cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-04-2016
Executado por Victor (administrador) em VICTOR-PC (19-04-2016 18:47:02)
Executando a partir de C:\Downloads
Perfis Carregados: Victor (Perfis Disponíveis: Victor & Outros & Administrador & DefaultAppPool)
Platform: Windows 10 Pro Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(skype.cog.cc) C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Users\Victor\AppData\Roaming\Tueasjey\Tueasjey.exe
() C:\Users\Victor\AppData\Local\Apps\2.0\abril.exe
() C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\ProgramData\msiql.exe
() C:\Users\Victor\AppData\Roaming\Tueasjey\Riytkutm.exe
() C:\Users\Victor\AppData\Roaming\Tueasjey\Sughe.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(VLOME) C:\Users\Victor\AppData\Local\Temp\is-O2EA5.tmp\print.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(wifimouse.necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
() C:\Users\Victor\AppData\Local\Temp\23621\Setup.exe
(www.BitComet.com) C:\Program Files\BitComet\BitComet.exe
() C:\Users\Victor\AppData\Local\Temp\25087\Setup.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [vnlgp] => C:\Users\Victor\AppData\Roaming\vnlgp\vnlgp\start.cmd [214 2016-04-04] ()
HKLM\...\Run: [IDSCCOM8GP] => "C:\Program Files (x86)\EasyHotspot\idsccom_8GP.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [EasyHotspot] => "C:\Program Files (x86)\EasyHotspot\EasyHotspot.exe"
HKLM-x32\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [conhost.exe -start] => C:\WINDOWS\TEMP\19062\conhost.exe -start <===== ATENÇÃO
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [WindApp] => "C:\Users\Victor\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [Selection Tools] => "C:\Users\Victor\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-02-29] (SUPERAntiSpyware)
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [297472 2015-10-25] (wifimouse.necta.us)
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [Pritc] => C:\Users\Victor\AppData\Local\Temp\is-O2EA5.tmp\print.exe [2955264 2016-03-03] (VLOME) <===== ATENÇÃO
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2055168 2016-04-16] ()
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [msiql] => C:\ProgramData\msiql.exe [1913344 2016-04-19] ()
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\MountPoints2: {7f7d51d7-e933-11e5-9ce0-00188be49860} - "M:\setup.exe"
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\...\MountPoints2: {d658492f-d192-11e5-9cc4-00188be49860} - "Z:\setup.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2016-04-19]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe (Nenhum Arquivo)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-164514490-1679632668-4210770689-1000] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog5 07 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 07 C:\ProgramData\System32\SafeGuard64.dll [3587000 2016-04-05] ()
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{529e2ce3-37a3-4ec0-98f1-40c855eebbf6}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{529e2ce3-37a3-4ec0-98f1-40c855eebbf6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75e00a3b-957f-447b-95bb-8f5618f15966}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{75fbd894-d15f-11e5-9cc1-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{d4119334-7902-4fc0-b9a9-5b9d293843e8}: [NameServer] 104.197.191.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
HKU\S-1-5-21-164514490-1679632668-4210770689-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={e74979b495f647d3af1048c05b5b58c6}&r=eg
SearchScopes: HKU\S-1-5-21-164514490-1679632668-4210770689-1000 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\S-1-5-21-164514490-1679632668-4210770689-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files (x86)\mystarttb\mystartDx64.dll => Nenhum Arquivo
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Primary Color 1.0.0.7 -> {b0a28f54-b08f-4049-a9bf-8d33bd1e9222} -> C:\Program Files (x86)\Primary Color\PrimaryColorbho.dll => Nenhum Arquivo
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files (x86)\mystarttb\mystartDx.dll => Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10] (Oracle Corporation)
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx64.dll Nenhum Arquivo
Toolbar: HKLM-x32 - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll Nenhum Arquivo
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://nav.brotstation.com?uid={e74979b495f647d3af1048c05b5b58c6}&r=eg

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/JavaPlugin,version=10.3.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll [2012-01-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-28]
CHR Extension: (Google Docs) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-28]
CHR Extension: (Google Drive) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Google Search) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Assistir Filmes) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcpbnbagicabnhifjnflcckoobmdccn [2016-03-13]
CHR Extension: (BitComet Download Extension for Chrome) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhigneefebkcagnpnpbibganpmfgebnk [2016-01-28]
CHR Extension: (Planilhas do Google) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-28]
CHR Extension: (Documentos Google off-line) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AppMgr3.57.4713165; C:\ProgramData\AppMgr3.57.4713165\AppMgr.exe [488360 2016-04-19] ()
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-28] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1747456 2016-04-19] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\svrupg.exe [1163 2016-04-19] () [Arquivo não assinado]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Arquivo não assinado]
R2 Kufhuo; C:\Users\Victor\AppData\Roaming\Tueasjey\Tueasjey.exe [174416 2016-04-17] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts)
R2 ProntSpooler; C:\Users\Victor\AppData\Local\Apps\2.0\abril.exe [124928 2016-04-07] () [Arquivo não assinado]
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-21] (skype.cog.cc)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.0.11150\WeatherService.exe [153552 2015-12-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [8946136 2016-04-09] (Microsoft Corporation)
S2 BugreportW; "C:\Program Files (x86)\hohobnd\cihech.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]
S2 ggbugreport; "C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X]
S2 MPCProtectService; "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X]
S2 Pwtcchsrv; "C:\Program Files (x86)\Pwtyfemuk\Pwtcchsrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
U2 QQRepairee7; "C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairee7" [X]
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [X]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
S2 Tiuauh; "C:\Users\Victor\AppData\Roaming\VypiwGyp\Wivmor.exe" -cms [X]
S2 Util Primary Color; "C:\Program Files (x86)\Primary Color\bin\utilPrimaryColor.exe" [X]
S2 Winsere; "C:\Program Files (x86)\Winsere\Winsere\Winsere.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34720 2016-04-19] ()
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [65856 2016-04-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2016-01-30] (Disc Soft Ltd)
R1 egg_protect; C:\Windows\EProtect_amd64.sys [19856 2016-04-11] ()
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-04-05] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-05] ()
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-19] (DotC United Inc)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 phaudlwr; C:\Windows\system32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 RTL85n64; C:\Windows\System32\drivers\RTL85n64.sys [2055168 2015-10-30] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 scsiscan; C:\Windows\system32\DRIVERS\scsiscan.sys [20480 2015-10-30] (Microsoft Corporation)
R3 SPC620; C:\Windows\system32\drivers\SPC620.sys [581120 2007-09-28] (Philips )
R3 SPC620m; C:\Windows\system32\drivers\SPC620m.sys [8192 2007-09-28] (Philips )
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [168568 2016-04-19] ()
R4 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [132344 2016-04-19] (Tencent Technology(Shenzhen) Company Limited)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; não ImagePath
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys [X]
R3 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [X]
U3 wpcsvc; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-19 18:46 - 2016-04-19 18:47 - 00000000 ____D C:\FRST
2016-04-19 12:40 - 2016-04-19 12:18 - 00132344 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-04-19 12:18 - 2016-04-19 12:18 - 00000000 ____D C:\WINDOWS\SysWOW64\腾讯软件
2016-04-19 12:16 - 2016-04-19 12:16 - 00000000 ____D C:\Users\Todos os Usuários\Thunder Network
2016-04-19 12:16 - 2016-04-19 12:16 - 00000000 ____D C:\Users\Public\Thunder Network
2016-04-19 12:16 - 2016-04-19 12:16 - 00000000 ____D C:\ProgramData\Thunder Network
2016-04-19 12:16 - 2016-04-19 07:25 - 01266176 _____ C:\Users\Todos os Usuários\conhost.exe
2016-04-19 12:16 - 2016-04-19 07:25 - 01266176 _____ C:\ProgramData\conhost.exe
2016-04-19 01:18 - 2016-04-19 12:15 - 00001634 _____ C:\Users\Todos os Usuários\webad.xml
2016-04-19 01:18 - 2016-04-19 12:15 - 00001634 _____ C:\ProgramData\webad.xml
2016-04-19 01:15 - 2016-04-19 12:15 - 00000000 ____D C:\Program Files (x86)\osTip
2016-04-19 01:12 - 2016-04-19 01:12 - 00000000 ____D C:\WINDOWS\system32\gocr
2016-04-19 01:00 - 2016-04-19 12:15 - 00000000 ____D C:\Users\Todos os Usuários\AppMgr3.57.4713165
2016-04-19 01:00 - 2016-04-19 12:15 - 00000000 ____D C:\ProgramData\AppMgr3.57.4713165
2016-04-19 00:57 - 2016-04-19 17:58 - 00000316 _____ C:\WINDOWS\Tasks\Price Fountain.job
2016-04-19 00:57 - 2016-04-19 00:58 - 00000000 ____D C:\Users\Victor\AppData\LocalLow\mystarttb
2016-04-19 00:57 - 2016-04-19 00:57 - 00002808 _____ C:\WINDOWS\System32\Tasks\Price Fountain
2016-04-19 00:56 - 2016-04-19 00:56 - 00000000 ____D C:\Users\Victor\AppData\Roaming\PriceFountain
2016-04-19 00:52 - 2016-04-19 00:52 - 00000000 ____D C:\Users\Todos os Usuários\Uniblue
2016-04-19 00:52 - 2016-04-19 00:52 - 00000000 ____D C:\ProgramData\Uniblue
2016-04-19 00:46 - 2016-04-19 00:46 - 00000000 ____D C:\Users\Victor\AppData\Local\mixvideoplayer
2016-04-19 00:44 - 2016-04-19 00:44 - 00022204 _____ C:\WINDOWS\System32\Tasks\DNSLOMETA
2016-04-19 00:43 - 2016-04-19 00:43 - 00003810 _____ C:\WINDOWS\System32\Tasks\PrivacyKeeper_Popup3
2016-04-19 00:43 - 2016-04-19 00:43 - 00003544 _____ C:\WINDOWS\System32\Tasks\PrivacyKeeper_Popup
2016-04-19 00:43 - 2016-04-19 00:43 - 00003192 _____ C:\WINDOWS\System32\Tasks\MixVideoPlayer Update
2016-04-19 00:43 - 2016-04-19 00:43 - 00003078 _____ C:\WINDOWS\System32\Tasks\PrivacyKeeper_Master
2016-04-19 00:43 - 2016-04-19 00:43 - 00003078 _____ C:\WINDOWS\System32\Tasks\PrivacyKeeper_EdgeUnlock
2016-04-19 00:43 - 2016-04-19 00:43 - 00003068 _____ C:\WINDOWS\System32\Tasks\PrivacyKeeper_SkipUac
2016-04-19 00:43 - 2016-04-19 00:43 - 00003046 _____ C:\WINDOWS\System32\Tasks\PrivacyKeeper_Edge
2016-04-19 00:43 - 2016-04-19 00:43 - 00000000 ____D C:\Users\Victor\AppData\Local\BrowserWeb
2016-04-19 00:43 - 2016-04-19 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-04-19 00:40 - 2016-04-19 01:03 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Uniblue
2016-04-19 00:40 - 2016-04-19 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2016-04-19 00:40 - 2016-04-19 00:43 - 00000000 ____D C:\Users\Victor\AppData\Local\PrivacyKeeper
2016-04-19 00:40 - 2016-04-19 00:40 - 00000000 ____D C:\Users\Todos os Usuários\4e855208-1333-1
2016-04-19 00:40 - 2016-04-19 00:40 - 00000000 ____D C:\Users\Todos os Usuários\4e855208-0611-0
2016-04-19 00:40 - 2016-04-19 00:40 - 00000000 ____D C:\ProgramData\4e855208-1333-1
2016-04-19 00:40 - 2016-04-19 00:40 - 00000000 ____D C:\ProgramData\4e855208-0611-0
2016-04-19 00:35 - 2016-04-19 00:35 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-04-19 00:35 - 2016-04-19 00:35 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-19 00:29 - 2016-04-19 00:56 - 00000000 ____D C:\Users\Victor\AppData\Local\Setup Wizard
2016-04-19 00:25 - 2016-04-19 12:48 - 00000000 ____D C:\Users\Victor\AppData\Local\Apps\2.0
2016-04-19 00:25 - 2016-04-19 07:39 - 00114176 _____ C:\Users\Todos os Usuários\hp.exe
2016-04-19 00:25 - 2016-04-19 07:39 - 00114176 _____ C:\ProgramData\hp.exe
2016-04-19 00:25 - 2016-04-19 00:25 - 00000000 ____D C:\Users\Victor\AppData\Roaming\LightGate
2016-04-19 00:25 - 2016-04-19 00:25 - 00000000 ____D C:\Users\Victor\AppData\Local\csdi_monetize_320160418
2016-04-19 00:25 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-04-19 00:25 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-04-19 00:25 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-04-19 00:25 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-04-19 00:24 - 2016-04-19 10:20 - 01913344 _____ C:\Users\Todos os Usuários\msiql.exe
2016-04-19 00:24 - 2016-04-19 10:20 - 01913344 _____ C:\ProgramData\msiql.exe
2016-04-19 00:23 - 2016-04-19 12:39 - 00003646 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-04-19 00:23 - 2016-04-19 12:15 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-04-19 00:23 - 2016-04-19 12:15 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-04-19 00:23 - 2016-04-19 00:23 - 01747456 _____ C:\Users\Todos os Usuários\service.exe
2016-04-19 00:23 - 2016-04-19 00:23 - 01747456 _____ C:\ProgramData\service.exe
2016-04-19 00:23 - 2016-04-19 00:23 - 00014678 _____ C:\WINDOWS\System32\Tasks\Pwtyfemuk Cache
2016-04-19 00:23 - 2016-04-19 00:23 - 00003112 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-04-19 00:23 - 2016-04-19 00:23 - 00003050 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-04-19 00:23 - 2016-04-19 00:23 - 00003006 _____ C:\WINDOWS\System32\Tasks\osTip
2016-04-19 00:23 - 2016-04-19 00:23 - 00000000 ____D C:\Users\Victor\AppData\Roaming\UPUpdata
2016-04-19 00:23 - 2016-04-19 00:23 - 00000000 ____D C:\extensions
2016-04-19 00:22 - 2016-04-19 16:39 - 00000542 _____ C:\WINDOWS\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job
2016-04-19 00:22 - 2016-04-19 00:22 - 00003748 _____ C:\WINDOWS\System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}
2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Baidu
2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\Users\Todos os Usuários\baidu
2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-04-19 00:22 - 2016-04-19 00:22 - 00000000 ____D C:\ProgramData\baidu
2016-04-19 00:21 - 2016-04-19 00:21 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-04-19 00:21 - 2016-04-19 00:21 - 00000000 ____D C:\Program Files (x86)\WeatherTool
2016-04-19 00:20 - 2016-04-19 01:06 - 00000000 ____D C:\Program Files\Ekeh
2016-04-19 00:20 - 2016-04-19 00:26 - 00000000 ____D C:\Users\Victor\AppData\Roaming\WeatherTool
2016-04-19 00:20 - 2016-04-19 00:20 - 00034720 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-04-19 00:20 - 2016-04-19 00:20 - 00003404 _____ C:\WINDOWS\System32\Tasks\Redywo
2016-04-19 00:20 - 2016-04-19 00:20 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Tueasjey
2016-04-19 00:20 - 2016-04-19 00:20 - 00000000 ____D C:\Users\Victor\AppData\LocalLow\Company
2016-04-19 00:20 - 2016-04-19 00:20 - 00000000 ____D C:\Users\Victor\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-04-19 00:20 - 2016-04-19 00:20 - 00000000 ____D C:\Users\Victor\AppData\Local\Tempfolder
2016-04-19 00:20 - 2016-04-19 00:20 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-04-19 00:20 - 2016-04-19 00:20 - 00000000 ____D C:\uninst
2016-04-18 20:44 - 2016-04-19 12:49 - 00000000 ____D C:\Program Files (x86)\Bitcomet Ultra Accelerator
2016-04-18 20:43 - 2016-04-18 20:44 - 00584473 _____ (TrafficSpeeders LLC) C:\Users\Victor\Downloads\bitcomet_ultra_accelerator_free.exe
2016-04-17 10:31 - 2016-04-17 10:31 - 44792749 _____ C:\Users\Victor\Downloads\test.drive.unlimited.2.update.1-skidrow.rar
2016-04-17 10:24 - 2016-04-17 10:24 - 00000000 ____D C:\Users\Victor\AppData\Local\CrashRpt
2016-04-17 06:18 - 2016-04-19 00:20 - 00065856 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-04-16 17:58 - 2016-04-16 17:58 - 00015197 _____ C:\Users\Victor\Downloads\test.drive.unlimited.2.complete.edition.multi6.fitgirl.repack.torrent
2016-04-16 16:17 - 2016-04-16 16:17 - 00054088 _____ C:\Users\Victor\Downloads\avenged-sevenfold-eternal-rest.gp4
2016-04-16 16:14 - 2016-04-16 16:14 - 00108291 _____ C:\Users\Victor\Downloads\avenged-sevenfold-dear-god.gp5
2016-04-16 16:02 - 2016-04-16 16:02 - 00105370 _____ C:\Users\Victor\Downloads\avenged-sevenfold-strength-of-the-world.gp3
2016-04-15 22:59 - 2016-04-15 22:59 - 00015943 _____ C:\Users\Victor\Downloads\EC43E7E5AC1280C38A76F5FE617CA82A6F6EA2DB.torrent
2016-04-15 18:59 - 2016-04-15 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 15:20 - 2016-04-15 15:20 - 00116970 _____ C:\Users\Victor\Downloads\Dragon.Age.Inquisition.Deluxe.Edition-CPY-[rarbg.com].torrent
2016-04-15 15:20 - 2016-04-15 15:20 - 00045962 _____ C:\Users\Victor\Downloads\Dragon.Age.Inquisition.Update.1-10.Incl.DLC.and.Crack-CPY.torrent
2016-04-15 15:13 - 2016-04-15 15:13 - 00003180 _____ C:\Users\Victor\Downloads\post_reply.htm
2016-04-15 14:52 - 2015-11-05 07:50 - 00000000 ____D C:\Users\Victor\Downloads\TorrentGamesPS2
2016-04-12 12:26 - 2016-04-12 12:27 - 00001723 _____ C:\Users\Victor\Desktop\TS4 - Atalho.lnk
2016-04-12 10:48 - 2016-04-12 10:48 - 00000000 ____D C:\Users\Victor\Documents\Electronic Arts
2016-04-12 04:22 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2016-04-12 04:16 - 2016-04-12 04:22 - 00000000 ____D C:\Program Files (x86)\The Sims 4
2016-04-11 21:14 - 2016-04-11 21:20 - 00000000 ____D C:\Users\Victor\Documents\Project CARS
2016-04-11 21:14 - 2016-04-11 21:14 - 00000000 ____D C:\Users\Victor\Documents\wmd_symbol_cache
2016-04-09 22:22 - 2016-04-10 02:24 - 00000000 ____D C:\Users\Victor\AppData\Local\Ori and the Blind Forest
2016-04-09 22:21 - 2016-04-09 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ori and the Blind Forest
2016-04-09 22:13 - 2016-04-09 22:22 - 00000000 ____D C:\Program Files (x86)\Ori and the Blind Forest
2016-04-07 23:08 - 2016-04-19 12:35 - 00000000 ____D C:\Users\Todos os Usuários\Windows Security
2016-04-07 23:08 - 2016-04-19 12:35 - 00000000 ____D C:\ProgramData\Windows Security
2016-04-07 23:08 - 2016-04-09 11:26 - 00000000 ____D C:\WINDOWS\19
2016-04-07 23:07 - 2016-04-11 11:42 - 00019856 _____ C:\WINDOWS\EProtect_amd64.sys
2016-04-07 23:07 - 2016-04-07 23:07 - 00019856 _____ C:\WINDOWS\EProtect_amd64.sys_bk
2016-04-06 23:41 - 2016-04-15 14:52 - 00000000 ____D C:\Users\Victor\Downloads\Tabs
2016-04-06 23:40 - 2005-01-11 16:17 - 00000730 _____ C:\Users\Victor\Downloads\readme.html
2016-04-06 15:50 - 2016-04-06 15:50 - 00001001 _____ C:\Users\Victor\Desktop\Guitar Pro 5.lnk
2016-04-06 15:50 - 2016-04-06 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
2016-04-06 15:49 - 2016-04-06 15:49 - 11701480 _____ (Arobas Music ) C:\Users\Victor\Downloads\setup.exe
2016-04-06 15:49 - 2016-04-06 15:49 - 00000000 ____D C:\Program Files (x86)\Guitar Pro 5
2016-04-06 15:49 - 2012-11-09 10:48 - 00000000 ____D C:\Users\Victor\Downloads\RSE
2016-04-06 01:32 - 2016-04-06 01:32 - 00001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-04-06 01:32 - 2016-04-06 01:32 - 00000000 ____D C:\Users\Victor\AppData\Roaming\SUPERAntiSpyware.com
2016-04-06 01:32 - 2016-04-06 01:32 - 00000000 ____D C:\Users\Todos os Usuários\SUPERAntiSpyware.com
2016-04-06 01:32 - 2016-04-06 01:32 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-04-06 01:32 - 2016-04-06 01:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-04-06 01:32 - 2016-04-06 01:32 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-04-06 01:29 - 2016-04-06 01:31 - 25238888 _____ (SUPERAntiSpyware) C:\Users\Victor\Downloads\SUPERAntiSpyware.exe
2016-04-06 00:29 - 2016-04-06 00:30 - 55550688 _____ (Microsoft Corporation) C:\Users\Victor\Downloads\Windows-KB890830-x64-V5.34.exe
2016-04-06 00:27 - 2016-04-06 02:00 - 00000000 ____D C:\Program Files\MfeAV
2016-04-06 00:24 - 2016-04-06 00:24 - 00003206 _____ C:\WINDOWS\System32\Tasks\{D9C6447E-23A3-48B5-8BC5-4B8867169038}
2016-04-06 00:23 - 2016-04-06 00:27 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-04-06 00:23 - 2016-04-06 00:27 - 00000000 ____D C:\ProgramData\McAfee
2016-04-06 00:22 - 2016-04-06 00:22 - 00000000 ____D C:\Spy Hunter PRO
2016-04-05 22:38 - 2016-04-05 22:38 - 00000000 _____ C:\autoexec.bat
2016-04-05 22:37 - 2016-04-05 22:37 - 00003422 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-04-05 22:37 - 2016-04-05 22:37 - 00001132 _____ C:\Users\Victor\Desktop\SpyHunter.lnk
2016-04-05 22:37 - 2016-04-05 22:37 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Enigma Software Group
2016-04-05 22:34 - 2016-04-05 22:37 - 00000000 ____D C:\sh4ldr
2016-04-05 22:14 - 2016-04-05 22:14 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-04-05 22:13 - 2016-04-05 22:13 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-04-05 16:20 - 2016-04-05 16:20 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-05 16:16 - 2016-04-05 16:18 - 00000000 ____D C:\Program Files (x86)\CCleaner
2016-04-05 16:05 - 2016-04-05 16:06 - 00987728 _____ (Google Inc.) C:\Users\Victor\Downloads\ChromeSetup (1).exe
2016-04-05 15:48 - 2016-04-19 00:45 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-04-05 00:31 - 2016-04-05 00:31 - 00000000 ____D C:\Users\Victor\AppData\Roaming\MCorp
2016-04-05 00:31 - 2016-04-05 00:31 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-04-05 00:30 - 2016-04-05 00:36 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-05 00:30 - 2016-04-05 00:36 - 00000000 ____D C:\ProgramData\System32
2016-04-05 00:28 - 2016-04-05 00:28 - 00346515 _____ (zdengine) C:\WINDOWS\system32\zdengine64.dll
2016-04-05 00:26 - 2016-04-19 12:39 - 00038520 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2016-04-04 23:07 - 2016-04-04 23:07 - 00005120 _____ C:\Users\Victor\AppData\Roaming\GiftBag.db
2016-04-04 23:06 - 2016-04-04 23:06 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-04-04 23:05 - 2016-04-19 12:18 - 00087800 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-04-04 23:05 - 2016-04-19 12:18 - 00000000 ____D C:\Users\Todos os Usuários\TXQMPC
2016-04-04 23:05 - 2016-04-19 12:18 - 00000000 ____D C:\ProgramData\TXQMPC
2016-04-04 23:03 - 2016-04-04 23:03 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-04-04 23:02 - 2016-04-19 12:45 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Tencent
2016-04-04 23:02 - 2016-04-05 00:05 - 00000000 ____D C:\Users\Todos os Usuários\Tencent
2016-04-04 23:02 - 2016-04-05 00:05 - 00000000 ____D C:\ProgramData\Tencent
2016-04-04 22:59 - 2016-04-19 01:02 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-04 22:58 - 2016-04-04 22:58 - 00000000 _____ C:\Users\Victor\AppData\Roaming\1.txt
2016-04-04 22:57 - 2016-04-19 00:45 - 00003832 _____ C:\WINDOWS\System32\Tasks\DNS Monitoring
2016-04-04 22:56 - 2016-04-19 00:52 - 00000730 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-04-04 22:56 - 2016-04-19 00:52 - 00000730 __RSH C:\ProgramData\ntuser.pol
2016-04-04 22:56 - 2016-04-04 22:56 - 00023068 _____ C:\WINDOWS\System32\Tasks\{050C0447-0B08-0E0E-0C11-780E7E7F1108}
2016-04-04 22:56 - 2016-04-04 22:56 - 00000000 ____D C:\Users\Todos os Usuários\d514939d-1515-0
2016-04-04 22:56 - 2016-04-04 22:56 - 00000000 ____D C:\Users\Todos os Usuários\d514939d-0bb5-1
2016-04-04 22:56 - 2016-04-04 22:56 - 00000000 ____D C:\ProgramData\d514939d-1515-0
2016-04-04 22:56 - 2016-04-04 22:56 - 00000000 ____D C:\ProgramData\d514939d-0bb5-1
2016-04-04 22:55 - 2016-04-04 22:55 - 00002044 _____ C:\WINDOWS\System32\Tasks\kze3024
2016-04-04 22:55 - 2016-04-04 22:55 - 00000002 _____ C:\END
2016-04-04 22:52 - 2016-04-04 22:57 - 00000000 ____D C:\Users\Victor\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-04 22:52 - 2016-04-04 22:52 - 00015118 _____ C:\WINDOWS\System32\Tasks\WinTaske
2016-04-04 22:52 - 2016-04-04 22:52 - 00000000 ____D C:\Users\Victor\AppData\Roaming\vnlgp
2016-04-04 22:52 - 2016-04-04 22:52 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-04 22:51 - 2016-04-16 14:55 - 00000000 ____D C:\Users\Victor\AppData\Roaming\XBox
2016-04-04 22:51 - 2016-04-04 22:59 - 00000000 ____D C:\Users\Victor\AppData\Roaming\WTools
2016-04-04 22:51 - 2016-04-04 22:59 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Store
2016-04-04 22:50 - 2016-04-04 22:57 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Nosibay
2016-04-01 14:57 - 2016-04-01 14:57 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Doublefine
2016-04-01 00:24 - 2016-04-01 00:24 - 00000000 ____D C:\Users\Victor\AppData\Roaming\fofix
2016-04-01 00:13 - 2016-04-01 00:13 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoFiX
2016-04-01 00:12 - 2016-04-01 00:39 - 00000000 ____D C:\Users\Victor\Documents\FoFiX
2016-03-31 23:54 - 2016-03-31 23:54 - 00034067 _____ C:\Users\Victor\Iniciar Download.zip
2016-03-31 23:36 - 2016-03-31 23:36 - 00017107 _____ C:\Users\Victor\Downloads\Prince.of.Persia.The.Forgotten.Sands -SKIDROW-.torrent
2016-03-31 15:19 - 2016-04-16 17:41 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Audacity
2016-03-31 15:19 - 2016-03-31 15:19 - 00000000 ____D C:\Users\Victor\AppData\Local\Audacity
2016-03-31 14:25 - 2016-03-31 14:25 - 00000000 ____D C:\Users\Victor\.tuxguitar-1.3.1
2016-03-31 14:25 - 2016-03-31 14:25 - 00000000 ____D C:\Users\Victor\.swt
2016-03-31 14:25 - 2016-03-31 14:25 - 00000000 ____D C:\Users\Victor\.oracle_jre_usage
2016-03-30 15:18 - 2016-04-04 22:52 - 00000000 ____D C:\Users\Victor\AppData\Roaming\NVIDIA
2016-03-30 13:25 - 2016-03-30 13:25 - 00000000 ____D C:\Users\Victor\Documents\EA Games
2016-03-30 01:20 - 2016-03-30 01:20 - 00001374 _____ C:\Users\Public\Desktop\Medal of Honor Pacific Assault™.lnk
2016-03-29 23:47 - 2016-03-29 23:47 - 00000000 ____D C:\Users\Victor\Documents\my games
2016-03-29 23:46 - 2016-03-29 23:46 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-03-29 23:25 - 2016-03-31 15:18 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Origin
2016-03-29 23:25 - 2016-03-30 13:25 - 00000000 ____D C:\Users\Victor\AppData\Local\Origin
2016-03-29 23:25 - 2016-03-29 23:27 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-03-29 23:21 - 2016-03-30 13:25 - 00000000 ____D C:\Users\Todos os Usuários\Electronic Arts
2016-03-29 23:21 - 2016-03-30 13:25 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-03-29 23:20 - 2016-03-29 23:25 - 00000000 ____D C:\Program Files (x86)\Origin
2016-03-28 16:29 - 2016-03-28 16:29 - 00000000 ____D C:\Users\Victor\AppData\LocalLow\Unity
2016-03-28 16:29 - 2016-03-28 16:29 - 00000000 ____D C:\Users\Victor\AppData\LocalLow\BitCake Studio
2016-03-28 16:17 - 2016-03-28 16:17 - 00000222 _____ C:\Users\Victor\Desktop\Holodrive.url
2016-03-27 13:51 - 2016-03-27 16:44 - 2642286553 _____ C:\Users\Victor\Downloads\O Regresso (1).mp4
2016-03-26 17:52 - 2016-03-26 17:52 - 00000000 ____D C:\Users\Outros\AppData\Local\Comms
2016-03-26 17:47 - 2016-03-26 17:47 - 00000000 ____D C:\Users\Outros\Documents\Activision
2016-03-26 17:47 - 2016-03-26 17:47 - 00000000 ____D C:\Users\Outros\AppData\Roaming\Steam
2016-03-26 17:47 - 2016-03-26 17:47 - 00000000 ____D C:\Users\Outros\AppData\Local\Activision
2016-03-26 17:39 - 2016-03-26 17:39 - 00000000 ____D C:\Users\Outros\AppData\LocalLow\Sun
2016-03-26 17:35 - 2016-03-26 17:35 - 00002411 _____ C:\Users\Outros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-26 17:35 - 2016-03-26 17:35 - 00000000 ___RD C:\Users\Outros\OneDrive
2016-03-26 17:34 - 2016-03-26 17:34 - 00000000 ____D C:\Users\Outros\AppData\Local\Dropbox
2016-03-26 17:33 - 2016-03-26 17:33 - 00000000 ____D C:\Users\Outros\AppData\Local\ActiveSync
2016-03-26 17:31 - 2016-03-26 17:31 - 00000000 ____D C:\Users\Outros\AppData\Local\VirtualStore
2016-03-26 17:31 - 2016-03-26 17:31 - 00000000 ____D C:\Users\Outros\AppData\Local\Publishers
2016-03-26 17:30 - 2016-03-26 17:53 - 00000000 ____D C:\Users\Outros\AppData\Local\Packages
2016-03-26 17:30 - 2016-03-26 17:30 - 00000000 ____D C:\Users\Outros\AppData\Roaming\Adobe
2016-03-26 17:30 - 2016-03-26 17:30 - 00000000 ____D C:\Users\Outros\AppData\Local\TileDataLayer
2016-03-26 17:30 - 2016-03-26 17:30 - 00000000 ____D C:\Users\Outros\AppData\Local\NVIDIA
2016-03-26 17:30 - 2016-03-26 17:30 - 00000000 ____D C:\Users\Outros\AppData\Local\Google
2016-03-26 17:29 - 2016-03-27 17:18 - 00000000 ____D C:\Users\Outros
2016-03-26 17:29 - 2016-03-26 17:29 - 00000020 ___SH C:\Users\Outros\ntuser.ini
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Modelos
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Meus Documentos
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Menu Iniciar
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Documents\Minhas Músicas
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Documents\Minhas Imagens
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Documents\Meus Vídeos
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Dados de Aplicativos
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Configurações Locais
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\AppData\Local\Histórico
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\AppData\Local\Dados de Aplicativos
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Ambiente de Rede
2016-03-26 17:29 - 2016-03-26 17:29 - 00000000 _SHDL C:\Users\Outros\Ambiente de Impressão
2016-03-26 17:29 - 2016-02-12 04:21 - 00000000 ____D C:\Users\Outros\AppData\Roaming\Media Center Programs
2016-03-25 01:24 - 2016-03-25 01:24 - 00000000 ____D C:\Users\Victor\Tracing
2016-03-24 04:21 - 2016-03-24 04:21 - 00000000 ____D C:\Users\Victor\AppData\Local\SKIDROW
2016-03-24 04:13 - 2016-03-24 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
2016-03-24 03:23 - 2016-03-24 04:17 - 00000000 ____D C:\Program Files (x86)\Hitman Absolution
2016-03-23 22:00 - 2016-03-23 22:04 - 00000000 ____D C:\Fotos
2016-03-23 03:20 - 2016-03-23 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano
2016-03-23 03:20 - 2016-03-23 03:20 - 00000000 ____D C:\Program Files (x86)\EveryonePiano
2016-03-20 18:44 - 2016-03-20 20:19 - 00000000 ____D C:\Users\Victor\Documents\Assassin's Creed Syndicate

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-19 18:50 - 2016-01-28 21:33 - 00000000 ____D C:\Users\Victor\AppData\Roaming\BitComet
2016-04-19 18:04 - 2016-01-28 19:38 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 17:57 - 2016-01-28 19:52 - 00001020 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-19 13:03 - 2016-02-29 19:53 - 00000000 ____D C:\Users\Victor\AppData\Roaming\MPC-HC
2016-04-19 12:54 - 2016-01-29 10:52 - 00000000 ____D C:\Users\Victor\AppData\Roaming\uTorrent
2016-04-19 12:54 - 2016-01-28 21:37 - 00000000 ____D C:\Users\Victor\AppData\Roaming\DAEMON Tools Lite
2016-04-19 12:54 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-19 12:39 - 2016-02-12 04:15 - 00000000 ____D C:\Users\Victor
2016-04-19 12:39 - 2016-01-28 19:52 - 00001016 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-19 12:39 - 2016-01-28 19:38 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 12:20 - 2016-02-12 04:14 - 02119330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-19 12:20 - 2015-10-30 16:11 - 00896438 _____ C:\WINDOWS\system32\prfh0416.dat
2016-04-19 12:20 - 2015-10-30 16:11 - 00197392 _____ C:\WINDOWS\system32\prfc0416.dat
2016-04-19 12:14 - 2016-02-12 04:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-19 01:12 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-19 00:37 - 2016-02-12 11:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-18 21:00 - 2016-03-06 21:30 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F026C550-CF06-49CD-A051-18098234474A}
2016-04-15 19:00 - 2016-01-28 19:52 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-15 15:16 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-15 01:40 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 22:31 - 2016-01-28 19:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-13 20:45 - 2016-01-28 19:33 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-12 14:48 - 2016-01-28 19:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-04-12 10:43 - 2016-03-17 19:07 - 00000000 ____D C:\Vitu
2016-04-10 12:20 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-09 11:28 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-09 11:25 - 2016-02-19 23:03 - 00000000 ___RD C:\Users\Victor\Dropbox
2016-04-09 11:25 - 2016-01-28 19:52 - 00000000 ____D C:\Users\Victor\AppData\Local\Dropbox
2016-04-07 23:48 - 2016-02-12 04:07 - 00340480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-06 00:30 - 2016-02-12 14:11 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-05 16:21 - 2016-02-12 20:48 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-05 16:21 - 2016-02-12 05:05 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-05 16:18 - 2016-01-28 19:38 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-05 12:36 - 2016-01-28 19:57 - 00000000 ____D C:\Users\Victor\AppData\Local\ElevatedDiagnostics
2016-04-05 00:47 - 2016-02-20 10:57 - 00000000 ____D C:\Users\DefaultAppPool
2016-04-05 00:32 - 2016-02-06 14:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-04 23:06 - 2016-01-28 18:49 - 00000000 ____D C:\Users\Victor\AppData\Local\VirtualStore
2016-04-04 22:55 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-04 22:55 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-04-04 22:55 - 2009-07-14 00:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-01 23:02 - 2016-01-28 20:15 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Skype
2016-04-01 23:01 - 2016-01-28 19:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-01 23:01 - 2016-01-28 19:45 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-04-01 23:01 - 2016-01-28 19:45 - 00000000 ____D C:\ProgramData\Skype
2016-04-01 14:56 - 2016-01-29 02:27 - 00000000 ____D C:\Users\Todos os Usuários\Steam
2016-04-01 14:56 - 2016-01-29 02:27 - 00000000 ____D C:\ProgramData\Steam
2016-04-01 00:13 - 2016-03-14 13:49 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-04-01 00:13 - 2016-03-14 13:49 - 00000000 ____D C:\ProgramData\Origin
2016-03-31 15:19 - 2016-01-28 19:42 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-03-29 23:21 - 2016-03-04 10:46 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-03-29 23:21 - 2016-03-04 10:46 - 00000000 ____D C:\ProgramData\Package Cache

==================== Arquivos na raiz de alguns diretórios =======

2016-02-06 02:41 - 2016-02-06 02:42 - 1045397 _____ () C:\Program Files (x86)\wxmsw28u_core_vc_custom.zip
2016-04-04 22:58 - 2016-04-04 22:58 - 0000000 _____ () C:\Users\Victor\AppData\Roaming\1.txt
2016-04-04 22:49 - 2016-04-04 22:51 - 0001276 _____ () C:\Users\Victor\AppData\Roaming\Bubble Dock.boostrap.log
2016-04-04 22:50 - 2016-04-04 22:51 - 0005714 _____ () C:\Users\Victor\AppData\Roaming\Bubble Dock.installation.log
2016-04-04 23:07 - 2016-04-04 23:07 - 0005120 _____ () C:\Users\Victor\AppData\Roaming\GiftBag.db
2016-03-06 02:03 - 2016-03-06 02:03 - 0000055 _____ () C:\Users\Victor\AppData\Roaming\MouseServer.ini
2016-04-04 22:51 - 2016-04-04 22:51 - 0000078 _____ () C:\Users\Victor\AppData\Roaming\Selection Tools.installation.log
2016-04-04 22:49 - 2016-04-04 22:49 - 0000097 _____ () C:\Users\Victor\AppData\Roaming\WindApp.boostrap.log
2016-04-04 22:51 - 2016-04-04 22:51 - 0000078 _____ () C:\Users\Victor\AppData\Roaming\WindApp.installation.log
2016-03-07 12:02 - 2016-03-07 12:02 - 0000094 _____ () C:\Users\Victor\AppData\Local\fusioncache.dat
2016-04-19 12:16 - 2016-04-19 07:25 - 1266176 _____ () C:\ProgramData\conhost.exe
2016-04-19 00:25 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-04-19 00:25 - 2016-04-19 07:39 - 0114176 _____ () C:\ProgramData\hp.exe
2016-04-19 00:25 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-04-19 00:24 - 2016-04-19 10:20 - 1913344 _____ () C:\ProgramData\msiql.exe
2016-04-19 00:23 - 2016-04-19 00:23 - 1747456 _____ () C:\ProgramData\service.exe
2016-04-19 01:18 - 2016-04-19 12:15 - 0001634 _____ () C:\ProgramData\webad.xml

Arquivos para serem movidos ou deletados:
====================
C:\Users\Victor\AppData\Local\Temp\is-O2EA5.tmp\print.exe
C:\ProgramData\conhost.exe
C:\ProgramData\HomePage.exe
C:\ProgramData\hp.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\Users\Todos os Usuários\conhost.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\hp.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe


Alguns arquivos em TEMP:
====================
C:\Users\Victor\AppData\Local\Temp\D06F.tmp.exe
C:\Users\Victor\AppData\Local\Temp\ui.dll
C:\Users\Victor\AppData\Local\Temp\W9CKYDBU0X.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll
[2015-10-30 04:18] - [2015-10-30 04:18] - 0686984 ____A (Microsoft Corporation) 04314CEFDEEFA4275EF4DA48D411CD73

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 04:18] - [2015-10-30 04:18] - 0535088 ____A (Microsoft Corporation) D5D2FB0C88634E89757327AD99B9D875

C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-12 14:29

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité