Publicité
Publicité
Commentaire : http://www.cjoint.com/c/ELduv7ZmE1z
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:01-03-2016
Executado por inteligente (administrador) em JEFERSON (01-03-2016 18:47:07)
Executando a partir de C:\Users\inteligente\Downloads\Programs
Perfis Carregados: inteligente & UpdatusUser (Perfis Disponíveis: inteligente & UpdatusUser)
Platform: Microsoft Windows 8.1 Pro (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão não detectado!)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\msiql.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\CalendarTool\2.0.0.11189\CalendarServ.exe
() C:\Program Files\CalendarTool\2.0.0.11189\calendar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(DotC United Inc) C:\Program Files\MPC Cleaner\MPCProtectService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\inteligente\Downloads\NetFree.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Run: [mbot_br_014010248] => C:\Program Files\mbot_br_014010248\mbot_br_014010248.exe [3956912 2016-02-24] ()
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.exe [2720256 2016-02-28] ()
HKLM\...\RunOnce: [upmbot_br_014010248.exe] => C:\Users\inteligente\AppData\Local\mbot_br_014010248\upmbot_br_014010248.exe [3154096 2016-02-24] ()
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Google Update] => C:\Users\inteligente\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-06-26] (Google Inc.)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [GoogleChromeAutoLaunch_68045D971537979E5777731F335CEF5C] => C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [d4ba9a278de88f94a3dc5dae09d5ddd1] => C:\Users\inteligente\AppData\Roaming\csrss.exe [128000 2016-02-25] ()
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [MSConfig] => C:\Users\inteligente\mmvvjuhh.exe [45568000 2016-02-26] (JOG)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [C] => cmd /c(@attrib -H -R -S C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\Windows\system32\GroupPolicy\Machine\R C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (a entrada de dados tem 99 mais caracteres).
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [WindApp] => "C:\Users\inteligente\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Selection Tools] => "C:\Users\inteligente\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [YeaInstaller] => C:\Users\inteligente\AppData\Local\Temp\72166L5UH\E6PS6O1EC.exe [1968128 2016-03-01] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [msiql] => c:\programdata\msiql.exe [2415616 2016-01-26] ()
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [CrashService] => "C:\Users\inteligente\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\MountPoints2: {b34aea33-ba0a-11e4-9713-806e6f6e6963} - "K:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.exe [2720256 2016-02-28] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d4ba9a278de88f94a3dc5dae09d5ddd1.exe [2016-02-25] ()
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.35.255.2 8.8.8.8
Tcpip\..\Interfaces\{9AEB4FAB-F7B8-4285-84E9-52B301A334CE}: [DhcpNameServer] 172.35.255.2 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
URLSearchHook: [S-1-5-21-962113958-2137007927-2541743853-1001] ATENÇÃO => A URLSearchHook Padrão está ausente
URLSearchHook: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 - (Sem Nome) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Nenhum Arquivo
URLSearchHook: [S-1-5-21-962113958-2137007927-2541743853-1004] ATENÇÃO => A URLSearchHook Padrão está ausente
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q=
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-02-28] ()
BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX
FireFox:
========
FF ProfilePath: C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin HKU\S-1-5-21-962113958-2137007927-2541743853-1001: @tools.google.com/Google Update;version=3 -> C:\Users\inteligente\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-962113958-2137007927-2541743853-1001: @tools.google.com/Google Update;version=9 -> C:\Users\inteligente\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-24] (Google Inc.)
FF user.js: detected! => C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default\user.js [2016-03-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-25]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-25]
FF Extension: Sem Nome - C:\Program Files\Fiddler2\FiddlerHook [não encontrado (a)]
FF Extension: Cookies Export/import - C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default\Extensions\CookiesIE@yahoo.com.xpi [2015-06-26]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files\version09CheckMeUp\194.xpi => não encontrado (a)
FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\inteligente\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\inteligente\AppData\Roaming\IDM\idmmzcc5 [2016-03-01] [não assinado]
Chrome:
=======
CHR dev: Chrome dev build detectado! <======= ATENÇÃO
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-26]
CHR Extension: (Google Docs) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-26]
CHR Extension: (Bíblia Católica Online) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoobfofcfmnhbjanfpkjemoceiefbbeb [2015-06-26]
CHR Extension: (Google Drive) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-24]
CHR Extension: (YouTube) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Adblock Plus) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-25]
CHR Extension: (Google Search) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-24]
CHR Extension: (Block site) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2016-02-25]
CHR Extension: (Mail Control) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejlhiijedldjjdmjgfiainenegbkokhn [2015-06-26]
CHR Extension: (Planilhas do Google) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-26]
CHR Extension: (Documentos Google off-line) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-25]
CHR Extension: (AdBlock) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-25]
CHR Extension: (Red Ball) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjalmjfkbijjjomllohadmkfkhgonop [2015-06-26]
CHR Extension: (IDM Integration Module) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-25]
CHR Extension: (AdBlock Pro) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-02-25]
CHR Extension: (Ultimos Torrents) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\onidcjfimideopiecibkenlependfjhf [2015-07-01]
CHR Extension: (Gmail) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 BrsHelper; C:\Program Files\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-01-11] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-03-01] (TODO: ) [Arquivo não assinado]
R2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [348640 2016-03-01] (DotC United Inc)
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [947712 2016-02-28] () [Arquivo não assinado]
R2 TheCalendarService; C:\Program Files\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-30] (Microsoft Corporation)
R2 WSServiceCrk; C:\Windows\system32\wsservice_crk.dll [102400 2012-11-27] (DeadPihto) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [47512 2016-03-01] () [Arquivo não assinado]
R3 L1E; C:\Windows\system32\DRIVERS\L1E62x86.sys [55296 2013-06-18] (Atheros Communications, Inc.)
U0 MPCBase; C:\Windows\System32\drivers\MPCBase.sys [29032 2016-03-01] (DotC United Inc)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [52456 2016-03-01] (DotC United Inc)
R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [49824 2015-10-22] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [25600 2016-02-28] () [Arquivo não assinado]
R2 SPDRIVER_1.42.1.10647; C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.sys [32256 2016-02-28] () [Arquivo não assinado]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [30224 2013-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [202584 2013-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93016 2013-10-30] (Microsoft Corporation)
R2 WinDivert32; C:\Windows\System32\drivers\WinDivert32.sys [33792 2014-12-10] (Basil's Projects) [Arquivo não assinado]
R3 WUDFSensorLP; C:\Windows\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-01 18:46 - 2016-03-01 18:47 - 00000000 ____D C:\FRST
2016-03-01 18:35 - 2016-03-01 18:35 - 00000000 ____D C:\Users\inteligente\AppData\Local\BrowserHelper
2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____D C:\Program Files\YTDownloader
2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:34 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:34 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:32 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:32 - 00000000 ____D C:\Program Files\ShopperPro3
2016-03-01 18:31 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\mystarttb
2016-03-01 18:30 - 2016-03-01 18:30 - 00000000 ____D C:\Users\inteligente\AppData\Local\Chromium
2016-03-01 18:29 - 2016-03-01 18:29 - 00000000 ____D C:\Users\Todos os Usuários\Vuofnafiwuam
2016-03-01 18:29 - 2016-03-01 18:29 - 00000000 ____D C:\ProgramData\Vuofnafiwuam
2016-03-01 18:27 - 2016-03-01 18:27 - 00002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-03-01 18:26 - 2016-03-01 18:26 - 00001856 _____ C:\Users\UpdatusUser\Desktop\MixVideoPlayer.lnk
2016-03-01 18:26 - 2016-03-01 18:26 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-03-01 18:26 - 2016-03-01 18:26 - 00000000 ____D C:\ProgramData\Uniblue
2016-03-01 18:25 - 2016-03-01 18:34 - 00002494 _____ C:\Users\inteligente\Desktop\chrome.lnk
2016-03-01 18:24 - 2016-03-01 18:24 - 00002501 _____ C:\Windows\patsearch.bin
2016-03-01 18:24 - 2016-03-01 18:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2016-03-01 18:23 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\version09CheckMeUp
2016-03-01 18:23 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\MixVideoPlayer
2016-03-01 18:23 - 2016-03-01 18:23 - 00052456 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-03-01 18:23 - 2016-03-01 18:23 - 00029032 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCBase.sys
2016-03-01 18:23 - 2016-03-01 18:23 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-03-01 18:21 - 2016-03-01 18:21 - 00000000 ____D C:\Program Files\CalendarTool
2016-03-01 18:21 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-03-01 18:21 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-03-01 18:21 - 2015-12-10 15:43 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 18:21 - 2015-12-10 15:43 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 18:21 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-03-01 18:21 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\Program Files\osTip
2016-03-01 18:19 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-03-01 18:19 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-03-01 18:18 - 2016-03-01 18:18 - 00010365 _____ C:\Users\Todos os Usuários\webad.xml
2016-03-01 18:18 - 2016-03-01 18:18 - 00010365 _____ C:\ProgramData\webad.xml
2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\CalendarTool
2016-03-01 18:18 - 2016-01-26 11:54 - 02415616 _____ C:\Users\Todos os Usuários\msiql.exe
2016-03-01 18:18 - 2016-01-26 11:54 - 02415616 _____ C:\ProgramData\msiql.exe
2016-03-01 18:18 - 2015-11-25 15:31 - 01100288 _____ C:\Users\inteligente\AppData\Roaming\HomePage.exe
2016-03-01 18:17 - 2016-03-01 18:19 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-03-01 18:17 - 2016-03-01 18:19 - 00000000 ____D C:\ProgramData\Windows Update
2016-03-01 18:17 - 2016-03-01 18:17 - 02786816 _____ (TODO: ) C:\Users\inteligente\AppData\Roaming\svrupg.exe
2016-03-01 18:17 - 2016-03-01 18:17 - 00010365 _____ C:\Users\inteligente\AppData\Roaming\webad.xml
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\inteligente\AppData\LocalLow\Company
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\inteligente\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\uninst
2016-03-01 18:17 - 2016-01-26 11:54 - 02415616 _____ C:\Users\inteligente\AppData\Roaming\msiql.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Todos os Usuários\service.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\Users\inteligente\AppData\Roaming\service.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\ProgramData\service.exe
2016-03-01 18:17 - 2015-12-10 15:43 - 00600312 _____ C:\Users\inteligente\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 15:49 - 2016-03-01 18:17 - 00047512 _____ C:\Windows\system32\Drivers\cherimoya.sys
2016-02-26 23:31 - 2016-02-26 23:31 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\Users\Todos os Usuários\3a7daf8b000040b9
2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\ProgramData\3a7daf8b000040b9
2016-02-26 16:39 - 2016-02-26 16:39 - 00000944 _____ C:\Windows\system32\${LOGFILE}
2016-02-26 16:36 - 2016-02-26 16:37 - 00000029 _____ C:\Windows\system32\L
2016-02-26 16:25 - 2016-02-26 16:25 - 05933558 _____ (MediaPlayAir ) C:\Users\inteligente\Downloads\FlashPlayerPro [1].exe
2016-02-26 15:59 - 2016-02-26 15:59 - 00000000 ____D C:\Program Files\03000200-1456513149-0500-0006-000700080009
2016-02-26 15:58 - 2016-02-26 16:41 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\WTools
2016-02-26 15:58 - 2016-02-26 16:39 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Store
2016-02-26 15:57 - 2016-02-26 16:40 - 00000000 ____D C:\Program Files\Torrent Search
2016-02-26 15:57 - 2016-02-26 16:39 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Nosibay
2016-02-26 15:57 - 2016-02-26 16:20 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\TSearch
2016-02-26 15:56 - 2016-02-26 21:51 - 06511096 _____ () C:\Users\inteligente\Desktop\IDM 6.exe
2016-02-26 15:56 - 2016-02-26 16:37 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-26 15:56 - 2016-02-26 16:37 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-26 15:56 - 2016-02-26 15:56 - 00000008 __RSH C:\Users\inteligente\ntuser.pol
2016-02-26 15:55 - 2016-02-26 16:24 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\IDM
2016-02-26 15:55 - 2016-02-26 15:55 - 00829830 _____ C:\Windows\system32\SearchProtectService.exe
2016-02-26 15:55 - 2016-02-26 15:55 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-02-26 15:55 - 2016-02-26 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-02-26 15:54 - 2016-02-26 15:54 - 00001298 _____ C:\Users\Public\Desktop\Download IDM 6.25 Build...lnk
2016-02-26 15:51 - 2016-02-26 15:53 - 06511164 _____ C:\Users\inteligente\Downloads\IDM 6 (1).rar
2016-02-26 15:51 - 2016-02-26 15:52 - 06511164 _____ C:\Users\inteligente\Downloads\IDM 6.rar
2016-02-26 15:36 - 2014-04-15 20:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-02-26 15:31 - 2016-02-26 15:31 - 45568000 ____H (JOG) C:\Users\inteligente\mmvvjuhh.exe
2016-02-25 20:44 - 2016-02-25 21:50 - 722033176 _____ C:\Users\inteligente\Downloads\A Maldição de Oak Island - 1 Temporada Completa HD - Uma Playlist video no Dailymotion.ts
2016-02-25 20:09 - 2016-03-01 17:58 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-02-25 20:09 - 2016-02-26 22:25 - 00000000 ____D C:\Users\inteligente\Downloads\Video
2016-02-25 20:09 - 2016-02-26 15:58 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\DMCache
2016-02-25 20:09 - 2016-02-25 20:09 - 00001000 _____ C:\Users\inteligente\Desktop\Internet Download Manager.lnk
2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\Users\Todos os Usuários\IDM
2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\Users\inteligente\Downloads\Compressed
2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\ProgramData\IDM
2016-02-25 20:08 - 2016-02-25 20:08 - 06823832 _____ (Tonec Inc.) C:\Users\inteligente\Downloads\idman625build12.exe
2016-02-25 19:48 - 2016-02-25 19:48 - 00000000 ____D C:\Users\inteligente\AppData\Local\Setup Wizard
2016-02-25 00:04 - 2016-03-01 18:20 - 00000000 ____D C:\Users\inteligente\AppData\Local\mbot_br_014010248
2016-02-25 00:04 - 2016-02-25 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-25 00:04 - 2016-02-25 00:04 - 00000000 ____D C:\Program Files\mbot_br_014010248
2016-02-24 23:58 - 2016-02-24 23:58 - 00000000 ____D C:\Program Files\KMSPico 10.0.6
2016-02-24 23:57 - 2016-02-24 23:57 - 00949044 _____ C:\Users\inteligente\Downloads\KMSPico 10.0.9 Final.zip
2016-02-24 22:17 - 2015-05-30 16:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-02-24 22:17 - 2015-05-30 16:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-02-24 22:17 - 2014-12-08 16:46 - 00485544 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-02-24 22:17 - 2014-12-08 16:46 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-02-24 22:17 - 2014-12-08 16:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-02-24 22:17 - 2014-12-08 16:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-02-24 22:17 - 2014-12-08 16:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2016-02-24 22:17 - 2014-10-29 00:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2016-02-24 22:17 - 2014-10-29 00:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-02-24 22:17 - 2014-10-29 00:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-02-24 22:17 - 2014-10-29 00:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-02-24 22:17 - 2014-10-29 00:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-02-24 22:17 - 2014-10-29 00:07 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-02-24 22:17 - 2014-10-28 22:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2016-02-24 21:42 - 2015-09-29 09:36 - 05768024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-24 21:42 - 2015-09-29 09:36 - 01393072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-02-24 21:42 - 2015-09-29 09:36 - 01282528 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-02-24 21:42 - 2015-09-29 09:36 - 01269072 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-02-24 21:42 - 2015-09-29 09:36 - 01168920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-02-24 21:42 - 2015-09-24 14:12 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-02-24 21:42 - 2015-09-24 14:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-02-24 21:42 - 2015-09-24 13:57 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-02-24 21:42 - 2015-09-24 13:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-02-24 21:42 - 2015-08-07 18:46 - 01469456 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-24 21:42 - 2015-07-13 16:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-02-24 21:42 - 2015-07-13 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-24 21:42 - 2015-04-24 23:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-02-24 21:42 - 2015-03-20 00:25 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-24 21:42 - 2014-10-28 22:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2016-02-24 21:42 - 2014-10-28 22:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2016-02-24 21:42 - 2014-10-28 22:35 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2016-02-24 21:42 - 2014-10-28 22:18 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-02-24 21:42 - 2014-10-28 22:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-02-24 21:42 - 2014-10-28 21:57 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-02-24 21:42 - 2014-10-28 21:56 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-02-24 21:42 - 2014-10-23 02:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-02-24 21:42 - 2014-10-17 03:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-02-24 21:41 - 2015-07-22 11:15 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-02-24 21:41 - 2015-07-22 10:50 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-02-24 21:41 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-02-24 21:41 - 2015-06-28 02:12 - 00851704 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-24 21:41 - 2015-06-28 02:12 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-24 21:41 - 2015-06-28 02:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-24 21:41 - 2015-06-26 23:18 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-24 21:41 - 2015-06-26 23:17 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-24 21:41 - 2015-06-26 23:17 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-24 21:41 - 2015-06-26 22:27 - 01117696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-24 21:41 - 2015-06-26 22:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-24 21:41 - 2015-06-19 14:03 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-02-24 21:41 - 2015-06-15 18:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-02-24 21:41 - 2015-06-15 18:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-02-24 21:41 - 2015-06-15 16:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-24 21:41 - 2015-03-30 02:51 - 00478776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-24 21:41 - 2015-03-05 23:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-02-24 21:41 - 2014-10-28 23:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-24 21:41 - 2014-10-28 23:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-24 21:41 - 2014-10-28 22:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-02-24 21:41 - 2014-10-28 22:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-02-24 21:41 - 2014-10-28 22:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2016-02-24 21:41 - 2014-10-28 22:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2016-02-24 21:41 - 2014-10-28 22:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2016-02-24 21:41 - 2014-04-03 00:46 - 01871704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-02-24 21:41 - 2014-04-03 00:46 - 00286040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-02-24 21:40 - 2015-12-02 12:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-24 21:40 - 2015-08-26 23:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-24 21:40 - 2015-06-27 08:53 - 00108888 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-02-24 21:40 - 2015-02-20 20:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-02-24 21:40 - 2014-10-28 23:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2016-02-24 21:38 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-02-24 21:38 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-02-24 21:19 - 2014-07-24 00:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-02-24 20:49 - 2015-12-17 14:45 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-24 20:49 - 2015-12-17 13:11 - 02975744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-24 20:49 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-02-24 20:49 - 2015-08-01 11:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-02-24 20:49 - 2015-04-08 19:59 - 00333624 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-02-24 20:49 - 2015-03-04 07:05 - 00279360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-02-24 20:49 - 2015-03-03 23:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-02-24 20:49 - 2015-01-29 23:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2016-02-24 20:49 - 2014-10-29 00:10 - 00022848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-02-24 20:49 - 2014-10-28 23:01 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-02-24 20:49 - 2014-10-28 22:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-02-24 20:49 - 2014-10-28 22:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2016-02-24 20:49 - 2014-10-28 22:46 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-02-24 20:48 - 2015-10-08 12:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-02-24 20:48 - 2015-09-07 12:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-02-24 20:48 - 2015-09-07 12:53 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-02-24 20:48 - 2015-09-07 12:51 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2016-02-24 20:48 - 2015-09-07 12:22 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-02-24 20:48 - 2015-03-03 22:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-02-24 20:48 - 2015-01-28 21:56 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-02-24 20:48 - 2014-10-31 20:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-02-24 20:48 - 2014-10-28 22:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2016-02-24 20:48 - 2014-10-28 22:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2016-02-24 20:48 - 2014-10-28 22:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2016-02-24 20:48 - 2014-10-28 22:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2016-02-24 20:48 - 2014-10-28 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-02-24 20:48 - 2014-10-28 21:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\LocalLow\EmieUserList
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\LocalLow\EmieSiteList
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\Local\EmieUserList
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\Local\EmieSiteList
2016-02-11 11:26 - 2016-01-28 06:20 - 00134248 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-01 18:46 - 2015-06-26 13:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-01 18:33 - 2013-08-22 05:17 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-03-01 18:25 - 2013-08-22 05:17 - 00000000 ____D C:\Windows\AppReadiness
2016-03-01 18:22 - 2015-06-26 13:26 - 00001186 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-01 18:22 - 2015-06-26 13:26 - 00001174 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-01 18:15 - 2015-02-21 17:52 - 00000000 ____D C:\Users\inteligente\AppData\Local\Packages
2016-03-01 18:15 - 2013-08-22 05:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-01 18:04 - 2015-03-04 17:21 - 00000000 ____D C:\Users\UpdatusUser
2016-03-01 18:04 - 2015-02-21 18:06 - 00000000 __RDO C:\Users\inteligente\SkyDrive
2016-03-01 18:02 - 2013-08-22 04:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-01 17:58 - 2013-08-22 05:17 - 00000000 ___RD C:\Windows\ToastData
2016-03-01 17:58 - 2013-08-22 03:21 - 00000000 ____D C:\Windows\inf
2016-02-26 23:31 - 2015-03-04 18:26 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-26 23:31 - 2015-03-04 18:26 - 00000000 ____D C:\Windows\system32\MRT
2016-02-26 23:30 - 2015-06-26 09:42 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-962113958-2137007927-2541743853-1001Core.job
2016-02-26 17:23 - 2013-08-22 05:05 - 00000000 ____D C:\Windows\CbsTemp
2016-02-26 16:01 - 2015-03-04 20:53 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\.minecraft
2016-02-26 15:56 - 2015-02-21 17:52 - 00000000 ____D C:\Users\inteligente
2016-02-26 12:02 - 2013-08-22 03:13 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-25 18:11 - 2015-02-21 17:58 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-25 18:11 - 2013-08-22 11:12 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2016-02-25 18:11 - 2013-08-22 11:12 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2016-02-25 18:07 - 2015-07-01 17:35 - 00128000 _____ C:\Users\inteligente\AppData\Roaming\csrss.exe
2016-02-25 00:01 - 2013-08-22 05:17 - 00000000 ____D C:\Windows\System
2016-02-25 00:01 - 2013-08-22 01:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdmd.dll
2016-02-25 00:01 - 2013-08-22 01:05 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2016-02-25 00:01 - 2013-08-22 01:04 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\win.com
2016-02-25 00:01 - 2013-08-22 01:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2016-02-25 00:01 - 2013-08-22 00:55 - 00536576 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00092320 _____ (Microsoft Corporation) C:\Windows\system32\krnl386.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00069886 _____ C:\Windows\system32\edit.com
2016-02-25 00:01 - 2013-08-21 22:42 - 00068992 _____ (Microsoft Corporation) C:\Windows\system32\MMSYSTEM.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00068992 _____ (Microsoft Corporation) C:\Windows\system\MMSYSTEM.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00050648 _____ C:\Windows\system32\COMMAND.COM
2016-02-25 00:01 - 2013-08-21 22:42 - 00047840 _____ (Microsoft Corporation) C:\Windows\system32\USER.EXE
2016-02-25 00:01 - 2013-08-21 22:42 - 00042809 _____ C:\Windows\system32\KEY01.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00042537 _____ C:\Windows\system32\KEYBOARD.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\DDEML.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00039274 _____ C:\Windows\system32\mem.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00035776 _____ C:\Windows\system32\NTIO411.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00035552 _____ C:\Windows\system32\NTIO412.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00034688 _____ C:\Windows\system32\NTIO804.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00034688 _____ C:\Windows\system32\NTIO404.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00033968 _____ C:\Windows\system32\NTIO.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029370 _____ C:\Windows\system32\NTDOS411.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029274 _____ C:\Windows\system32\NTDOS412.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029146 _____ C:\Windows\system32\NTDOS804.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029146 _____ C:\Windows\system32\NTDOS404.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00027866 _____ C:\Windows\system32\NTDOS.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00027097 _____ C:\Windows\system32\country.sys
2016-02-25 00:01 - 2013-08-21 22:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\GDI.EXE
2016-02-25 00:01 - 2013-08-21 22:42 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\OLESVR.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00024064 _____ (Microsoft Corporation) C:\Windows\system\OLESVR.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00021232 _____ C:\Windows\system32\graphics.pro
2016-02-25 00:01 - 2013-08-21 22:42 - 00020634 _____ C:\Windows\system32\debug.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00019694 _____ C:\Windows\system32\GRAPHICS.COM
2016-02-25 00:01 - 2013-08-21 22:42 - 00014710 _____ C:\Windows\system32\KB16.COM
2016-02-25 00:01 - 2013-08-21 22:42 - 00012704 _____ (Microsoft Corporation) C:\Windows\system32\WFWNET.DRV
2016-02-25 00:01 - 2013-08-21 22:42 - 00012704 _____ (Microsoft Corporation) C:\Windows\system\WFWNET.DRV
2016-02-25 00:01 - 2013-08-21 22:42 - 00012642 _____ C:\Windows\system32\edlin.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00012498 _____ C:\Windows\system32\append.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00011753 _____ C:\Windows\system32\setver.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00010790 _____ C:\Windows\system32\EDIT.HLP
2016-02-25 00:01 - 2013-08-21 22:42 - 00010544 _____ (Microsoft Corporation) C:\Windows\system32\COMM.drv
2016-02-25 00:01 - 2013-08-21 22:42 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\WIFEMAN.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00009029 _____ C:\Windows\system32\ANSI.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00008424 _____ C:\Windows\system32\exe2bin.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00007052 _____ C:\Windows\system32\nlsfunc.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\WINNLS.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\SHELL.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00004768 _____ C:\Windows\system32\HIMEM.SYS
2016-02-25 00:01 - 2013-08-21 22:40 - 00028112 _____ (Microsoft Corporation) C:\Windows\system32\DRWATSON.EXE
2016-02-25 00:01 - 2013-08-21 22:40 - 00013888 _____ (Microsoft Corporation) C:\Windows\system32\TOOLHELP.DLL
2016-02-25 00:01 - 2013-08-21 22:38 - 00053600 _____ C:\Windows\system32\dosx.exe
2016-02-25 00:01 - 2013-08-21 22:35 - 00032816 _____ (Microsoft Corporation) C:\Windows\system32\COMMDLG.DLL
2016-02-25 00:01 - 2013-08-21 22:35 - 00032816 _____ (Microsoft Corporation) C:\Windows\system\COMMDLG.DLL
2016-02-25 00:01 - 2013-08-21 20:48 - 00256192 _____ (Microsoft Corporation) C:\Windows\winhelp.exe
2016-02-25 00:01 - 2013-08-21 20:48 - 00221600 _____ (Microsoft Corporation) C:\Windows\system32\lanman.drv
2016-02-25 00:01 - 2013-08-21 20:48 - 00177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00127213 _____ C:\Windows\system32\ega.cpi
2016-02-25 00:01 - 2013-08-21 20:48 - 00108464 _____ (Microsoft Corporation) C:\Windows\system32\netapi.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\olecli.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00082944 _____ (Microsoft Corporation) C:\Windows\system\olecli.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pmspl.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00028420 _____ C:\Windows\system32\bios1.rom
2016-02-25 00:01 - 2013-08-21 20:48 - 00027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00027200 _____ (Microsoft Corporation) C:\Windows\system32\ctl3dv2.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00018896 _____ (Microsoft Corporation) C:\Windows\system32\sysedit.exe
2016-02-25 00:01 - 2013-08-21 20:48 - 00018832 _____ C:\Windows\system32\v7vga.rom
2016-02-25 00:01 - 2013-08-21 20:48 - 00013312 _____ C:\Windows\system32\win87em.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009936 _____ (Microsoft Corporation) C:\Windows\system32\lzexpand.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009936 _____ (Microsoft Corporation) C:\Windows\system\lzexpand.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009008 _____ (Microsoft Corporation) C:\Windows\system32\ver.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009008 _____ (Microsoft Corporation) C:\Windows\system\ver.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00008191 _____ C:\Windows\system32\bios4.rom
2016-02-25 00:01 - 2013-08-21 20:48 - 00005532 _____ (Microsoft Corporation) C:\Windows\system\stdole.tlb
2016-02-25 00:01 - 2013-08-21 20:48 - 00004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2016-02-24 21:25 - 2015-06-26 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-24 21:24 - 2015-06-26 11:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-24 21:12 - 2015-03-04 20:01 - 00000000 ____D C:\Users\Todos os Usuários\10757429437643772310
2016-02-24 21:12 - 2015-03-04 20:01 - 00000000 ____D C:\ProgramData\10757429437643772310
2016-02-24 20:49 - 2015-06-26 09:42 - 00002479 _____ C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-24 20:34 - 2015-06-26 09:42 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-962113958-2137007927-2541743853-1001UA.job
==================== Arquivos na raiz de alguns diretórios =======
2016-02-26 15:56 - 2016-02-26 15:59 - 0001356 _____ () C:\Users\inteligente\AppData\Roaming\Bubble Dock.boostrap.log
2016-02-26 15:56 - 2016-02-26 15:57 - 0005748 _____ () C:\Users\inteligente\AppData\Roaming\Bubble Dock.installation.log
2015-07-01 17:35 - 2016-02-25 18:07 - 0128000 _____ () C:\Users\inteligente\AppData\Roaming\csrss.exe
2016-03-01 18:18 - 2015-11-25 15:31 - 1100288 _____ () C:\Users\inteligente\AppData\Roaming\HomePage.exe
2016-03-01 18:17 - 2016-01-26 11:54 - 2415616 _____ () C:\Users\inteligente\AppData\Roaming\msiql.exe
2016-02-26 15:58 - 2016-02-26 15:58 - 0000078 _____ () C:\Users\inteligente\AppData\Roaming\Selection Tools.installation.log
2016-03-01 18:17 - 2016-01-11 15:49 - 1734656 _____ () C:\Users\inteligente\AppData\Roaming\service.exe
2016-03-01 18:17 - 2016-03-01 18:17 - 2786816 _____ (TODO: ) C:\Users\inteligente\AppData\Roaming\svrupg.exe
2016-03-01 18:17 - 2016-03-01 18:17 - 0010365 _____ () C:\Users\inteligente\AppData\Roaming\webad.xml
2016-02-26 15:56 - 2016-02-26 15:56 - 0000097 _____ () C:\Users\inteligente\AppData\Roaming\WindApp.boostrap.log
2016-02-26 15:58 - 2016-02-26 15:58 - 0000078 _____ () C:\Users\inteligente\AppData\Roaming\WindApp.installation.log
2016-03-01 18:17 - 2015-12-10 15:43 - 0600312 _____ () C:\Users\inteligente\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 18:21 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2016-03-01 18:21 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-03-01 18:19 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-03-01 18:18 - 2016-01-26 11:54 - 2415616 _____ () C:\ProgramData\msiql.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 1734656 _____ () C:\ProgramData\service.exe
2016-03-01 18:18 - 2016-03-01 18:18 - 0010365 _____ () C:\ProgramData\webad.xml
2016-03-01 18:21 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\inteligente\AppData\Local\Temp\72166L5UH\E6PS6O1EC.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\Users\inteligente\mmvvjuhh.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
Alguns arquivos em TEMP:
====================
C:\Users\inteligente\AppData\Local\Temp\qqpcmgr_v11.3.17201.218_45220_Silence.exe
C:\Users\inteligente\AppData\Local\Temp\setup_mbot_br.exe
C:\Users\inteligente\AppData\Local\Temp\Ws Service Crack For Windows 8 Downloader__3687_i1543379070_il1000952.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-02-24 20:59
==================== Fim de FRST.txt ============================
Executado por inteligente (administrador) em JEFERSON (01-03-2016 18:47:07)
Executando a partir de C:\Users\inteligente\Downloads\Programs
Perfis Carregados: inteligente & UpdatusUser (Perfis Disponíveis: inteligente & UpdatusUser)
Platform: Microsoft Windows 8.1 Pro (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão não detectado!)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\msiql.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\CalendarTool\2.0.0.11189\CalendarServ.exe
() C:\Program Files\CalendarTool\2.0.0.11189\calendar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(DotC United Inc) C:\Program Files\MPC Cleaner\MPCProtectService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\inteligente\Downloads\NetFree.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
(Microsoft Corporation) C:\Windows\System32\cscript.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Run: [mbot_br_014010248] => C:\Program Files\mbot_br_014010248\mbot_br_014010248.exe [3956912 2016-02-24] ()
HKLM\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKLM\...\Run: [SPDriver] => C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.exe [2720256 2016-02-28] ()
HKLM\...\RunOnce: [upmbot_br_014010248.exe] => C:\Users\inteligente\AppData\Local\mbot_br_014010248\upmbot_br_014010248.exe [3154096 2016-02-24] ()
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Google Update] => C:\Users\inteligente\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-06-26] (Google Inc.)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [GoogleChromeAutoLaunch_68045D971537979E5777731F335CEF5C] => C:\Users\inteligente\AppData\Local\Google\Chrome\Application\chrome.exe [746648 2016-02-18] (Google Inc.)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [d4ba9a278de88f94a3dc5dae09d5ddd1] => C:\Users\inteligente\AppData\Roaming\csrss.exe [128000 2016-02-25] ()
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [MSConfig] => C:\Users\inteligente\mmvvjuhh.exe [45568000 2016-02-26] (JOG)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [C] => cmd /c(@attrib -H -R -S C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\Windows\system32\GroupPolicy\Machine\R C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (a entrada de dados tem 99 mais caracteres).
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [WindApp] => "C:\Users\inteligente\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Selection Tools] => "C:\Users\inteligente\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [YeaInstaller] => C:\Users\inteligente\AppData\Local\Temp\72166L5UH\E6PS6O1EC.exe [1968128 2016-03-01] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [msiql] => c:\programdata\msiql.exe [2415616 2016-01-26] ()
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /DEFAULT
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [CrashService] => "C:\Users\inteligente\AppData\Local\BoBrowser\Application\crash_service.exe" --max-reports=50 --no-window
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Run: [Pritc] => c:\programdata\windows update\tmp\msdtc-.exe [2980352 2016-01-08] (VLOME)
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\MountPoints2: {b34aea33-ba0a-11e4-9713-806e6f6e6963} - "K:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1991600 2015-10-22] (YTDownloader)
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.exe [2720256 2016-02-28] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d4ba9a278de88f94a3dc5dae09d5ddd1.exe [2016-02-25] ()
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.35.255.2 8.8.8.8
Tcpip\..\Interfaces\{9AEB4FAB-F7B8-4285-84E9-52B301A334CE}: [DhcpNameServer] 172.35.255.2 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX
HKU\S-1-5-21-962113958-2137007927-2541743853-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
URLSearchHook: [S-1-5-21-962113958-2137007927-2541743853-1001] ATENÇÃO => A URLSearchHook Padrão está ausente
URLSearchHook: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 - (Sem Nome) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Nenhum Arquivo
URLSearchHook: [S-1-5-21-962113958-2137007927-2541743853-1004] ATENÇÃO => A URLSearchHook Padrão está ausente
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_10¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtAtDtCzztDtDtDtDtDtC0CtAzytDtN0D0Tzu0StCyDtBtCtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyEyC0DzzyB0Ezz0EtGtD0E0DtBtGtByDtDtDtGyBtBtDyBtG0CyBtByCtB0EtD0E0F0F0CtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzytB0Fzz0E0A0EtG0ByCyD0FtGyEzyyEzztGzyzzyCzytGyD0DtDtC0EzyyDyD0DyCtC0D2QtN0A0LzutB%26cr%3D788292033%26a%3Dwbf_nwmeddnld_16_10%26os_ver%3D6.3%26os%3DWindows%2B8.1%2BPro&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-962113958-2137007927-2541743853-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3D} URL = hxxp://smartsputnik.ru/?ri=1&uid=a0308e132213bf6ef415d35c2acaa0b4&q=
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro3\ShopperPro3.dll [2016-02-28] ()
BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files\mystarttb\mystartDx.dll [2015-12-11] ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1425510326&from=wpc&uid=HitachiXHDS721050DLE630_MSK4215H11UNZG11UNZGX
FireFox:
========
FF ProfilePath: C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin HKU\S-1-5-21-962113958-2137007927-2541743853-1001: @tools.google.com/Google Update;version=3 -> C:\Users\inteligente\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-962113958-2137007927-2541743853-1001: @tools.google.com/Google Update;version=9 -> C:\Users\inteligente\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-24] (Google Inc.)
FF user.js: detected! => C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default\user.js [2016-03-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-25]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-25]
FF Extension: Sem Nome - C:\Program Files\Fiddler2\FiddlerHook [não encontrado (a)]
FF Extension: Cookies Export/import - C:\Users\inteligente\AppData\Roaming\Mozilla\Firefox\Profiles\6h107qo6.default\Extensions\CookiesIE@yahoo.com.xpi [2015-06-26]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files\version09CheckMeUp\194.xpi => não encontrado (a)
FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-962113958-2137007927-2541743853-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\inteligente\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\inteligente\AppData\Roaming\IDM\idmmzcc5 [2016-03-01] [não assinado]
Chrome:
=======
CHR dev: Chrome dev build detectado! <======= ATENÇÃO
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-26]
CHR Extension: (Google Docs) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-26]
CHR Extension: (Bíblia Católica Online) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoobfofcfmnhbjanfpkjemoceiefbbeb [2015-06-26]
CHR Extension: (Google Drive) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-24]
CHR Extension: (YouTube) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Adblock Plus) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-25]
CHR Extension: (Google Search) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-24]
CHR Extension: (Block site) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2016-02-25]
CHR Extension: (Mail Control) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejlhiijedldjjdmjgfiainenegbkokhn [2015-06-26]
CHR Extension: (Planilhas do Google) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-26]
CHR Extension: (Documentos Google off-line) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-25]
CHR Extension: (AdBlock) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-25]
CHR Extension: (Red Ball) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjalmjfkbijjjomllohadmkfkhgonop [2015-06-26]
CHR Extension: (IDM Integration Module) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-25]
CHR Extension: (AdBlock Pro) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-02-25]
CHR Extension: (Ultimos Torrents) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\onidcjfimideopiecibkenlependfjhf [2015-07-01]
CHR Extension: (Gmail) - C:\Users\inteligente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 BrsHelper; C:\Program Files\YTDownloader\BrowserHelperSrv.exe [112560 2015-10-22] ()
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-01-11] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-03-01] (TODO: ) [Arquivo não assinado]
R2 MPCProtectService; C:\Program Files\MPC Cleaner\MPCProtectService.exe [348640 2016-03-01] (DotC United Inc)
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro3\spbiu.exe [947712 2016-02-28] () [Arquivo não assinado]
R2 TheCalendarService; C:\Program Files\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-30] (Microsoft Corporation)
R2 WSServiceCrk; C:\Windows\system32\wsservice_crk.dll [102400 2012-11-27] (DeadPihto) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [47512 2016-03-01] () [Arquivo não assinado]
R3 L1E; C:\Windows\system32\DRIVERS\L1E62x86.sys [55296 2013-06-18] (Atheros Communications, Inc.)
U0 MPCBase; C:\Windows\System32\drivers\MPCBase.sys [29032 2016-03-01] (DotC United Inc)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [52456 2016-03-01] (DotC United Inc)
R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [49824 2015-10-22] (YTDownloader)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro3\spbiw.sys [25600 2016-02-28] () [Arquivo não assinado]
R2 SPDRIVER_1.42.1.10647; C:\Program Files\ShopperPro3\JSDriver\1.42.1.10647\jsdrv.sys [32256 2016-02-28] () [Arquivo não assinado]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [30224 2013-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [202584 2013-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93016 2013-10-30] (Microsoft Corporation)
R2 WinDivert32; C:\Windows\System32\drivers\WinDivert32.sys [33792 2014-12-10] (Basil's Projects) [Arquivo não assinado]
R3 WUDFSensorLP; C:\Windows\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-01 18:46 - 2016-03-01 18:47 - 00000000 ____D C:\FRST
2016-03-01 18:35 - 2016-03-01 18:35 - 00000000 ____D C:\Users\inteligente\AppData\Local\BrowserHelper
2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____D C:\Program Files\YTDownloader
2016-03-01 18:34 - 2016-03-01 18:34 - 00000000 ____D C:\Program Files\Common Files\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:34 - 00000000 ____D C:\Users\Todos os Usuários\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:34 - 00000000 ____D C:\ProgramData\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:32 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-03-01 18:32 - 2016-03-01 18:32 - 00000000 ____D C:\Program Files\ShopperPro3
2016-03-01 18:31 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\mystarttb
2016-03-01 18:30 - 2016-03-01 18:30 - 00000000 ____D C:\Users\inteligente\AppData\Local\Chromium
2016-03-01 18:29 - 2016-03-01 18:29 - 00000000 ____D C:\Users\Todos os Usuários\Vuofnafiwuam
2016-03-01 18:29 - 2016-03-01 18:29 - 00000000 ____D C:\ProgramData\Vuofnafiwuam
2016-03-01 18:27 - 2016-03-01 18:27 - 00002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-03-01 18:26 - 2016-03-01 18:26 - 00001856 _____ C:\Users\UpdatusUser\Desktop\MixVideoPlayer.lnk
2016-03-01 18:26 - 2016-03-01 18:26 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-03-01 18:26 - 2016-03-01 18:26 - 00000000 ____D C:\ProgramData\Uniblue
2016-03-01 18:25 - 2016-03-01 18:34 - 00002494 _____ C:\Users\inteligente\Desktop\chrome.lnk
2016-03-01 18:24 - 2016-03-01 18:24 - 00002501 _____ C:\Windows\patsearch.bin
2016-03-01 18:24 - 2016-03-01 18:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2016-03-01 18:23 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\version09CheckMeUp
2016-03-01 18:23 - 2016-03-01 18:33 - 00000000 ____D C:\Program Files\MixVideoPlayer
2016-03-01 18:23 - 2016-03-01 18:23 - 00052456 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-03-01 18:23 - 2016-03-01 18:23 - 00029032 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCBase.sys
2016-03-01 18:23 - 2016-03-01 18:23 - 00000000 ____D C:\Program Files\MPC Cleaner
2016-03-01 18:21 - 2016-03-01 18:21 - 00000000 ____D C:\Program Files\CalendarTool
2016-03-01 18:21 - 2016-02-24 06:18 - 01085440 _____ C:\Users\Todos os Usuários\delCalendarReg.exe
2016-03-01 18:21 - 2016-02-24 06:18 - 01085440 _____ C:\ProgramData\delCalendarReg.exe
2016-03-01 18:21 - 2015-12-10 15:43 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 18:21 - 2015-12-10 15:43 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 18:21 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-03-01 18:21 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-01 18:19 - 2016-03-01 18:19 - 00000000 ____D C:\Program Files\osTip
2016-03-01 18:19 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-03-01 18:19 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-03-01 18:18 - 2016-03-01 18:18 - 00010365 _____ C:\Users\Todos os Usuários\webad.xml
2016-03-01 18:18 - 2016-03-01 18:18 - 00010365 _____ C:\ProgramData\webad.xml
2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-03-01 18:18 - 2016-03-01 18:18 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\CalendarTool
2016-03-01 18:18 - 2016-01-26 11:54 - 02415616 _____ C:\Users\Todos os Usuários\msiql.exe
2016-03-01 18:18 - 2016-01-26 11:54 - 02415616 _____ C:\ProgramData\msiql.exe
2016-03-01 18:18 - 2015-11-25 15:31 - 01100288 _____ C:\Users\inteligente\AppData\Roaming\HomePage.exe
2016-03-01 18:17 - 2016-03-01 18:19 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-03-01 18:17 - 2016-03-01 18:19 - 00000000 ____D C:\ProgramData\Windows Update
2016-03-01 18:17 - 2016-03-01 18:17 - 02786816 _____ (TODO: ) C:\Users\inteligente\AppData\Roaming\svrupg.exe
2016-03-01 18:17 - 2016-03-01 18:17 - 00010365 _____ C:\Users\inteligente\AppData\Roaming\webad.xml
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\inteligente\AppData\LocalLow\Company
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\Users\inteligente\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-03-01 18:17 - 2016-03-01 18:17 - 00000000 ____D C:\uninst
2016-03-01 18:17 - 2016-01-26 11:54 - 02415616 _____ C:\Users\inteligente\AppData\Roaming\msiql.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\Users\Todos os Usuários\service.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\Users\inteligente\AppData\Roaming\service.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 01734656 _____ C:\ProgramData\service.exe
2016-03-01 18:17 - 2015-12-10 15:43 - 00600312 _____ C:\Users\inteligente\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 15:49 - 2016-03-01 18:17 - 00047512 _____ C:\Windows\system32\Drivers\cherimoya.sys
2016-02-26 23:31 - 2016-02-26 23:31 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\Users\Todos os Usuários\3a7daf8b000040b9
2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\ProgramData\3a7daf8b000040b9
2016-02-26 16:39 - 2016-02-26 16:39 - 00000944 _____ C:\Windows\system32\${LOGFILE}
2016-02-26 16:36 - 2016-02-26 16:37 - 00000029 _____ C:\Windows\system32\L
2016-02-26 16:25 - 2016-02-26 16:25 - 05933558 _____ (MediaPlayAir ) C:\Users\inteligente\Downloads\FlashPlayerPro [1].exe
2016-02-26 15:59 - 2016-02-26 15:59 - 00000000 ____D C:\Program Files\03000200-1456513149-0500-0006-000700080009
2016-02-26 15:58 - 2016-02-26 16:41 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\WTools
2016-02-26 15:58 - 2016-02-26 16:39 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Store
2016-02-26 15:57 - 2016-02-26 16:40 - 00000000 ____D C:\Program Files\Torrent Search
2016-02-26 15:57 - 2016-02-26 16:39 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Nosibay
2016-02-26 15:57 - 2016-02-26 16:20 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\TSearch
2016-02-26 15:56 - 2016-02-26 21:51 - 06511096 _____ () C:\Users\inteligente\Desktop\IDM 6.exe
2016-02-26 15:56 - 2016-02-26 16:37 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-26 15:56 - 2016-02-26 16:37 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-26 15:56 - 2016-02-26 15:56 - 00000008 __RSH C:\Users\inteligente\ntuser.pol
2016-02-26 15:55 - 2016-02-26 16:24 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\IDM
2016-02-26 15:55 - 2016-02-26 15:55 - 00829830 _____ C:\Windows\system32\SearchProtectService.exe
2016-02-26 15:55 - 2016-02-26 15:55 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-02-26 15:55 - 2016-02-26 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-02-26 15:54 - 2016-02-26 15:54 - 00001298 _____ C:\Users\Public\Desktop\Download IDM 6.25 Build...lnk
2016-02-26 15:51 - 2016-02-26 15:53 - 06511164 _____ C:\Users\inteligente\Downloads\IDM 6 (1).rar
2016-02-26 15:51 - 2016-02-26 15:52 - 06511164 _____ C:\Users\inteligente\Downloads\IDM 6.rar
2016-02-26 15:36 - 2014-04-15 20:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-02-26 15:31 - 2016-02-26 15:31 - 45568000 ____H (JOG) C:\Users\inteligente\mmvvjuhh.exe
2016-02-25 20:44 - 2016-02-25 21:50 - 722033176 _____ C:\Users\inteligente\Downloads\A Maldição de Oak Island - 1 Temporada Completa HD - Uma Playlist video no Dailymotion.ts
2016-02-25 20:09 - 2016-03-01 17:58 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-02-25 20:09 - 2016-02-26 22:25 - 00000000 ____D C:\Users\inteligente\Downloads\Video
2016-02-25 20:09 - 2016-02-26 15:58 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\DMCache
2016-02-25 20:09 - 2016-02-25 20:09 - 00001000 _____ C:\Users\inteligente\Desktop\Internet Download Manager.lnk
2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\Users\Todos os Usuários\IDM
2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\Users\inteligente\Downloads\Compressed
2016-02-25 20:09 - 2016-02-25 20:09 - 00000000 ____D C:\ProgramData\IDM
2016-02-25 20:08 - 2016-02-25 20:08 - 06823832 _____ (Tonec Inc.) C:\Users\inteligente\Downloads\idman625build12.exe
2016-02-25 19:48 - 2016-02-25 19:48 - 00000000 ____D C:\Users\inteligente\AppData\Local\Setup Wizard
2016-02-25 00:04 - 2016-03-01 18:20 - 00000000 ____D C:\Users\inteligente\AppData\Local\mbot_br_014010248
2016-02-25 00:04 - 2016-02-25 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2016-02-25 00:04 - 2016-02-25 00:04 - 00000000 ____D C:\Program Files\mbot_br_014010248
2016-02-24 23:58 - 2016-02-24 23:58 - 00000000 ____D C:\Program Files\KMSPico 10.0.6
2016-02-24 23:57 - 2016-02-24 23:57 - 00949044 _____ C:\Users\inteligente\Downloads\KMSPico 10.0.9 Final.zip
2016-02-24 22:17 - 2015-05-30 16:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-02-24 22:17 - 2015-05-30 16:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-02-24 22:17 - 2014-12-08 16:46 - 00485544 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-02-24 22:17 - 2014-12-08 16:46 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-02-24 22:17 - 2014-12-08 16:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-02-24 22:17 - 2014-12-08 16:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-02-24 22:17 - 2014-12-08 16:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2016-02-24 22:17 - 2014-10-29 00:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2016-02-24 22:17 - 2014-10-29 00:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-02-24 22:17 - 2014-10-29 00:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-02-24 22:17 - 2014-10-29 00:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-02-24 22:17 - 2014-10-29 00:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-02-24 22:17 - 2014-10-29 00:07 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-02-24 22:17 - 2014-10-28 22:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2016-02-24 21:42 - 2015-09-29 09:36 - 05768024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-24 21:42 - 2015-09-29 09:36 - 01393072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-02-24 21:42 - 2015-09-29 09:36 - 01282528 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-02-24 21:42 - 2015-09-29 09:36 - 01269072 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-02-24 21:42 - 2015-09-29 09:36 - 01168920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-02-24 21:42 - 2015-09-24 14:12 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-02-24 21:42 - 2015-09-24 14:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-02-24 21:42 - 2015-09-24 13:57 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-02-24 21:42 - 2015-09-24 13:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-02-24 21:42 - 2015-08-07 18:46 - 01469456 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-24 21:42 - 2015-07-13 16:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-02-24 21:42 - 2015-07-13 16:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-24 21:42 - 2015-04-24 23:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-02-24 21:42 - 2015-03-20 00:25 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-24 21:42 - 2014-10-28 22:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2016-02-24 21:42 - 2014-10-28 22:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2016-02-24 21:42 - 2014-10-28 22:35 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2016-02-24 21:42 - 2014-10-28 22:18 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-02-24 21:42 - 2014-10-28 22:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-02-24 21:42 - 2014-10-28 21:57 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-02-24 21:42 - 2014-10-28 21:56 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-02-24 21:42 - 2014-10-23 02:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-02-24 21:42 - 2014-10-17 03:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-02-24 21:41 - 2015-07-22 11:15 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-02-24 21:41 - 2015-07-22 10:50 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-02-24 21:41 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-02-24 21:41 - 2015-06-28 02:12 - 00851704 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-24 21:41 - 2015-06-28 02:12 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-24 21:41 - 2015-06-28 02:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-24 21:41 - 2015-06-26 23:18 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-24 21:41 - 2015-06-26 23:17 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-24 21:41 - 2015-06-26 23:17 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-24 21:41 - 2015-06-26 22:27 - 01117696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-24 21:41 - 2015-06-26 22:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-24 21:41 - 2015-06-19 14:03 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-02-24 21:41 - 2015-06-15 18:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-02-24 21:41 - 2015-06-15 18:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-02-24 21:41 - 2015-06-15 16:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-24 21:41 - 2015-03-30 02:51 - 00478776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-24 21:41 - 2015-03-05 23:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-02-24 21:41 - 2014-10-28 23:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-24 21:41 - 2014-10-28 23:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-24 21:41 - 2014-10-28 22:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-02-24 21:41 - 2014-10-28 22:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-02-24 21:41 - 2014-10-28 22:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2016-02-24 21:41 - 2014-10-28 22:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2016-02-24 21:41 - 2014-10-28 22:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2016-02-24 21:41 - 2014-04-03 00:46 - 01871704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-02-24 21:41 - 2014-04-03 00:46 - 00286040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-02-24 21:40 - 2015-12-02 12:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-24 21:40 - 2015-08-26 23:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-24 21:40 - 2015-06-27 08:53 - 00108888 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-02-24 21:40 - 2015-02-20 20:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-02-24 21:40 - 2014-10-28 23:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2016-02-24 21:38 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-02-24 21:38 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-02-24 21:19 - 2014-07-24 00:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-02-24 20:49 - 2015-12-17 14:45 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-24 20:49 - 2015-12-17 13:11 - 02975744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-24 20:49 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-02-24 20:49 - 2015-08-01 11:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-02-24 20:49 - 2015-04-08 19:59 - 00333624 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-02-24 20:49 - 2015-03-04 07:05 - 00279360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-02-24 20:49 - 2015-03-03 23:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-02-24 20:49 - 2015-01-29 23:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2016-02-24 20:49 - 2014-10-29 00:10 - 00022848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-02-24 20:49 - 2014-10-28 23:01 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-02-24 20:49 - 2014-10-28 22:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-02-24 20:49 - 2014-10-28 22:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2016-02-24 20:49 - 2014-10-28 22:46 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-02-24 20:48 - 2015-10-08 12:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-02-24 20:48 - 2015-09-07 12:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-02-24 20:48 - 2015-09-07 12:53 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-02-24 20:48 - 2015-09-07 12:51 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2016-02-24 20:48 - 2015-09-07 12:22 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-02-24 20:48 - 2015-03-03 22:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-02-24 20:48 - 2015-01-28 21:56 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-02-24 20:48 - 2014-10-31 20:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-02-24 20:48 - 2014-10-28 22:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2016-02-24 20:48 - 2014-10-28 22:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2016-02-24 20:48 - 2014-10-28 22:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2016-02-24 20:48 - 2014-10-28 22:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2016-02-24 20:48 - 2014-10-28 21:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-02-24 20:48 - 2014-10-28 21:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\LocalLow\EmieUserList
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\LocalLow\EmieSiteList
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\Local\EmieUserList
2016-02-24 20:33 - 2016-02-24 20:33 - 00000000 __SHD C:\Users\inteligente\AppData\Local\EmieSiteList
2016-02-11 11:26 - 2016-01-28 06:20 - 00134248 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-03-01 18:46 - 2015-06-26 13:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-01 18:33 - 2013-08-22 05:17 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-03-01 18:25 - 2013-08-22 05:17 - 00000000 ____D C:\Windows\AppReadiness
2016-03-01 18:22 - 2015-06-26 13:26 - 00001186 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-01 18:22 - 2015-06-26 13:26 - 00001174 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-01 18:15 - 2015-02-21 17:52 - 00000000 ____D C:\Users\inteligente\AppData\Local\Packages
2016-03-01 18:15 - 2013-08-22 05:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-01 18:04 - 2015-03-04 17:21 - 00000000 ____D C:\Users\UpdatusUser
2016-03-01 18:04 - 2015-02-21 18:06 - 00000000 __RDO C:\Users\inteligente\SkyDrive
2016-03-01 18:02 - 2013-08-22 04:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-01 17:58 - 2013-08-22 05:17 - 00000000 ___RD C:\Windows\ToastData
2016-03-01 17:58 - 2013-08-22 03:21 - 00000000 ____D C:\Windows\inf
2016-02-26 23:31 - 2015-03-04 18:26 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-26 23:31 - 2015-03-04 18:26 - 00000000 ____D C:\Windows\system32\MRT
2016-02-26 23:30 - 2015-06-26 09:42 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-962113958-2137007927-2541743853-1001Core.job
2016-02-26 17:23 - 2013-08-22 05:05 - 00000000 ____D C:\Windows\CbsTemp
2016-02-26 16:01 - 2015-03-04 20:53 - 00000000 ____D C:\Users\inteligente\AppData\Roaming\.minecraft
2016-02-26 15:56 - 2015-02-21 17:52 - 00000000 ____D C:\Users\inteligente
2016-02-26 12:02 - 2013-08-22 03:13 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-25 18:11 - 2015-02-21 17:58 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-25 18:11 - 2013-08-22 11:12 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2016-02-25 18:11 - 2013-08-22 11:12 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2016-02-25 18:07 - 2015-07-01 17:35 - 00128000 _____ C:\Users\inteligente\AppData\Roaming\csrss.exe
2016-02-25 00:01 - 2013-08-22 05:17 - 00000000 ____D C:\Windows\System
2016-02-25 00:01 - 2013-08-22 01:07 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdmd.dll
2016-02-25 00:01 - 2013-08-22 01:05 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2016-02-25 00:01 - 2013-08-22 01:04 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\win.com
2016-02-25 00:01 - 2013-08-22 01:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2016-02-25 00:01 - 2013-08-22 00:55 - 00536576 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00092320 _____ (Microsoft Corporation) C:\Windows\system32\krnl386.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00069886 _____ C:\Windows\system32\edit.com
2016-02-25 00:01 - 2013-08-21 22:42 - 00068992 _____ (Microsoft Corporation) C:\Windows\system32\MMSYSTEM.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00068992 _____ (Microsoft Corporation) C:\Windows\system\MMSYSTEM.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00050648 _____ C:\Windows\system32\COMMAND.COM
2016-02-25 00:01 - 2013-08-21 22:42 - 00047840 _____ (Microsoft Corporation) C:\Windows\system32\USER.EXE
2016-02-25 00:01 - 2013-08-21 22:42 - 00042809 _____ C:\Windows\system32\KEY01.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00042537 _____ C:\Windows\system32\KEYBOARD.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\DDEML.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00039274 _____ C:\Windows\system32\mem.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00035776 _____ C:\Windows\system32\NTIO411.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00035552 _____ C:\Windows\system32\NTIO412.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00034688 _____ C:\Windows\system32\NTIO804.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00034688 _____ C:\Windows\system32\NTIO404.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00033968 _____ C:\Windows\system32\NTIO.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029370 _____ C:\Windows\system32\NTDOS411.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029274 _____ C:\Windows\system32\NTDOS412.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029146 _____ C:\Windows\system32\NTDOS804.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00029146 _____ C:\Windows\system32\NTDOS404.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00027866 _____ C:\Windows\system32\NTDOS.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00027097 _____ C:\Windows\system32\country.sys
2016-02-25 00:01 - 2013-08-21 22:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\GDI.EXE
2016-02-25 00:01 - 2013-08-21 22:42 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\OLESVR.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00024064 _____ (Microsoft Corporation) C:\Windows\system\OLESVR.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00021232 _____ C:\Windows\system32\graphics.pro
2016-02-25 00:01 - 2013-08-21 22:42 - 00020634 _____ C:\Windows\system32\debug.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00019694 _____ C:\Windows\system32\GRAPHICS.COM
2016-02-25 00:01 - 2013-08-21 22:42 - 00014710 _____ C:\Windows\system32\KB16.COM
2016-02-25 00:01 - 2013-08-21 22:42 - 00012704 _____ (Microsoft Corporation) C:\Windows\system32\WFWNET.DRV
2016-02-25 00:01 - 2013-08-21 22:42 - 00012704 _____ (Microsoft Corporation) C:\Windows\system\WFWNET.DRV
2016-02-25 00:01 - 2013-08-21 22:42 - 00012642 _____ C:\Windows\system32\edlin.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00012498 _____ C:\Windows\system32\append.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00011753 _____ C:\Windows\system32\setver.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00010790 _____ C:\Windows\system32\EDIT.HLP
2016-02-25 00:01 - 2013-08-21 22:42 - 00010544 _____ (Microsoft Corporation) C:\Windows\system32\COMM.drv
2016-02-25 00:01 - 2013-08-21 22:42 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\WIFEMAN.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00009029 _____ C:\Windows\system32\ANSI.SYS
2016-02-25 00:01 - 2013-08-21 22:42 - 00008424 _____ C:\Windows\system32\exe2bin.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00007052 _____ C:\Windows\system32\nlsfunc.exe
2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\WINNLS.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\SHELL.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2016-02-25 00:01 - 2013-08-21 22:42 - 00004768 _____ C:\Windows\system32\HIMEM.SYS
2016-02-25 00:01 - 2013-08-21 22:40 - 00028112 _____ (Microsoft Corporation) C:\Windows\system32\DRWATSON.EXE
2016-02-25 00:01 - 2013-08-21 22:40 - 00013888 _____ (Microsoft Corporation) C:\Windows\system32\TOOLHELP.DLL
2016-02-25 00:01 - 2013-08-21 22:38 - 00053600 _____ C:\Windows\system32\dosx.exe
2016-02-25 00:01 - 2013-08-21 22:35 - 00032816 _____ (Microsoft Corporation) C:\Windows\system32\COMMDLG.DLL
2016-02-25 00:01 - 2013-08-21 22:35 - 00032816 _____ (Microsoft Corporation) C:\Windows\system\COMMDLG.DLL
2016-02-25 00:01 - 2013-08-21 20:48 - 00256192 _____ (Microsoft Corporation) C:\Windows\winhelp.exe
2016-02-25 00:01 - 2013-08-21 20:48 - 00221600 _____ (Microsoft Corporation) C:\Windows\system32\lanman.drv
2016-02-25 00:01 - 2013-08-21 20:48 - 00177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00127213 _____ C:\Windows\system32\ega.cpi
2016-02-25 00:01 - 2013-08-21 20:48 - 00108464 _____ (Microsoft Corporation) C:\Windows\system32\netapi.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\olecli.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00082944 _____ (Microsoft Corporation) C:\Windows\system\olecli.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pmspl.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00028420 _____ C:\Windows\system32\bios1.rom
2016-02-25 00:01 - 2013-08-21 20:48 - 00027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00027200 _____ (Microsoft Corporation) C:\Windows\system32\ctl3dv2.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00018896 _____ (Microsoft Corporation) C:\Windows\system32\sysedit.exe
2016-02-25 00:01 - 2013-08-21 20:48 - 00018832 _____ C:\Windows\system32\v7vga.rom
2016-02-25 00:01 - 2013-08-21 20:48 - 00013312 _____ C:\Windows\system32\win87em.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009936 _____ (Microsoft Corporation) C:\Windows\system32\lzexpand.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009936 _____ (Microsoft Corporation) C:\Windows\system\lzexpand.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009008 _____ (Microsoft Corporation) C:\Windows\system32\ver.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00009008 _____ (Microsoft Corporation) C:\Windows\system\ver.dll
2016-02-25 00:01 - 2013-08-21 20:48 - 00008191 _____ C:\Windows\system32\bios4.rom
2016-02-25 00:01 - 2013-08-21 20:48 - 00005532 _____ (Microsoft Corporation) C:\Windows\system\stdole.tlb
2016-02-25 00:01 - 2013-08-21 20:48 - 00004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2016-02-24 21:25 - 2015-06-26 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-24 21:24 - 2015-06-26 11:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-24 21:12 - 2015-03-04 20:01 - 00000000 ____D C:\Users\Todos os Usuários\10757429437643772310
2016-02-24 21:12 - 2015-03-04 20:01 - 00000000 ____D C:\ProgramData\10757429437643772310
2016-02-24 20:49 - 2015-06-26 09:42 - 00002479 _____ C:\Users\inteligente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-24 20:34 - 2015-06-26 09:42 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-962113958-2137007927-2541743853-1001UA.job
==================== Arquivos na raiz de alguns diretórios =======
2016-02-26 15:56 - 2016-02-26 15:59 - 0001356 _____ () C:\Users\inteligente\AppData\Roaming\Bubble Dock.boostrap.log
2016-02-26 15:56 - 2016-02-26 15:57 - 0005748 _____ () C:\Users\inteligente\AppData\Roaming\Bubble Dock.installation.log
2015-07-01 17:35 - 2016-02-25 18:07 - 0128000 _____ () C:\Users\inteligente\AppData\Roaming\csrss.exe
2016-03-01 18:18 - 2015-11-25 15:31 - 1100288 _____ () C:\Users\inteligente\AppData\Roaming\HomePage.exe
2016-03-01 18:17 - 2016-01-26 11:54 - 2415616 _____ () C:\Users\inteligente\AppData\Roaming\msiql.exe
2016-02-26 15:58 - 2016-02-26 15:58 - 0000078 _____ () C:\Users\inteligente\AppData\Roaming\Selection Tools.installation.log
2016-03-01 18:17 - 2016-01-11 15:49 - 1734656 _____ () C:\Users\inteligente\AppData\Roaming\service.exe
2016-03-01 18:17 - 2016-03-01 18:17 - 2786816 _____ (TODO: ) C:\Users\inteligente\AppData\Roaming\svrupg.exe
2016-03-01 18:17 - 2016-03-01 18:17 - 0010365 _____ () C:\Users\inteligente\AppData\Roaming\webad.xml
2016-02-26 15:56 - 2016-02-26 15:56 - 0000097 _____ () C:\Users\inteligente\AppData\Roaming\WindApp.boostrap.log
2016-02-26 15:58 - 2016-02-26 15:58 - 0000078 _____ () C:\Users\inteligente\AppData\Roaming\WindApp.installation.log
2016-03-01 18:17 - 2015-12-10 15:43 - 0600312 _____ () C:\Users\inteligente\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-03-01 18:21 - 2016-02-24 06:18 - 1085440 _____ () C:\ProgramData\delCalendarReg.exe
2016-03-01 18:21 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-03-01 18:19 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-03-01 18:18 - 2016-01-26 11:54 - 2415616 _____ () C:\ProgramData\msiql.exe
2016-03-01 18:17 - 2016-01-11 15:49 - 1734656 _____ () C:\ProgramData\service.exe
2016-03-01 18:18 - 2016-03-01 18:18 - 0010365 _____ () C:\ProgramData\webad.xml
2016-03-01 18:21 - 2015-12-10 15:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\inteligente\AppData\Local\Temp\72166L5UH\E6PS6O1EC.exe
C:\ProgramData\delCalendarReg.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\Users\inteligente\mmvvjuhh.exe
C:\Users\Todos os Usuários\delCalendarReg.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
Alguns arquivos em TEMP:
====================
C:\Users\inteligente\AppData\Local\Temp\qqpcmgr_v11.3.17201.218_45220_Silence.exe
C:\Users\inteligente\AppData\Local\Temp\setup_mbot_br.exe
C:\Users\inteligente\AppData\Local\Temp\Ws Service Crack For Windows 8 Downloader__3687_i1543379070_il1000952.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-02-24 20:59
==================== Fim de FRST.txt ============================