local\Temp\_WUTL95.DLL
Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\host27nt.dll
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-09 09:57
==================== Fim de FRST.txt ============================