Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:21-02-2016 01
Executado por Maurício (administrador) em MAURÍCIO-VAIO (21-02-2016 23:55:14)
Executando a partir de C:\Users\Maurício\Desktop
Perfis Carregados: Maurício (Perfis Disponíveis: Maurício & DefaultAppPool)
Platform: Windows 10 Home Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TODO: ) C:\ProgramData\Updata\GoogleUpdata.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(VLOME) C:\Users\Maurício\AppData\Local\Temp\00007299\casrss.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => "C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe" /start
HKLM-x32\...\Run: [sun7] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Google Update] => C:\Users\Maurício\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Spotify Web Helper] => C:\Users\Maurício\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-21] (Spotify Ltd)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Spotify] => C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-21] (Spotify Ltd)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Pritc] => C:\Users\Maurício\AppData\Local\Temp\00007299\casrss.exe [2954240 2016-02-06] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-04] ()
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\RunOnce: [Uninstall C:\Users\Maur�cio\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurício\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60064;https=127.0.0.1:60064
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 187.60.96.18 187.60.96.19
Tcpip\..\Interfaces\{c6824594-1a86-4a9e-a1b4-44e15e837eff}: [DhcpNameServer] 187.60.96.19 187.60.96.18
Tcpip\..\Interfaces\{f9e065d0-0839-4dd5-8861-1aa17b3a1511}: [DhcpNameServer] 187.60.96.18 187.60.96.19
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=5fbe8ff527f15cd0059ddd7c7b48e1b8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony.com.br/vaio
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6FA57F6D-E6C8-1F5E-E53D-68F29113985E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3344363619-2784074106-1113438760-1000 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-3344363619-2784074106-1113438760-1000 -> {92001F8A-C36B-473A-91E7-5BE0C81CF2B3} URL = hxxp://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-23] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3344363619-2784074106-1113438760-1000 -> Sem Nome - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.yoursearching.com/?type=sc&ts=1454794112&z=9a83ef203f44133b2622cdbgdz0wbzbm8tezcg5g7o&from=face&uid=HitachiXHTS547550A9E384_J2110051DNX1ABDNX1ABX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-01-23] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-09-09] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-01-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-01-11] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3344363619-2784074106-1113438760-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Maurício\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3344363619-2784074106-1113438760-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Maurício\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3344363619-2784074106-1113438760-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Maurício\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-11] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-11] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\.DEFAULT\...\Firefox\Extensions: [buscape@buscape.com.br] - C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox
FF Extension: Sem Nome - C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox [2013-02-27] [não assinado]
Chrome:
=======
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Profile 1 -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> yahoo
CHR Profile: C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (Pesquisa do Google) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (AdBlock) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-04]
CHR Extension: (Facebook Flat — New Design & AdBlock) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2016-02-04]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
CHR Profile: C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-06]
CHR Extension: (AdBlock) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-21]
CHR Extension: (Skype) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - C:\Program Files (x86)\PSafe\PSafeAV\safemon\360webshield.crx
StartMenuInternet: Google Chrome - C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1454794112&z=9a83ef203f44133b2622cdbgdz0wbzbm8tezcg5g7o&from=face&uid=HitachiXHTS547550A9E384_J2110051DNX1ABDNX1ABX
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Arquivo não assinado]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GoogleChromeUpdata; C:\ProgramData\Updata\GoogleUpdata.exe [2768384 2016-02-04] (TODO: ) [Arquivo não assinado]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [Arquivo não assinado]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-19] (Electronic Arts)
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2014-07-25] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2014-08-27] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2014-08-27] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [311888 2014-07-25] (Qihu 360 Software Co., Ltd.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-04-18] (Qihu 360 Software Co., Ltd.)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34712 2016-02-04] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-02] (Disc Soft Ltd)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-06] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; não ImagePath
U5 REALPLAYERUPDATESVC; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-21 23:55 - 2016-02-21 23:56 - 00026917 _____ C:\Users\Maurício\Desktop\FRST.txt
2016-02-21 23:55 - 2016-02-21 23:55 - 00000000 ____D C:\FRST
2016-02-21 23:52 - 2016-02-21 23:54 - 02371072 _____ (Farbar) C:\Users\Maurício\Desktop\FRST64.exe
2016-02-11 11:52 - 2016-02-11 11:52 - 08817344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-02-10 01:54 - 2016-01-27 02:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 01:54 - 2016-01-27 02:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 01:54 - 2016-01-27 02:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 01:54 - 2016-01-27 02:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 01:54 - 2016-01-27 02:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 01:54 - 2016-01-27 02:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 01:54 - 2016-01-27 02:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 01:54 - 2016-01-27 01:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 01:54 - 2016-01-27 01:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 01:54 - 2016-01-27 01:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 01:54 - 2016-01-27 01:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 01:54 - 2016-01-27 01:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 01:53 - 2016-01-29 03:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 01:53 - 2016-01-29 03:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 01:53 - 2016-01-27 03:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 01:53 - 2016-01-27 03:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 01:53 - 2016-01-27 03:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 01:53 - 2016-01-27 03:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 01:53 - 2016-01-27 03:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 01:53 - 2016-01-27 02:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 01:53 - 2016-01-27 02:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 01:53 - 2016-01-27 02:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 01:53 - 2016-01-27 02:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 01:53 - 2016-01-27 02:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 01:53 - 2016-01-27 02:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 01:53 - 2016-01-27 02:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 01:53 - 2016-01-27 02:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 01:53 - 2016-01-27 02:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 01:53 - 2016-01-27 02:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 01:53 - 2016-01-27 02:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 01:53 - 2016-01-27 02:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 01:53 - 2016-01-27 02:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 01:53 - 2016-01-27 02:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 01:53 - 2016-01-27 02:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 01:53 - 2016-01-27 02:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 01:53 - 2016-01-27 02:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 01:53 - 2016-01-27 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 01:53 - 2016-01-27 02:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 01:53 - 2016-01-27 02:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 01:53 - 2016-01-27 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 01:53 - 2016-01-27 02:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 01:53 - 2016-01-27 02:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 01:53 - 2016-01-27 02:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 01:53 - 2016-01-27 02:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 01:53 - 2016-01-27 02:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 01:53 - 2016-01-27 02:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 01:53 - 2016-01-27 02:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 01:53 - 2016-01-27 02:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 01:53 - 2016-01-27 01:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 01:53 - 2016-01-27 01:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 01:53 - 2016-01-27 01:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 01:53 - 2016-01-27 01:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 01:53 - 2016-01-27 01:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 01:53 - 2016-01-27 01:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 01:53 - 2016-01-27 01:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 01:53 - 2016-01-27 01:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 01:53 - 2016-01-27 01:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 01:53 - 2016-01-27 01:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 01:53 - 2016-01-27 01:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 01:53 - 2016-01-27 01:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 01:53 - 2016-01-27 01:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 01:53 - 2016-01-27 01:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 01:53 - 2016-01-27 01:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 01:53 - 2016-01-27 01:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 01:53 - 2016-01-27 01:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 14:09 - 2016-02-09 14:09 - 00000000 ____D C:\Users\Maurício\AppData\Local\IronSnout
2016-02-09 14:07 - 2016-02-09 14:07 - 00000222 _____ C:\Users\Maurício\Desktop\Iron Snout.url
2016-02-09 13:42 - 2016-02-09 13:42 - 00000000 ____D C:\Users\Maurício\AppData\Local\Steam
2016-02-08 03:27 - 2016-02-08 03:27 - 00127313 _____ C:\Users\Maurício\Downloads\download.htm
2016-02-07 00:42 - 2016-02-07 00:42 - 00055293 _____ C:\Users\Maurício\Desktop\JRT.txt
2016-02-07 00:34 - 2016-02-07 00:36 - 01609032 _____ (Malwarebytes) C:\Users\Maurício\Desktop\JRT.exe
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-6b03-1
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-5207-0
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\ProgramData\4d31052f-6b03-1
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\ProgramData\4d31052f-5207-0
2016-02-06 21:40 - 2016-02-06 21:40 - 00631808 _____ C:\WINDOWS\poy.dat
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-7591-0
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-0301-1
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\ProgramData\4d31052f-7591-0
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\ProgramData\4d31052f-0301-1
2016-02-06 21:39 - 2016-02-06 21:39 - 00022592 _____ C:\WINDOWS\System32\Tasks\{7D050547-7D79-057A-7F11-0D79057A117D}
2016-02-06 21:34 - 2016-02-21 23:35 - 00003658 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-02-06 20:04 - 2016-02-21 23:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-06 20:02 - 2016-02-07 00:21 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-06 20:02 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-06 20:02 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-06 20:02 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-06 19:57 - 2016-02-06 20:02 - 22908888 _____ (Malwarebytes ) C:\Users\Maurício\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-06 19:31 - 2016-02-06 19:32 - 05657667 _____ (Swearware) C:\Users\Maurício\Downloads\ComboFix.exe
2016-02-06 19:23 - 2016-02-06 19:23 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-02-06 19:23 - 2016-02-06 19:23 - 00000000 ____D C:\ProgramData\Uniblue
2016-02-06 19:07 - 2016-02-06 19:07 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-02-06 18:35 - 2016-02-07 00:19 - 00000000 ____D C:\Program Files\WajaNetEn
2016-02-06 18:32 - 2016-02-07 00:19 - 00000000 ____D C:\Users\Todos os Usuários\LFuQamXA
2016-02-06 18:32 - 2016-02-07 00:19 - 00000000 ____D C:\ProgramData\LFuQamXA
2016-02-06 18:31 - 2016-02-06 18:31 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-06 18:31 - 2016-02-06 18:31 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-06 18:29 - 2016-02-06 21:58 - 00000000 ____D C:\Users\Maurício\AppData\Local\Setup Wizard
2016-02-06 18:29 - 2016-02-06 19:41 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\yoursearching
2016-02-06 18:25 - 2016-02-06 18:25 - 00003124 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-02-06 18:25 - 2016-02-06 18:25 - 00003060 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-02-06 18:25 - 2016-02-06 18:25 - 00003018 _____ C:\WINDOWS\System32\Tasks\osTip
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\Users\Todos os Usuários\Updata
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\ProgramData\Updata
2016-02-06 17:56 - 2016-02-06 17:57 - 00278548 _____ C:\WINDOWS\Minidump\020616-23234-01.dmp
2016-02-06 17:56 - 2016-02-06 17:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 22:48 - 2016-02-04 22:48 - 00034712 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-02-04 22:46 - 2016-02-04 22:46 - 00003424 _____ C:\WINDOWS\System32\Tasks\Sofureg
2016-02-04 22:46 - 2016-02-04 22:46 - 00000000 ____D C:\Users\Maurício\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-02-04 22:46 - 2016-02-04 22:46 - 00000000 ____D C:\uninst
2016-02-04 10:33 - 2016-02-04 10:33 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-04 10:22 - 2016-02-04 10:22 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-01-28 21:11 - 2016-01-28 21:11 - 00000000 ____D C:\Users\Maurício\Documents\League of Legends
2016-01-28 19:58 - 2016-01-16 03:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 19:58 - 2016-01-16 03:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 19:58 - 2016-01-16 02:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 19:57 - 2016-01-16 02:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 19:57 - 2016-01-16 02:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 19:57 - 2016-01-16 02:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 19:57 - 2016-01-16 02:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 19:56 - 2016-01-16 03:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 19:56 - 2016-01-16 03:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 19:56 - 2016-01-16 03:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 19:56 - 2016-01-16 03:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 19:56 - 2016-01-16 03:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 19:56 - 2016-01-16 03:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 19:56 - 2016-01-16 03:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 19:56 - 2016-01-16 03:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 19:56 - 2016-01-16 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 19:56 - 2016-01-16 03:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 19:56 - 2016-01-16 03:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 19:56 - 2016-01-16 03:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 19:56 - 2016-01-16 03:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 19:56 - 2016-01-16 02:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 19:56 - 2016-01-16 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 19:56 - 2016-01-16 02:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 19:56 - 2016-01-16 02:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 19:56 - 2016-01-16 02:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 19:56 - 2016-01-16 02:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 19:56 - 2016-01-16 02:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 19:56 - 2016-01-16 02:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 19:56 - 2016-01-16 02:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 19:56 - 2016-01-16 02:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 19:56 - 2016-01-16 02:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 19:56 - 2016-01-16 02:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 19:56 - 2016-01-16 02:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 19:56 - 2016-01-16 02:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 19:56 - 2016-01-16 02:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 19:56 - 2016-01-16 02:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 19:56 - 2016-01-16 02:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 19:56 - 2016-01-16 02:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 19:56 - 2016-01-16 02:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 19:56 - 2016-01-16 02:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 19:56 - 2016-01-16 02:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 19:56 - 2016-01-16 02:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 19:56 - 2016-01-16 02:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 19:56 - 2016-01-16 02:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 19:56 - 2016-01-16 02:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 19:56 - 2016-01-16 02:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 19:56 - 2016-01-16 02:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 19:55 - 2016-01-16 03:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 19:55 - 2016-01-16 03:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 19:55 - 2016-01-16 03:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 19:55 - 2016-01-16 03:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 19:55 - 2016-01-16 03:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 19:55 - 2016-01-16 03:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 19:55 - 2016-01-16 03:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 19:55 - 2016-01-16 02:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 19:55 - 2016-01-16 02:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 19:55 - 2016-01-16 02:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 19:55 - 2016-01-16 02:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 19:55 - 2016-01-16 02:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 19:55 - 2016-01-16 02:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 19:55 - 2016-01-16 02:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 19:55 - 2016-01-16 02:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 19:55 - 2016-01-16 02:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 19:55 - 2016-01-16 02:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 19:55 - 2016-01-16 02:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 19:55 - 2016-01-16 02:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 19:55 - 2016-01-16 02:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 19:55 - 2016-01-16 02:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 19:55 - 2016-01-16 02:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 19:55 - 2016-01-16 02:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 19:55 - 2016-01-16 02:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 19:55 - 2016-01-16 02:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 19:55 - 2016-01-16 02:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 19:55 - 2016-01-16 02:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 19:55 - 2016-01-16 02:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 19:55 - 2016-01-16 02:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 19:55 - 2016-01-16 02:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 19:55 - 2016-01-16 02:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 19:55 - 2016-01-16 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 19:55 - 2016-01-16 02:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 19:55 - 2016-01-16 02:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 19:55 - 2016-01-16 02:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 19:55 - 2016-01-16 02:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 19:55 - 2016-01-16 02:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 19:55 - 2016-01-16 02:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 19:55 - 2016-01-16 02:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 19:55 - 2016-01-16 02:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 19:55 - 2016-01-16 02:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 19:55 - 2016-01-16 02:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 19:55 - 2016-01-16 02:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 19:55 - 2016-01-16 02:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 19:55 - 2016-01-16 02:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-27 09:02 - 2016-01-27 09:01 - 00000967 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-21 23:51 - 2012-10-07 19:37 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-21 23:45 - 2015-10-30 16:34 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\Spotify
2016-02-21 23:35 - 2015-10-30 16:36 - 00000000 ____D C:\Users\Maurício\AppData\Local\Spotify
2016-02-21 23:35 - 2014-11-28 14:42 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\Skype
2016-02-21 23:34 - 2015-08-02 19:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-21 23:34 - 2013-02-05 23:47 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-21 23:29 - 2015-12-12 03:31 - 02093768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-21 23:29 - 2015-10-30 16:11 - 00887722 _____ C:\WINDOWS\system32\prfh0416.dat
2016-02-21 23:29 - 2015-10-30 16:11 - 00192768 _____ C:\WINDOWS\system32\prfc0416.dat
2016-02-21 23:29 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-21 23:25 - 2015-12-12 03:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-21 23:24 - 2015-10-30 03:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-21 23:24 - 2014-07-28 22:41 - 00000000 _RSHD C:\360SANDBOX
2016-02-21 23:22 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-21 23:21 - 2013-02-05 23:47 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-21 23:20 - 2014-10-19 20:20 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000UA1cfebf33a23936e.job
2016-02-21 23:16 - 2012-06-23 19:09 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000UA.job
2016-02-21 22:40 - 2014-07-24 21:29 - 00000378 _____ C:\WINDOWS\Tasks\ReclaimerUpdateXML_Maurício.job
2016-02-21 21:34 - 2014-07-24 21:29 - 00000382 _____ C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Maurício.job
2016-02-21 20:25 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-21 20:09 - 2012-06-23 16:48 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{976835FB-A69B-4A2B-B8AB-C77DF1FF5C8B}
2016-02-21 14:16 - 2012-06-23 19:09 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000Core.job
2016-02-20 20:21 - 2012-06-23 19:15 - 00002470 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 20:14 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-17 23:20 - 2014-10-19 20:20 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000Core1cfebf338fdd3d1.job
2016-02-13 01:33 - 2012-08-10 22:23 - 00000000 ____D C:\Users\Maurício\AppData\Local\Last.fm
2016-02-11 11:43 - 2013-08-16 17:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 11:35 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 11:35 - 2012-10-23 16:51 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 22:59 - 2014-06-17 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-09 23:15 - 2014-10-19 20:20 - 00004272 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000UA1cfebf33a23936e
2016-02-09 23:15 - 2014-10-19 20:20 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000Core1cfebf338fdd3d1
2016-02-09 17:05 - 2015-12-12 03:32 - 00000000 ____D C:\Users\Maurício
2016-02-07 00:22 - 2015-12-12 03:46 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-07 00:22 - 2015-11-26 11:19 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-07 00:22 - 2015-10-30 16:36 - 00001851 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-07 00:22 - 2015-09-15 18:59 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2016-02-07 00:22 - 2015-08-02 19:24 - 00001051 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk
2016-02-07 00:22 - 2015-08-02 19:23 - 00002382 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-07 00:22 - 2015-06-05 17:34 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2016-02-07 00:22 - 2015-06-04 14:45 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-07 00:22 - 2015-01-06 22:10 - 00002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2016-02-07 00:22 - 2014-06-17 15:51 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2016-02-07 00:22 - 2012-10-25 15:06 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-02-07 00:22 - 2012-10-25 15:06 - 00000947 _____ C:\Users\Public\Desktop\µTorrent.lnk
2016-02-07 00:22 - 2012-09-11 14:23 - 00002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visualizador do Microsoft PowerPoint .lnk
2016-02-07 00:22 - 2012-07-23 15:43 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-02-07 00:22 - 2012-01-23 22:09 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-02-07 00:22 - 2012-01-23 21:53 - 00002679 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
2016-02-07 00:22 - 2012-01-23 21:53 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
2016-02-07 00:22 - 2012-01-23 21:53 - 00001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
2016-02-07 00:22 - 2012-01-23 21:51 - 00002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
2016-02-07 00:22 - 2012-01-23 21:47 - 00001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
2016-02-07 00:22 - 2012-01-23 21:35 - 00001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
2016-02-07 00:22 - 2012-01-23 21:32 - 00001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
2016-02-07 00:22 - 2012-01-23 21:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-02-07 00:22 - 2012-01-23 21:22 - 00001991 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2016-02-07 00:22 - 2012-01-23 21:22 - 00001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2016-02-07 00:22 - 2012-01-23 21:16 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-02-07 00:21 - 2015-10-30 16:36 - 00001865 _____ C:\Users\Maurício\Desktop\Spotify.lnk
2016-02-07 00:21 - 2015-08-03 16:23 - 00001116 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2016-02-07 00:21 - 2015-04-12 13:15 - 00002144 _____ C:\Users\Maurício\Desktop\Google Earth.lnk
2016-02-07 00:21 - 2014-03-23 11:12 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-07 00:21 - 2014-03-23 11:12 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-02-07 00:21 - 2013-09-30 18:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-07 00:21 - 2013-07-15 15:39 - 00001190 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2016-02-07 00:21 - 2013-02-05 23:47 - 00001035 _____ C:\Users\Maurício\Desktop\PhotoScape.lnk
2016-02-07 00:21 - 2013-01-11 01:10 - 00001268 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2016-02-07 00:21 - 2012-01-23 22:05 - 00002180 _____ C:\Users\Public\Desktop\Imagination Studio Suite 2 - VAIO Edition.lnk
2016-02-07 00:21 - 2012-01-23 22:05 - 00002023 _____ C:\Users\Public\Desktop\Microsoft Office 2010.lnk
2016-02-07 00:20 - 2014-08-09 12:04 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-02-07 00:20 - 2014-08-09 12:04 - 00000000 ____D C:\ProgramData\baidu
2016-02-07 00:20 - 2013-05-27 21:13 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\baidu
2016-02-06 23:56 - 2009-07-14 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-06 23:54 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Branding
2016-02-06 23:53 - 2013-06-23 16:59 - 00000000 ____D C:\Users\Todos os Usuários\ssafuE essavee
2016-02-06 23:53 - 2013-06-23 16:59 - 00000000 ____D C:\ProgramData\ssafuE essavee
2016-02-06 18:29 - 2014-10-20 16:04 - 00000000 __SHD C:\Users\Maurício\AppData\Local\EmieUserList
2016-02-06 18:29 - 2014-10-20 16:04 - 00000000 __SHD C:\Users\Maurício\AppData\Local\EmieSiteList
2016-02-06 17:56 - 2015-05-01 14:22 - 455391775 _____ C:\WINDOWS\MEMORY.DMP
2016-02-04 10:22 - 2015-12-12 03:32 - 00000000 ____D C:\Users\DefaultAppPool
2016-02-04 09:55 - 2015-08-02 19:23 - 00000000 ___RD C:\Users\Maurício\OneDrive
2016-02-03 19:54 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-03 18:41 - 2013-02-05 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-03 16:01 - 2015-10-30 04:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 16:01 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-03 13:16 - 2013-02-05 23:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 13:16 - 2013-02-05 23:47 - 00003930 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 19:20 - 2012-11-28 18:10 - 00000000 ____D C:\Users\Maurício\Desktop\Toques
2016-01-25 17:49 - 2013-01-16 19:40 - 00000000 ____D C:\Users\Maurício\AppData\Local\ElevatedDiagnostics
2016-01-25 11:33 - 2014-07-22 21:57 - 00000000 ____D C:\Users\Maurício\Desktop\FOTAS
2016-01-22 17:41 - 2015-04-18 16:07 - 00000000 ____D C:\Users\Maurício\Desktop\Geo
==================== Arquivos na raiz de alguns diretórios =======
2014-06-17 18:58 - 2014-06-17 19:59 - 0000097 _____ () C:\Users\Maurício\AppData\Roaming\LauncherSettings_live.cfg
2014-06-17 19:02 - 2014-06-17 19:02 - 0000039 _____ () C:\Users\Maurício\AppData\Roaming\TheHunterSettings_steam_live.cfg
2013-09-14 03:42 - 2014-03-31 18:47 - 0000182 _____ () C:\Users\Maurício\AppData\Roaming\WB.CFG
2013-08-02 17:54 - 2013-09-23 23:39 - 0000117 _____ () C:\Users\Maurício\AppData\Local\ap_UA-24552437-8.txt
2013-04-19 14:27 - 2014-03-06 19:52 - 0000952 _____ () C:\ProgramData\KGyGaAvL.sys
2016-02-06 18:31 - 2016-02-06 18:31 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\Users\Maurício\AppData\Local\Temp\00007299\casrss.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Alguns arquivos em TEMP:
====================
C:\Users\Maurício\AppData\Local\Temp\13603P1WDE.exe
C:\Users\Maurício\AppData\Local\Temp\1454815240.exe
C:\Users\Maurício\AppData\Local\Temp\2445.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\94492374-D784-9438-D90A-88FF9BFD79E8.exe
C:\Users\Maurício\AppData\Local\Temp\9673.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\986F.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.dll
C:\Users\Maurício\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.exe
C:\Users\Maurício\AppData\Local\Temp\B48F.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\C1ED.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\D974.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\D9C9.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\F97D.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\fsd1B43.exe
C:\Users\Maurício\AppData\Local\Temp\SpGWj2aRaB.exe
C:\Users\Maurício\AppData\Local\Temp\tu17p84.exe
C:\Users\Maurício\AppData\Local\Temp\Uninstall.exe
C:\Users\Maurício\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-02-20 20:06
==================== Fim de FRST.txt ============================
Executado por Maurício (administrador) em MAURÍCIO-VAIO (21-02-2016 23:55:14)
Executando a partir de C:\Users\Maurício\Desktop
Perfis Carregados: Maurício (Perfis Disponíveis: Maurício & DefaultAppPool)
Platform: Windows 10 Home Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TODO: ) C:\ProgramData\Updata\GoogleUpdata.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(VLOME) C:\Users\Maurício\AppData\Local\Temp\00007299\casrss.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => "C:\Program Files (x86)\PSafe\Total\safemon\QHSafeTray.exe" /start
HKLM-x32\...\Run: [sun7] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Google Update] => C:\Users\Maurício\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Spotify Web Helper] => C:\Users\Maurício\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-21] (Spotify Ltd)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Spotify] => C:\Users\Maurício\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-21] (Spotify Ltd)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [Pritc] => C:\Users\Maurício\AppData\Local\Temp\00007299\casrss.exe [2954240 2016-02-06] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-04] ()
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\...\RunOnce: [Uninstall C:\Users\Maur�cio\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurício\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60064;https=127.0.0.1:60064
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 187.60.96.18 187.60.96.19
Tcpip\..\Interfaces\{c6824594-1a86-4a9e-a1b4-44e15e837eff}: [DhcpNameServer] 187.60.96.19 187.60.96.18
Tcpip\..\Interfaces\{f9e065d0-0839-4dd5-8861-1aa17b3a1511}: [DhcpNameServer] 187.60.96.18 187.60.96.19
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=5fbe8ff527f15cd0059ddd7c7b48e1b8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3344363619-2784074106-1113438760-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.sony.com.br/vaio
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6FA57F6D-E6C8-1F5E-E53D-68F29113985E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3344363619-2784074106-1113438760-1000 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-3344363619-2784074106-1113438760-1000 -> {92001F8A-C36B-473A-91E7-5BE0C81CF2B3} URL = hxxp://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-23] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3344363619-2784074106-1113438760-1000 -> Sem Nome - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.yoursearching.com/?type=sc&ts=1454794112&z=9a83ef203f44133b2622cdbgdz0wbzbm8tezcg5g7o&from=face&uid=HitachiXHTS547550A9E384_J2110051DNX1ABDNX1ABX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-01-23] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-09-09] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-01-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-01-11] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3344363619-2784074106-1113438760-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Maurício\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3344363619-2784074106-1113438760-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Maurício\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-3344363619-2784074106-1113438760-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Maurício\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-11] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-11] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\.DEFAULT\...\Firefox\Extensions: [buscape@buscape.com.br] - C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox
FF Extension: Sem Nome - C:\Program Files (x86)\Buscapé\Buscapé na Hora\Firefox [2013-02-27] [não assinado]
Chrome:
=======
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Profile 1 -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> yahoo
CHR Profile: C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (Pesquisa do Google) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (AdBlock) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-04]
CHR Extension: (Facebook Flat — New Design & AdBlock) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2016-02-04]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
CHR Profile: C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-06]
CHR Extension: (AdBlock) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-21]
CHR Extension: (Skype) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Maurício\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [pppagaglfkmlpgobnlenhknilehpmcbo] - C:\Program Files (x86)\PSafe\PSafeAV\safemon\360webshield.crx
StartMenuInternet: Google Chrome - C:\Users\Maurício\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.yoursearching.com/?type=sc&ts=1454794112&z=9a83ef203f44133b2622cdbgdz0wbzbm8tezcg5g7o&from=face&uid=HitachiXHTS547550A9E384_J2110051DNX1ABDNX1ABX
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Arquivo não assinado]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 GoogleChromeUpdata; C:\ProgramData\Updata\GoogleUpdata.exe [2768384 2016-02-04] (TODO: ) [Arquivo não assinado]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [Arquivo não assinado]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-19] (Electronic Arts)
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2014-07-25] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2014-08-27] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2014-08-27] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [311888 2014-07-25] (Qihu 360 Software Co., Ltd.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-04-18] (Qihu 360 Software Co., Ltd.)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34712 2016-02-04] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-02] (Disc Soft Ltd)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-06] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; não ImagePath
U5 REALPLAYERUPDATESVC; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-21 23:55 - 2016-02-21 23:56 - 00026917 _____ C:\Users\Maurício\Desktop\FRST.txt
2016-02-21 23:55 - 2016-02-21 23:55 - 00000000 ____D C:\FRST
2016-02-21 23:52 - 2016-02-21 23:54 - 02371072 _____ (Farbar) C:\Users\Maurício\Desktop\FRST64.exe
2016-02-11 11:52 - 2016-02-11 11:52 - 08817344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-02-10 01:54 - 2016-01-27 02:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 01:54 - 2016-01-27 02:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 01:54 - 2016-01-27 02:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 01:54 - 2016-01-27 02:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 01:54 - 2016-01-27 02:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 01:54 - 2016-01-27 02:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 01:54 - 2016-01-27 02:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 01:54 - 2016-01-27 01:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 01:54 - 2016-01-27 01:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 01:54 - 2016-01-27 01:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 01:54 - 2016-01-27 01:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 01:54 - 2016-01-27 01:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 01:53 - 2016-01-29 03:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 01:53 - 2016-01-29 03:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 01:53 - 2016-01-27 03:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 01:53 - 2016-01-27 03:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 01:53 - 2016-01-27 03:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 01:53 - 2016-01-27 03:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 01:53 - 2016-01-27 03:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 01:53 - 2016-01-27 02:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 01:53 - 2016-01-27 02:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 01:53 - 2016-01-27 02:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 01:53 - 2016-01-27 02:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 01:53 - 2016-01-27 02:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 01:53 - 2016-01-27 02:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 01:53 - 2016-01-27 02:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 01:53 - 2016-01-27 02:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 01:53 - 2016-01-27 02:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 01:53 - 2016-01-27 02:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 01:53 - 2016-01-27 02:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 01:53 - 2016-01-27 02:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 01:53 - 2016-01-27 02:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 01:53 - 2016-01-27 02:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 01:53 - 2016-01-27 02:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 01:53 - 2016-01-27 02:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 01:53 - 2016-01-27 02:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 01:53 - 2016-01-27 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 01:53 - 2016-01-27 02:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 01:53 - 2016-01-27 02:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 01:53 - 2016-01-27 02:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 01:53 - 2016-01-27 02:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 01:53 - 2016-01-27 02:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 01:53 - 2016-01-27 02:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 01:53 - 2016-01-27 02:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 01:53 - 2016-01-27 02:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 01:53 - 2016-01-27 02:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 01:53 - 2016-01-27 02:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 01:53 - 2016-01-27 02:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 01:53 - 2016-01-27 01:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 01:53 - 2016-01-27 01:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 01:53 - 2016-01-27 01:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 01:53 - 2016-01-27 01:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 01:53 - 2016-01-27 01:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 01:53 - 2016-01-27 01:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 01:53 - 2016-01-27 01:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 01:53 - 2016-01-27 01:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 01:53 - 2016-01-27 01:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 01:53 - 2016-01-27 01:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 01:53 - 2016-01-27 01:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 01:53 - 2016-01-27 01:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 01:53 - 2016-01-27 01:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 01:53 - 2016-01-27 01:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 01:53 - 2016-01-27 01:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 01:53 - 2016-01-27 01:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 01:53 - 2016-01-27 01:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 14:09 - 2016-02-09 14:09 - 00000000 ____D C:\Users\Maurício\AppData\Local\IronSnout
2016-02-09 14:07 - 2016-02-09 14:07 - 00000222 _____ C:\Users\Maurício\Desktop\Iron Snout.url
2016-02-09 13:42 - 2016-02-09 13:42 - 00000000 ____D C:\Users\Maurício\AppData\Local\Steam
2016-02-08 03:27 - 2016-02-08 03:27 - 00127313 _____ C:\Users\Maurício\Downloads\download.htm
2016-02-07 00:42 - 2016-02-07 00:42 - 00055293 _____ C:\Users\Maurício\Desktop\JRT.txt
2016-02-07 00:34 - 2016-02-07 00:36 - 01609032 _____ (Malwarebytes) C:\Users\Maurício\Desktop\JRT.exe
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-6b03-1
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-5207-0
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\ProgramData\4d31052f-6b03-1
2016-02-06 23:25 - 2016-02-06 23:25 - 00000000 ____D C:\ProgramData\4d31052f-5207-0
2016-02-06 21:40 - 2016-02-06 21:40 - 00631808 _____ C:\WINDOWS\poy.dat
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-7591-0
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\Users\Todos os Usuários\4d31052f-0301-1
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\ProgramData\4d31052f-7591-0
2016-02-06 21:39 - 2016-02-06 22:59 - 00000000 ____D C:\ProgramData\4d31052f-0301-1
2016-02-06 21:39 - 2016-02-06 21:39 - 00022592 _____ C:\WINDOWS\System32\Tasks\{7D050547-7D79-057A-7F11-0D79057A117D}
2016-02-06 21:34 - 2016-02-21 23:35 - 00003658 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-02-06 20:04 - 2016-02-21 23:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-06 20:02 - 2016-02-07 00:21 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-06 20:02 - 2016-02-06 20:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-06 20:02 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-06 20:02 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-06 20:02 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-06 19:57 - 2016-02-06 20:02 - 22908888 _____ (Malwarebytes ) C:\Users\Maurício\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-06 19:31 - 2016-02-06 19:32 - 05657667 _____ (Swearware) C:\Users\Maurício\Downloads\ComboFix.exe
2016-02-06 19:23 - 2016-02-06 19:23 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-02-06 19:23 - 2016-02-06 19:23 - 00000000 ____D C:\ProgramData\Uniblue
2016-02-06 19:07 - 2016-02-06 19:07 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-02-06 18:35 - 2016-02-07 00:19 - 00000000 ____D C:\Program Files\WajaNetEn
2016-02-06 18:32 - 2016-02-07 00:19 - 00000000 ____D C:\Users\Todos os Usuários\LFuQamXA
2016-02-06 18:32 - 2016-02-07 00:19 - 00000000 ____D C:\ProgramData\LFuQamXA
2016-02-06 18:31 - 2016-02-06 18:31 - 00000074 _____ C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-06 18:31 - 2016-02-06 18:31 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-06 18:29 - 2016-02-06 21:58 - 00000000 ____D C:\Users\Maurício\AppData\Local\Setup Wizard
2016-02-06 18:29 - 2016-02-06 19:41 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\yoursearching
2016-02-06 18:25 - 2016-02-06 18:25 - 00003124 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-02-06 18:25 - 2016-02-06 18:25 - 00003060 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-02-06 18:25 - 2016-02-06 18:25 - 00003018 _____ C:\WINDOWS\System32\Tasks\osTip
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\Users\Todos os Usuários\Updata
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-06 18:25 - 2016-02-06 18:25 - 00000000 ____D C:\ProgramData\Updata
2016-02-06 17:56 - 2016-02-06 17:57 - 00278548 _____ C:\WINDOWS\Minidump\020616-23234-01.dmp
2016-02-06 17:56 - 2016-02-06 17:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 22:48 - 2016-02-04 22:48 - 00034712 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-02-04 22:46 - 2016-02-04 22:46 - 00003424 _____ C:\WINDOWS\System32\Tasks\Sofureg
2016-02-04 22:46 - 2016-02-04 22:46 - 00000000 ____D C:\Users\Maurício\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-02-04 22:46 - 2016-02-04 22:46 - 00000000 ____D C:\uninst
2016-02-04 10:33 - 2016-02-04 10:33 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-04 10:22 - 2016-02-04 10:22 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-01-28 21:11 - 2016-01-28 21:11 - 00000000 ____D C:\Users\Maurício\Documents\League of Legends
2016-01-28 19:58 - 2016-01-16 03:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 19:58 - 2016-01-16 03:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 19:58 - 2016-01-16 02:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 19:57 - 2016-01-16 02:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 19:57 - 2016-01-16 02:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 19:57 - 2016-01-16 02:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 19:57 - 2016-01-16 02:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 19:56 - 2016-01-16 03:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 19:56 - 2016-01-16 03:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 19:56 - 2016-01-16 03:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 19:56 - 2016-01-16 03:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 19:56 - 2016-01-16 03:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 19:56 - 2016-01-16 03:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 19:56 - 2016-01-16 03:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 19:56 - 2016-01-16 03:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 19:56 - 2016-01-16 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 19:56 - 2016-01-16 03:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 19:56 - 2016-01-16 03:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 19:56 - 2016-01-16 03:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 19:56 - 2016-01-16 03:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 19:56 - 2016-01-16 02:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 19:56 - 2016-01-16 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 19:56 - 2016-01-16 02:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 19:56 - 2016-01-16 02:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 19:56 - 2016-01-16 02:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 19:56 - 2016-01-16 02:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 19:56 - 2016-01-16 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 19:56 - 2016-01-16 02:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 19:56 - 2016-01-16 02:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 19:56 - 2016-01-16 02:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 19:56 - 2016-01-16 02:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 19:56 - 2016-01-16 02:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 19:56 - 2016-01-16 02:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 19:56 - 2016-01-16 02:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 19:56 - 2016-01-16 02:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 19:56 - 2016-01-16 02:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 19:56 - 2016-01-16 02:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 19:56 - 2016-01-16 02:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 19:56 - 2016-01-16 02:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 19:56 - 2016-01-16 02:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 19:56 - 2016-01-16 02:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 19:56 - 2016-01-16 02:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 19:56 - 2016-01-16 02:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 19:56 - 2016-01-16 02:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 19:56 - 2016-01-16 02:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 19:56 - 2016-01-16 02:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 19:56 - 2016-01-16 02:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 19:56 - 2016-01-16 02:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 19:56 - 2016-01-16 02:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 19:56 - 2016-01-16 02:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 19:55 - 2016-01-16 03:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 19:55 - 2016-01-16 03:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 19:55 - 2016-01-16 03:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 19:55 - 2016-01-16 03:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 19:55 - 2016-01-16 03:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 19:55 - 2016-01-16 03:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 19:55 - 2016-01-16 03:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 19:55 - 2016-01-16 02:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 19:55 - 2016-01-16 02:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 19:55 - 2016-01-16 02:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 19:55 - 2016-01-16 02:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 19:55 - 2016-01-16 02:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 19:55 - 2016-01-16 02:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 19:55 - 2016-01-16 02:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 19:55 - 2016-01-16 02:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 19:55 - 2016-01-16 02:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 19:55 - 2016-01-16 02:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 19:55 - 2016-01-16 02:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 19:55 - 2016-01-16 02:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 19:55 - 2016-01-16 02:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 19:55 - 2016-01-16 02:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 19:55 - 2016-01-16 02:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 19:55 - 2016-01-16 02:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 19:55 - 2016-01-16 02:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 19:55 - 2016-01-16 02:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 19:55 - 2016-01-16 02:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 19:55 - 2016-01-16 02:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 19:55 - 2016-01-16 02:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 19:55 - 2016-01-16 02:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 19:55 - 2016-01-16 02:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 19:55 - 2016-01-16 02:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 19:55 - 2016-01-16 02:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 19:55 - 2016-01-16 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 19:55 - 2016-01-16 02:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 19:55 - 2016-01-16 02:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 19:55 - 2016-01-16 02:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 19:55 - 2016-01-16 02:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 19:55 - 2016-01-16 02:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 19:55 - 2016-01-16 02:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 19:55 - 2016-01-16 02:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 19:55 - 2016-01-16 02:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 19:55 - 2016-01-16 02:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 19:55 - 2016-01-16 02:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 19:55 - 2016-01-16 02:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 19:55 - 2016-01-16 02:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 19:55 - 2016-01-16 02:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-27 09:02 - 2016-01-27 09:01 - 00000967 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-02-21 23:51 - 2012-10-07 19:37 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-21 23:45 - 2015-10-30 16:34 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\Spotify
2016-02-21 23:35 - 2015-10-30 16:36 - 00000000 ____D C:\Users\Maurício\AppData\Local\Spotify
2016-02-21 23:35 - 2014-11-28 14:42 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\Skype
2016-02-21 23:34 - 2015-08-02 19:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-21 23:34 - 2013-02-05 23:47 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-21 23:29 - 2015-12-12 03:31 - 02093768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-21 23:29 - 2015-10-30 16:11 - 00887722 _____ C:\WINDOWS\system32\prfh0416.dat
2016-02-21 23:29 - 2015-10-30 16:11 - 00192768 _____ C:\WINDOWS\system32\prfc0416.dat
2016-02-21 23:29 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-21 23:25 - 2015-12-12 03:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-21 23:24 - 2015-10-30 03:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-21 23:24 - 2014-07-28 22:41 - 00000000 _RSHD C:\360SANDBOX
2016-02-21 23:22 - 2015-10-30 16:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-21 23:21 - 2013-02-05 23:47 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-21 23:20 - 2014-10-19 20:20 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000UA1cfebf33a23936e.job
2016-02-21 23:16 - 2012-06-23 19:09 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000UA.job
2016-02-21 22:40 - 2014-07-24 21:29 - 00000378 _____ C:\WINDOWS\Tasks\ReclaimerUpdateXML_Maurício.job
2016-02-21 21:34 - 2014-07-24 21:29 - 00000382 _____ C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Maurício.job
2016-02-21 20:25 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-21 20:09 - 2012-06-23 16:48 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{976835FB-A69B-4A2B-B8AB-C77DF1FF5C8B}
2016-02-21 14:16 - 2012-06-23 19:09 - 00001038 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000Core.job
2016-02-20 20:21 - 2012-06-23 19:15 - 00002470 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 20:14 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-17 23:20 - 2014-10-19 20:20 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000Core1cfebf338fdd3d1.job
2016-02-13 01:33 - 2012-08-10 22:23 - 00000000 ____D C:\Users\Maurício\AppData\Local\Last.fm
2016-02-11 11:43 - 2013-08-16 17:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 11:35 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 11:35 - 2012-10-23 16:51 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 22:59 - 2014-06-17 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-09 23:15 - 2014-10-19 20:20 - 00004272 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000UA1cfebf33a23936e
2016-02-09 23:15 - 2014-10-19 20:20 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3344363619-2784074106-1113438760-1000Core1cfebf338fdd3d1
2016-02-09 17:05 - 2015-12-12 03:32 - 00000000 ____D C:\Users\Maurício
2016-02-07 00:22 - 2015-12-12 03:46 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-07 00:22 - 2015-11-26 11:19 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-07 00:22 - 2015-10-30 16:36 - 00001851 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-07 00:22 - 2015-09-15 18:59 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2016-02-07 00:22 - 2015-08-02 19:24 - 00001051 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk
2016-02-07 00:22 - 2015-08-02 19:23 - 00002382 _____ C:\Users\Maurício\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-07 00:22 - 2015-06-05 17:34 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2016-02-07 00:22 - 2015-06-04 14:45 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-07 00:22 - 2015-01-06 22:10 - 00002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2016-02-07 00:22 - 2014-06-17 15:51 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2016-02-07 00:22 - 2012-10-25 15:06 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-02-07 00:22 - 2012-10-25 15:06 - 00000947 _____ C:\Users\Public\Desktop\µTorrent.lnk
2016-02-07 00:22 - 2012-09-11 14:23 - 00002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visualizador do Microsoft PowerPoint .lnk
2016-02-07 00:22 - 2012-07-23 15:43 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-02-07 00:22 - 2012-01-23 22:09 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-02-07 00:22 - 2012-01-23 21:57 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-02-07 00:22 - 2012-01-23 21:53 - 00002679 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
2016-02-07 00:22 - 2012-01-23 21:53 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
2016-02-07 00:22 - 2012-01-23 21:53 - 00001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
2016-02-07 00:22 - 2012-01-23 21:51 - 00002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
2016-02-07 00:22 - 2012-01-23 21:47 - 00001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
2016-02-07 00:22 - 2012-01-23 21:35 - 00001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
2016-02-07 00:22 - 2012-01-23 21:32 - 00001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
2016-02-07 00:22 - 2012-01-23 21:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-02-07 00:22 - 2012-01-23 21:22 - 00001991 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2016-02-07 00:22 - 2012-01-23 21:22 - 00001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2016-02-07 00:22 - 2012-01-23 21:16 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-02-07 00:21 - 2015-10-30 16:36 - 00001865 _____ C:\Users\Maurício\Desktop\Spotify.lnk
2016-02-07 00:21 - 2015-08-03 16:23 - 00001116 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2016-02-07 00:21 - 2015-04-12 13:15 - 00002144 _____ C:\Users\Maurício\Desktop\Google Earth.lnk
2016-02-07 00:21 - 2014-03-23 11:12 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-07 00:21 - 2014-03-23 11:12 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-02-07 00:21 - 2013-09-30 18:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-07 00:21 - 2013-07-15 15:39 - 00001190 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2016-02-07 00:21 - 2013-02-05 23:47 - 00001035 _____ C:\Users\Maurício\Desktop\PhotoScape.lnk
2016-02-07 00:21 - 2013-01-11 01:10 - 00001268 _____ C:\Users\Public\Desktop\RealPlayer.lnk
2016-02-07 00:21 - 2012-01-23 22:05 - 00002180 _____ C:\Users\Public\Desktop\Imagination Studio Suite 2 - VAIO Edition.lnk
2016-02-07 00:21 - 2012-01-23 22:05 - 00002023 _____ C:\Users\Public\Desktop\Microsoft Office 2010.lnk
2016-02-07 00:20 - 2014-08-09 12:04 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-02-07 00:20 - 2014-08-09 12:04 - 00000000 ____D C:\ProgramData\baidu
2016-02-07 00:20 - 2013-05-27 21:13 - 00000000 ____D C:\Users\Maurício\AppData\Roaming\baidu
2016-02-06 23:56 - 2009-07-14 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-06 23:54 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\Branding
2016-02-06 23:53 - 2013-06-23 16:59 - 00000000 ____D C:\Users\Todos os Usuários\ssafuE essavee
2016-02-06 23:53 - 2013-06-23 16:59 - 00000000 ____D C:\ProgramData\ssafuE essavee
2016-02-06 18:29 - 2014-10-20 16:04 - 00000000 __SHD C:\Users\Maurício\AppData\Local\EmieUserList
2016-02-06 18:29 - 2014-10-20 16:04 - 00000000 __SHD C:\Users\Maurício\AppData\Local\EmieSiteList
2016-02-06 17:56 - 2015-05-01 14:22 - 455391775 _____ C:\WINDOWS\MEMORY.DMP
2016-02-04 10:22 - 2015-12-12 03:32 - 00000000 ____D C:\Users\DefaultAppPool
2016-02-04 09:55 - 2015-08-02 19:23 - 00000000 ___RD C:\Users\Maurício\OneDrive
2016-02-03 19:54 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-03 18:41 - 2013-02-05 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-03 16:01 - 2015-10-30 04:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 16:01 - 2015-10-30 04:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-03 13:16 - 2013-02-05 23:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 13:16 - 2013-02-05 23:47 - 00003930 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-31 03:01 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 19:20 - 2012-11-28 18:10 - 00000000 ____D C:\Users\Maurício\Desktop\Toques
2016-01-25 17:49 - 2013-01-16 19:40 - 00000000 ____D C:\Users\Maurício\AppData\Local\ElevatedDiagnostics
2016-01-25 11:33 - 2014-07-22 21:57 - 00000000 ____D C:\Users\Maurício\Desktop\FOTAS
2016-01-22 17:41 - 2015-04-18 16:07 - 00000000 ____D C:\Users\Maurício\Desktop\Geo
==================== Arquivos na raiz de alguns diretórios =======
2014-06-17 18:58 - 2014-06-17 19:59 - 0000097 _____ () C:\Users\Maurício\AppData\Roaming\LauncherSettings_live.cfg
2014-06-17 19:02 - 2014-06-17 19:02 - 0000039 _____ () C:\Users\Maurício\AppData\Roaming\TheHunterSettings_steam_live.cfg
2013-09-14 03:42 - 2014-03-31 18:47 - 0000182 _____ () C:\Users\Maurício\AppData\Roaming\WB.CFG
2013-08-02 17:54 - 2013-09-23 23:39 - 0000117 _____ () C:\Users\Maurício\AppData\Local\ap_UA-24552437-8.txt
2013-04-19 14:27 - 2014-03-06 19:52 - 0000952 _____ () C:\ProgramData\KGyGaAvL.sys
2016-02-06 18:31 - 2016-02-06 18:31 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\Users\Maurício\AppData\Local\Temp\00007299\casrss.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Alguns arquivos em TEMP:
====================
C:\Users\Maurício\AppData\Local\Temp\13603P1WDE.exe
C:\Users\Maurício\AppData\Local\Temp\1454815240.exe
C:\Users\Maurício\AppData\Local\Temp\2445.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\94492374-D784-9438-D90A-88FF9BFD79E8.exe
C:\Users\Maurício\AppData\Local\Temp\9673.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\986F.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.dll
C:\Users\Maurício\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.exe
C:\Users\Maurício\AppData\Local\Temp\B48F.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\C1ED.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\D974.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\D9C9.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\F97D.tmp.exe
C:\Users\Maurício\AppData\Local\Temp\fsd1B43.exe
C:\Users\Maurício\AppData\Local\Temp\SpGWj2aRaB.exe
C:\Users\Maurício\AppData\Local\Temp\tu17p84.exe
C:\Users\Maurício\AppData\Local\Temp\Uninstall.exe
C:\Users\Maurício\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-02-20 20:06
==================== Fim de FRST.txt ============================