Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 23-02-2017
Executado por win8.1 (administrador) em W81 (23-02-2017 02:36:07)
Executando a partir de C:\Users\win8.1\Desktop\Nova pasta (4)
Perfis Carregados: win8.1 (Perfis Disponíveis: win8.1)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(IEC) C:\Config.Msi\fc1aa4.rbf
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
() G:\PORTABLES\PROGRAMAS PORTATEIS\portable\programas\RocketDockPortable\App\RocketDock\RocketDock.exe
() C:\Windows\Temp\00032253\msiql.exe
(Pegtop Software) G:\PORTABLES\PROGRAMAS PORTATEIS\PStart.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WT Software) C:\Program Files (x86)\NSPro\NSPro.exe
(IObit) G:\PORTABLES\portables para ver\IObit Uninstaller\UninstallMonitor.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [gplyra] => C:\Users\win8.1\AppData\Roaming\gplyra\gplyra.exe <===== ATENÇÃO
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-02-06] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [Sohe client] => "C:\Users\win8.1\AppData\Roaming\Sohe\sohe.exe"
HKLM-x32\...\Run: [NSPro] => C:\Program Files (x86)\NSPro\NSPro.exe [1583280 2013-05-16] (WT Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3931728 2015-12-18] (Tonec Inc.)
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [MinhaBox.br] => C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe [3918336 2017-02-22] ()
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [Sohe client] => "C:\Users\win8.1\AppData\Roaming\Sohe\sohe.exe"
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [msiql] => C:\Windows\Temp\00032253\msiql.exe [2072064 2017-02-22] () <===== ATENÇÃO
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [[eMo]Web Browser Optimizer] => G:\OTIMIZAÇÃO\[eMo]Web Browser Optimizer.exe [730112 2014-10-30] (com0do99-net)
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [RocketDock] => G:\PORTABLES\PROGRAMAS PORTATEIS\portable\programas\RocketDockPortable\App\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [ClearRecentDocsOnExit] 0100000000000000
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
HKLM\...\Providers\ql9p1sme: C:\Program Files (x86)\Zerawardlegther Reports\local64spl.dll [307200 2017-02-21] ()
ShellExecuteHooks: Sem Nome - {88F14C42-F446-11E6-B055-64006A5CFC23} - -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{375572ED-4667-4441-907A-995909B875E0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://minilua.com/
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://minilua.com/
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
FireFox:
========
FF HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-12-09]
FF HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\win8.1\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\win8.1\AppData\Roaming\IDM\idmmzcc5 [2017-02-22] [não assinado]
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2016-12-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2016-12-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll [2014-06-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-20] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com.br/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-23] <==== ATENÇÃO
CHR Extension: (Magic Actions for YouTube™) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-02-22]
CHR Extension: (IDM Integration Module) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-20]
CHR Extension: (Chrome Media Router) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-21]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-12-29]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S4 AdvancedSystemCareService10; G:\PORTABLES\portables para ver\ASC_Portable\ASCService.exe [462624 2016-10-14] (IObit)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1620992 2017-02-21] () [Arquivo não assinado] <==== ATENÇÃO
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-02-06] (QIHU 360 SOFTWARE CO. LIMITED)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [45216 2016-12-19] (VIA Technologies, Inc.)
S4 TrkWks; %SystemRoot%\System32\trkwks.dll [X]
S2 WinSAPSvc; C:\Users\win8.1\AppData\Roaming\WinSAPSvc\WinSAP.dll [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-06-21] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-02-06] (360.cn)
S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-02-06] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-02-06] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2016-06-21] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-11-25] (360.cn)
S3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [84480 2016-12-19] (Alcor Micro, Corp.) [Arquivo não assinado]
S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2013-10-12] (AnvSoft Inc.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-11-25] (360.cn)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-19] (REALiX(tm))
S3 kmloop; C:\Windows\system32\DRIVERS\loop.sys [15360 2013-08-22] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
S4 WinDivert1.1; não ImagePath
U4 MSiSCSI; não ImagePath
U4 npcap_wifi; não ImagePath
U4 npf; system32\drivers\npf.sys [X]
U2 WinSnare; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2041-06-09 17:15 - 2041-06-09 17:15 - 00000000 ____D C:\Program Files\Common Files
2017-02-23 02:35 - 2017-02-23 02:36 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta (4)
2017-02-23 02:29 - 2017-02-23 02:36 - 00000000 ____D C:\FRST
2017-02-23 02:16 - 2017-02-23 02:28 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta (3)
2017-02-23 02:12 - 2017-02-23 02:18 - 126515222 _____ C:\Users\win8.1\Desktop\Prettiest Solo Teen Chatting with Her Fans- Free HD Porn 5e pt.flv
2017-02-23 02:11 - 2017-02-01 16:37 - 13767776 _____ (Microsoft Corporation) C:\Users\win8.1\Desktop\vcredist_x86.exe
2017-02-23 02:02 - 2017-02-23 02:10 - 116245809 _____ C:\Users\win8.1\Desktop\Petite Skype JOI- Free Pussy HD Porn Video e2 - xHamster pt.flv
2017-02-23 01:14 - 2017-02-23 01:15 - 25853419 _____ C:\Users\win8.1\Desktop\Alura- Free Webcam & Blonde Porn Video 79 - xHamster pt.flv
2017-02-23 00:40 - 2017-02-23 00:42 - 17785176 _____ C:\Users\win8.1\Desktop\full undies oil _ Upornia.com.TS
2017-02-23 00:39 - 2017-02-23 00:42 - 35985736 _____ C:\Users\win8.1\Desktop\J. Rose....SEXY! - Pornhub.com.mp4
2017-02-23 00:07 - 2017-02-23 02:30 - 00000000 __SHD C:\Program Files (x86)\NSPro
2017-02-22 23:58 - 2017-02-22 23:58 - 09419347 _____ C:\Users\win8.1\Desktop\Como Invadir o Pc de Outra Pessoa Pelo Ip #02 - YouTube.MP4
2017-02-22 19:37 - 2017-02-23 02:28 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\DMCache
2017-02-22 19:18 - 2017-02-22 19:20 - 3873351680 _____ C:\Users\win8.1\Desktop\1WinReducerEX81.iso
2017-02-22 16:21 - 2017-02-22 19:17 - 00000000 ____D C:\8.1x64
2017-02-22 15:18 - 2017-02-22 23:48 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\Foxit Software
2017-02-22 11:19 - 2017-02-22 11:27 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta (2)
2017-02-22 10:42 - 2017-02-22 10:42 - 05038610 _____ C:\Users\win8.1\Downloads\DLL Files Fixes + Crack - By LacerdaTutors V2.0.rar
2017-02-22 10:24 - 2017-02-22 10:24 - 00003582 _____ C:\Windows\System32\Tasks\Milimili
2017-02-22 10:24 - 2017-02-22 10:24 - 00003220 _____ C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-02-22 10:04 - 2014-04-08 00:26 - 01177088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2017-02-22 10:04 - 2014-04-08 00:26 - 00270336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2017-02-22 10:04 - 2014-04-08 00:26 - 00270336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll
2017-02-22 10:04 - 2011-11-03 23:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2017-02-22 10:04 - 2010-06-11 12:16 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-02-22 10:04 - 2010-06-11 12:16 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-02-22 10:04 - 2009-09-25 03:32 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2017-02-22 10:04 - 2009-07-11 17:51 - 01053696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2017-02-22 10:04 - 2009-07-11 17:40 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2017-02-22 10:04 - 2009-07-11 17:35 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2017-02-22 10:04 - 2009-07-11 17:07 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2017-02-22 10:04 - 2009-03-24 01:52 - 00659264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00614992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00218432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00155984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2017-02-22 10:04 - 2009-03-24 01:52 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL
2017-02-22 10:04 - 2009-03-24 01:52 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2017-02-22 10:04 - 2007-02-01 13:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2017-02-22 10:04 - 2007-02-01 10:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2017-02-22 10:04 - 2007-01-30 13:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2017-02-22 10:04 - 2006-08-25 17:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2017-02-22 10:04 - 2006-08-25 17:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2017-02-22 10:04 - 2006-08-25 16:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2017-02-22 10:04 - 2006-04-10 17:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL32.OCX
2017-02-22 10:04 - 2005-01-20 12:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2017-02-22 10:04 - 2002-01-04 22:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2017-02-22 10:04 - 1996-01-11 21:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40016.dll
2017-02-22 10:04 - 1996-01-11 21:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2017-02-22 10:04 - 1994-11-17 18:00 - 00210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2017-02-22 10:04 - 1993-05-11 14:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vbrun300.dll
2017-02-22 10:04 - 1992-10-20 19:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbrun200.dll
2017-02-22 10:04 - 1991-05-09 20:00 - 00271264 _____ C:\Windows\SysWOW64\vbrun100.dll
2017-02-22 09:22 - 2017-02-22 09:22 - 00002853 _____ C:\Windows\InteresTV Uninstall Log.txt
2017-02-22 09:18 - 2017-02-22 09:18 - 00006476 _____ C:\Windows\InteresTV Setup Log.txt
2017-02-22 08:55 - 2017-02-22 08:55 - 02815912 _____ C:\Users\win8.1\Downloads\MaxHD.exe
2017-02-22 08:17 - 2017-02-22 08:17 - 00000000 ____D C:\Program Files\ql9p1sme
2017-02-22 02:58 - 2017-02-22 02:58 - 00001433 _____ C:\Users\win8.1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-22 02:42 - 2017-02-22 02:42 - 32414642 _____ C:\Users\win8.1\Downloads\Baixaki_internet-explorer-10.msu
2017-02-22 02:19 - 2017-02-23 01:03 - 00000153 _____ C:\Windows\SysWOW64\FreeVK.ini
2017-02-22 01:59 - 2013-10-19 02:38 - 23213056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-02-22 01:59 - 2013-10-19 01:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-02-22 01:59 - 2013-10-19 01:33 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-02-22 01:59 - 2013-10-19 00:59 - 17143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-02-22 01:59 - 2013-10-19 00:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-02-22 01:59 - 2013-10-19 00:19 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-02-22 01:59 - 2013-10-18 23:42 - 12995072 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-02-22 01:59 - 2013-10-18 23:27 - 11222016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-02-21 18:54 - 2017-02-21 18:54 - 00001462 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-02-21 18:54 - 2017-02-21 18:54 - 00001462 __RSH C:\ProgramData\ntuser.pol
2017-02-21 16:35 - 2017-02-21 16:35 - 00000132 _____ C:\Users\win8.1\Downloads\Aida64 Extreme - Serial 2016.txt
2017-02-21 14:16 - 2017-02-21 14:18 - 00000000 ____D C:\xp
2017-02-21 14:15 - 2017-02-21 14:20 - 00000000 ____D C:\LiveXP
2017-02-21 12:58 - 2017-02-21 17:03 - 2190442496 ____R C:\Users\win8.1\Downloads\Windows 8.1 pro x64 lite por cabeção28.iso
2017-02-21 12:56 - 2017-02-21 12:56 - 00000843 _____ C:\Users\win8.1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-02-21 12:34 - 2013-08-15 19:09 - 00702968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-21 12:34 - 2013-08-15 19:09 - 00111608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-21 11:55 - 2017-02-21 11:55 - 04792320 _____ C:\Windows\system32\config\DRIVERS.iobit
2017-02-21 11:52 - 2017-02-21 11:52 - 00002806 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_win8.1
2017-02-21 09:31 - 2016-09-11 09:54 - 00019136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-02-21 09:30 - 2017-02-21 09:30 - 00010566 _____ C:\Users\win8.1\Downloads\api-ms-win-crt-locale-l1-1-0.rar
2017-02-21 09:13 - 2017-02-21 09:13 - 00071984 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-21 01:10 - 2017-02-21 01:10 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2017-02-21 01:07 - 2017-02-21 01:07 - 00000000 ____D C:\Users\win8.1\AppData\Local\UCBrowser
2017-02-21 01:03 - 2017-02-21 01:03 - 00000000 ____D C:\Users\win8.1\AppData\Local\Maritymcoward
2017-02-21 01:03 - 2017-02-21 01:03 - 00000000 ____D C:\Program Files (x86)\Zerawardlegther Reports
2017-02-21 01:01 - 2017-02-21 01:01 - 01620992 _____ C:\Users\Todos os Usuários\service.exe
2017-02-21 01:01 - 2017-02-21 01:01 - 01620992 _____ C:\ProgramData\service.exe
2017-02-21 01:01 - 2017-02-21 01:01 - 00000000 ____D C:\Users\win8.1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2017-02-21 01:00 - 2017-02-21 01:01 - 00000002 _____ C:\END
2017-02-21 00:19 - 2017-02-21 00:19 - 00000000 ____D C:\Users\win8.1\AppData\Local\Max_HD
2017-02-20 23:33 - 2017-02-20 23:33 - 00000000 ____D C:\Users\win8.1\AppData\Local\Smart PC Soft
2017-02-20 21:47 - 2017-02-20 22:09 - 00002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-20 21:47 - 2017-02-20 21:52 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-20 21:47 - 2017-02-20 21:52 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-20 21:22 - 2017-02-20 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-20 20:49 - 2017-02-21 12:34 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-20 11:09 - 2017-02-20 11:09 - 00000000 ____D C:\Users\Todos os Usuários\0loqLkE0pHh
2017-02-20 11:09 - 2017-02-20 11:09 - 00000000 ____D C:\ProgramData\0loqLkE0pHh
2017-02-20 10:22 - 2017-02-20 10:22 - 00000000 ____D C:\Users\win8.1\Documents\LabVIEW Data
2017-02-20 08:49 - 2017-02-20 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KGB Archiver
2017-02-20 08:49 - 2017-02-20 08:49 - 00000000 ____D C:\Program Files (x86)\KGB Archiver
2017-02-19 10:13 - 2017-02-19 10:13 - 00003922 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-19 10:10 - 2017-02-06 05:14 - 00086248 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2017-02-18 20:23 - 2017-02-22 11:16 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-02-18 20:23 - 2017-02-22 11:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-18 20:18 - 2012-08-30 13:15 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2017-02-18 20:18 - 2012-08-17 10:38 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2017-02-18 20:10 - 2017-02-18 20:44 - 00000000 ____D C:\Users\win8.1\.zenmap
2017-02-17 13:16 - 2017-02-17 13:16 - 00000000 ____D C:\Users\win8.1\Documents\Any Video Converter Ultimate
2017-02-17 13:08 - 2013-10-12 16:58 - 00033872 _____ (AnvSoft Inc.) C:\Windows\system32\Drivers\anvsnddrv.sys
2017-02-16 09:58 - 2017-02-21 10:08 - 00000000 ____D C:\Users\win8.1\Desktop\programas portáteis x86
2017-02-13 13:18 - 2017-02-22 16:37 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta
2017-02-12 23:30 - 2017-02-12 23:30 - 00001043 _____ C:\Users\win8.1\AppData\Roaming\Microsoft\Windows\Start Menu\Resistor Calculator.LNK
2017-02-12 23:29 - 2000-02-25 18:43 - 00061440 _____ C:\Windows\system\RICHTX32.oca
2017-02-12 23:29 - 2000-02-25 18:41 - 00238080 _____ C:\Windows\system\COMCTL32.oca
2017-02-12 23:29 - 1998-06-24 00:00 - 00609584 _____ (Microsoft Corporation) C:\Windows\system\COMCTL32.OCX
2017-02-12 23:29 - 1997-07-19 17:01 - 00196880 _____ (Microsoft Corporation) C:\Windows\system\RICHTX32.OCX
2017-02-12 23:29 - 1997-07-19 16:55 - 01347344 _____ (Microsoft Corporation) C:\Windows\system\MSVBVM50.DLL
2017-02-12 23:29 - 1997-01-16 00:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system\VB5STKIT.DLL
2017-02-12 11:34 - 2017-02-12 11:34 - 00000000 ____D C:\Users\Todos os Usuários\Schematica
2017-02-12 11:34 - 2017-02-12 11:34 - 00000000 ____D C:\ProgramData\Schematica
2017-02-12 11:33 - 2017-02-12 11:33 - 00000000 ____D C:\Program Files\ResistorColorCode
2017-02-06 14:07 - 2017-02-22 10:34 - 00000000 __SHD C:\$360Section
2017-01-31 09:19 - 2017-02-22 08:18 - 00000000 ____D C:\Users\Todos os Usuários\360Quarant
2017-01-31 09:19 - 2017-02-22 08:18 - 00000000 ____D C:\ProgramData\360Quarant
2017-01-31 09:19 - 2017-02-19 15:16 - 00000000 ____D C:\Windows\Tasks\360Disabled
2017-01-30 22:07 - 2017-01-31 11:07 - 00000000 ____D C:\Users\win8.1\AppData\Local\Hardcoded Software
2017-01-30 11:51 - 2017-01-30 11:51 - 00000020 ___SH C:\Users\win8.1\ntuser.ini
2017-01-29 12:53 - 2017-01-29 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-27 11:39 - 2017-02-22 01:12 - 00007636 _____ C:\Users\win8.1\AppData\Local\Resmon.ResmonCfg
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-23 01:35 - 2016-12-09 01:17 - 00000000 ____D C:\Users\win8.1\.VirtualBox
2017-02-23 01:26 - 2016-12-10 00:40 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{59F1189C-8DBE-47A8-A915-9D73106CA4BC}
2017-02-23 00:35 - 2017-01-23 11:26 - 00000000 ____D C:\Users\win8.1\VirtualBox VMs
2017-02-23 00:18 - 2016-12-09 00:03 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4285185113-558508907-1912671537-1001
2017-02-22 19:38 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 16:29 - 2017-01-14 05:54 - 00000000 ____D C:\WinReducer81_x64
2017-02-22 11:02 - 2016-12-17 18:04 - 00000000 ____D C:\Users\win8.1\.gstreamer-0.10
2017-02-22 11:02 - 2016-12-17 18:03 - 00000000 ____D C:\Users\win8.1\AppData\Local\MinhaBox.br
2017-02-22 10:17 - 2016-12-08 23:58 - 00000000 ____D C:\Users\win8.1
2017-02-22 08:32 - 2016-12-17 18:03 - 00000000 ____D C:\Program Files (x86)\Minhateca.com.br Box
2017-02-22 08:29 - 2016-12-09 00:11 - 00000000 ____D C:\Users\win8.1\AppData\LocalLow\360WD
2017-02-22 08:13 - 2016-12-09 00:11 - 00000000 _RSHD C:\360SANDBOX
2017-02-22 02:58 - 2016-12-08 23:58 - 00000000 ____D C:\Users\win8.1\AppData\Local\Packages
2017-02-22 02:53 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 02:01 - 2017-01-23 13:21 - 00000000 _____ C:\Users\Todos os Usuários\TEMP
2017-02-22 02:01 - 2017-01-23 13:21 - 00000000 _____ C:\ProgramData\TEMP
2017-02-22 00:48 - 2017-01-16 18:00 - 00000000 ____D C:\Users\win8.1\1
2017-02-21 12:27 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
2017-02-21 12:27 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2017-02-21 12:12 - 2016-12-12 18:58 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\IDM
2017-02-21 12:03 - 2017-01-05 13:17 - 00000000 ____D C:\WinReducerESWimConverter
2017-02-21 09:13 - 2016-12-12 18:58 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-21 01:27 - 2016-12-10 11:37 - 00000000 ____D C:\Windows\system32\MRT
2017-02-21 01:24 - 2016-12-10 11:37 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-21 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-20 21:47 - 2016-12-10 14:12 - 00000000 ____D C:\Users\win8.1\AppData\Local\Google
2017-02-19 10:10 - 2017-01-12 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-02-12 11:33 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\System
2017-02-06 05:14 - 2016-12-09 00:11 - 00330472 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2017-02-06 05:14 - 2016-12-09 00:11 - 00086248 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2017-02-01 19:46 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-31 09:55 - 2016-12-09 05:53 - 00000000 ____D C:\Windows\Panther
2017-01-31 09:19 - 2016-12-09 00:11 - 00000000 ____D C:\Users\Todos os Usuários\360safe
2017-01-31 09:19 - 2016-12-09 00:11 - 00000000 ____D C:\ProgramData\360safe
2017-01-30 18:29 - 2016-12-09 00:05 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-30 18:29 - 2013-08-31 13:31 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2017-01-30 18:29 - 2013-08-31 13:31 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2017-01-29 12:52 - 2017-01-09 21:27 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\IObit
2017-01-28 17:15 - 2016-12-09 23:36 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2017-01-28 17:15 - 2016-12-09 23:36 - 00000000 ____D C:\ProgramData\ProductData
==================== Arquivos na raiz de alguns diretórios =======
2017-01-27 11:39 - 2017-02-22 01:12 - 0007636 _____ () C:\Users\win8.1\AppData\Local\Resmon.ResmonCfg
2017-02-18 20:25 - 2017-02-18 20:36 - 0001456 _____ () C:\Users\win8.1\AppData\Local\zenmap.exe.log
2017-02-21 01:01 - 2017-02-21 01:01 - 1620992 _____ () C:\ProgramData\service.exe
2017-01-23 13:21 - 2017-02-22 02:01 - 0000000 _____ () C:\ProgramData\TEMP
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Temp\00032253\msiql.exe
C:\ProgramData\service.exe
C:\Users\Todos os Usuários\service.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-18 11:33
==================== Fim de FRST.txt ============================
Executado por win8.1 (administrador) em W81 (23-02-2017 02:36:07)
Executando a partir de C:\Users\win8.1\Desktop\Nova pasta (4)
Perfis Carregados: win8.1 (Perfis Disponíveis: win8.1)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(IEC) C:\Config.Msi\fc1aa4.rbf
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
() G:\PORTABLES\PROGRAMAS PORTATEIS\portable\programas\RocketDockPortable\App\RocketDock\RocketDock.exe
() C:\Windows\Temp\00032253\msiql.exe
(Pegtop Software) G:\PORTABLES\PROGRAMAS PORTATEIS\PStart.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WT Software) C:\Program Files (x86)\NSPro\NSPro.exe
(IObit) G:\PORTABLES\portables para ver\IObit Uninstaller\UninstallMonitor.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [gplyra] => C:\Users\win8.1\AppData\Roaming\gplyra\gplyra.exe <===== ATENÇÃO
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-02-06] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [Sohe client] => "C:\Users\win8.1\AppData\Roaming\Sohe\sohe.exe"
HKLM-x32\...\Run: [NSPro] => C:\Program Files (x86)\NSPro\NSPro.exe [1583280 2013-05-16] (WT Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3931728 2015-12-18] (Tonec Inc.)
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [MinhaBox.br] => C:\Program Files (x86)\Minhateca.com.br Box\MinhaBox.exe [3918336 2017-02-22] ()
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [Sohe client] => "C:\Users\win8.1\AppData\Roaming\Sohe\sohe.exe"
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [msiql] => C:\Windows\Temp\00032253\msiql.exe [2072064 2017-02-22] () <===== ATENÇÃO
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [[eMo]Web Browser Optimizer] => G:\OTIMIZAÇÃO\[eMo]Web Browser Optimizer.exe [730112 2014-10-30] (com0do99-net)
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Run: [RocketDock] => G:\PORTABLES\PROGRAMAS PORTATEIS\portable\programas\RocketDockPortable\App\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [ClearRecentDocsOnExit] 0100000000000000
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
HKLM\...\Providers\ql9p1sme: C:\Program Files (x86)\Zerawardlegther Reports\local64spl.dll [307200 2017-02-21] ()
ShellExecuteHooks: Sem Nome - {88F14C42-F446-11E6-B055-64006A5CFC23} - -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
GroupPolicy: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{375572ED-4667-4441-907A-995909B875E0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://minilua.com/
HKU\S-1-5-21-4285185113-558508907-1912671537-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://minilua.com/
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
FireFox:
========
FF HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-12-09]
FF HKU\S-1-5-21-4285185113-558508907-1912671537-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\win8.1\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\win8.1\AppData\Roaming\IDM\idmmzcc5 [2017-02-22] [não assinado]
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2016-12-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2016-12-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll [2014-06-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-20] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com.br/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-23] <==== ATENÇÃO
CHR Extension: (Magic Actions for YouTube™) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-02-22]
CHR Extension: (IDM Integration Module) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-20]
CHR Extension: (Chrome Media Router) - C:\Users\win8.1\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-21]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-12-29]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S4 AdvancedSystemCareService10; G:\PORTABLES\portables para ver\ASC_Portable\ASCService.exe [462624 2016-10-14] (IObit)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1620992 2017-02-21] () [Arquivo não assinado] <==== ATENÇÃO
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-02-06] (QIHU 360 SOFTWARE CO. LIMITED)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [45216 2016-12-19] (VIA Technologies, Inc.)
S4 TrkWks; %SystemRoot%\System32\trkwks.dll [X]
S2 WinSAPSvc; C:\Users\win8.1\AppData\Roaming\WinSAPSvc\WinSAP.dll [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-06-21] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-02-06] (360.cn)
S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-02-06] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-02-06] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2016-06-21] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-11-25] (360.cn)
S3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [84480 2016-12-19] (Alcor Micro, Corp.) [Arquivo não assinado]
S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2013-10-12] (AnvSoft Inc.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-11-25] (360.cn)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-19] (REALiX(tm))
S3 kmloop; C:\Windows\system32\DRIVERS\loop.sys [15360 2013-08-22] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
S4 WinDivert1.1; não ImagePath
U4 MSiSCSI; não ImagePath
U4 npcap_wifi; não ImagePath
U4 npf; system32\drivers\npf.sys [X]
U2 WinSnare; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2041-06-09 17:15 - 2041-06-09 17:15 - 00000000 ____D C:\Program Files\Common Files
2017-02-23 02:35 - 2017-02-23 02:36 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta (4)
2017-02-23 02:29 - 2017-02-23 02:36 - 00000000 ____D C:\FRST
2017-02-23 02:16 - 2017-02-23 02:28 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta (3)
2017-02-23 02:12 - 2017-02-23 02:18 - 126515222 _____ C:\Users\win8.1\Desktop\Prettiest Solo Teen Chatting with Her Fans- Free HD Porn 5e pt.flv
2017-02-23 02:11 - 2017-02-01 16:37 - 13767776 _____ (Microsoft Corporation) C:\Users\win8.1\Desktop\vcredist_x86.exe
2017-02-23 02:02 - 2017-02-23 02:10 - 116245809 _____ C:\Users\win8.1\Desktop\Petite Skype JOI- Free Pussy HD Porn Video e2 - xHamster pt.flv
2017-02-23 01:14 - 2017-02-23 01:15 - 25853419 _____ C:\Users\win8.1\Desktop\Alura- Free Webcam & Blonde Porn Video 79 - xHamster pt.flv
2017-02-23 00:40 - 2017-02-23 00:42 - 17785176 _____ C:\Users\win8.1\Desktop\full undies oil _ Upornia.com.TS
2017-02-23 00:39 - 2017-02-23 00:42 - 35985736 _____ C:\Users\win8.1\Desktop\J. Rose....SEXY! - Pornhub.com.mp4
2017-02-23 00:07 - 2017-02-23 02:30 - 00000000 __SHD C:\Program Files (x86)\NSPro
2017-02-22 23:58 - 2017-02-22 23:58 - 09419347 _____ C:\Users\win8.1\Desktop\Como Invadir o Pc de Outra Pessoa Pelo Ip #02 - YouTube.MP4
2017-02-22 19:37 - 2017-02-23 02:28 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\DMCache
2017-02-22 19:18 - 2017-02-22 19:20 - 3873351680 _____ C:\Users\win8.1\Desktop\1WinReducerEX81.iso
2017-02-22 16:21 - 2017-02-22 19:17 - 00000000 ____D C:\8.1x64
2017-02-22 15:18 - 2017-02-22 23:48 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\Foxit Software
2017-02-22 11:19 - 2017-02-22 11:27 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta (2)
2017-02-22 10:42 - 2017-02-22 10:42 - 05038610 _____ C:\Users\win8.1\Downloads\DLL Files Fixes + Crack - By LacerdaTutors V2.0.rar
2017-02-22 10:24 - 2017-02-22 10:24 - 00003582 _____ C:\Windows\System32\Tasks\Milimili
2017-02-22 10:24 - 2017-02-22 10:24 - 00003220 _____ C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-02-22 10:04 - 2014-04-08 00:26 - 01177088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2017-02-22 10:04 - 2014-04-08 00:26 - 00270336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2017-02-22 10:04 - 2014-04-08 00:26 - 00270336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll
2017-02-22 10:04 - 2011-11-03 23:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2017-02-22 10:04 - 2010-06-11 12:16 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-02-22 10:04 - 2010-06-11 12:16 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2017-02-22 10:04 - 2009-09-25 03:32 - 00126800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2017-02-22 10:04 - 2009-07-11 17:51 - 01053696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2017-02-22 10:04 - 2009-07-11 17:40 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2017-02-22 10:04 - 2009-07-11 17:40 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2017-02-22 10:04 - 2009-07-11 17:35 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2017-02-22 10:04 - 2009-07-11 17:07 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2017-02-22 10:04 - 2009-03-24 01:52 - 00659264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00614992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00443488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00415552 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00278352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00258880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00252240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00222528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00218432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00215880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00178512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00170080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00155984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2017-02-22 10:04 - 2009-03-24 01:52 - 00119616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00107840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL
2017-02-22 10:04 - 2009-03-24 01:52 - 00100160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2017-02-22 10:04 - 2009-03-24 01:52 - 00080208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2017-02-22 10:04 - 2007-02-01 13:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2017-02-22 10:04 - 2007-02-01 10:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2017-02-22 10:04 - 2007-01-30 13:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2017-02-22 10:04 - 2006-08-25 17:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2017-02-22 10:04 - 2006-08-25 17:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2017-02-22 10:04 - 2006-08-25 17:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2017-02-22 10:04 - 2006-08-25 16:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2017-02-22 10:04 - 2006-04-10 17:41 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL32.OCX
2017-02-22 10:04 - 2005-01-20 12:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2017-02-22 10:04 - 2002-01-04 22:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2017-02-22 10:04 - 1996-01-11 21:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40016.dll
2017-02-22 10:04 - 1996-01-11 21:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2017-02-22 10:04 - 1994-11-17 18:00 - 00210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2017-02-22 10:04 - 1993-05-11 14:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vbrun300.dll
2017-02-22 10:04 - 1992-10-20 19:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbrun200.dll
2017-02-22 10:04 - 1991-05-09 20:00 - 00271264 _____ C:\Windows\SysWOW64\vbrun100.dll
2017-02-22 09:22 - 2017-02-22 09:22 - 00002853 _____ C:\Windows\InteresTV Uninstall Log.txt
2017-02-22 09:18 - 2017-02-22 09:18 - 00006476 _____ C:\Windows\InteresTV Setup Log.txt
2017-02-22 08:55 - 2017-02-22 08:55 - 02815912 _____ C:\Users\win8.1\Downloads\MaxHD.exe
2017-02-22 08:17 - 2017-02-22 08:17 - 00000000 ____D C:\Program Files\ql9p1sme
2017-02-22 02:58 - 2017-02-22 02:58 - 00001433 _____ C:\Users\win8.1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-22 02:42 - 2017-02-22 02:42 - 32414642 _____ C:\Users\win8.1\Downloads\Baixaki_internet-explorer-10.msu
2017-02-22 02:19 - 2017-02-23 01:03 - 00000153 _____ C:\Windows\SysWOW64\FreeVK.ini
2017-02-22 01:59 - 2013-10-19 02:38 - 23213056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-02-22 01:59 - 2013-10-19 01:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-02-22 01:59 - 2013-10-19 01:33 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-02-22 01:59 - 2013-10-19 00:59 - 17143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-02-22 01:59 - 2013-10-19 00:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-02-22 01:59 - 2013-10-19 00:19 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-02-22 01:59 - 2013-10-18 23:42 - 12995072 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-02-22 01:59 - 2013-10-18 23:27 - 11222016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-02-21 18:54 - 2017-02-21 18:54 - 00001462 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-02-21 18:54 - 2017-02-21 18:54 - 00001462 __RSH C:\ProgramData\ntuser.pol
2017-02-21 16:35 - 2017-02-21 16:35 - 00000132 _____ C:\Users\win8.1\Downloads\Aida64 Extreme - Serial 2016.txt
2017-02-21 14:16 - 2017-02-21 14:18 - 00000000 ____D C:\xp
2017-02-21 14:15 - 2017-02-21 14:20 - 00000000 ____D C:\LiveXP
2017-02-21 12:58 - 2017-02-21 17:03 - 2190442496 ____R C:\Users\win8.1\Downloads\Windows 8.1 pro x64 lite por cabeção28.iso
2017-02-21 12:56 - 2017-02-21 12:56 - 00000843 _____ C:\Users\win8.1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-02-21 12:34 - 2013-08-15 19:09 - 00702968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-21 12:34 - 2013-08-15 19:09 - 00111608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-21 11:55 - 2017-02-21 11:55 - 04792320 _____ C:\Windows\system32\config\DRIVERS.iobit
2017-02-21 11:52 - 2017-02-21 11:52 - 00002806 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_win8.1
2017-02-21 09:31 - 2016-09-11 09:54 - 00019136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-02-21 09:30 - 2017-02-21 09:30 - 00010566 _____ C:\Users\win8.1\Downloads\api-ms-win-crt-locale-l1-1-0.rar
2017-02-21 09:13 - 2017-02-21 09:13 - 00071984 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-21 01:10 - 2017-02-21 01:10 - 00250912 _____ C:\Windows\SysWOW64\kz.exe
2017-02-21 01:07 - 2017-02-21 01:07 - 00000000 ____D C:\Users\win8.1\AppData\Local\UCBrowser
2017-02-21 01:03 - 2017-02-21 01:03 - 00000000 ____D C:\Users\win8.1\AppData\Local\Maritymcoward
2017-02-21 01:03 - 2017-02-21 01:03 - 00000000 ____D C:\Program Files (x86)\Zerawardlegther Reports
2017-02-21 01:01 - 2017-02-21 01:01 - 01620992 _____ C:\Users\Todos os Usuários\service.exe
2017-02-21 01:01 - 2017-02-21 01:01 - 01620992 _____ C:\ProgramData\service.exe
2017-02-21 01:01 - 2017-02-21 01:01 - 00000000 ____D C:\Users\win8.1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2017-02-21 01:00 - 2017-02-21 01:01 - 00000002 _____ C:\END
2017-02-21 00:19 - 2017-02-21 00:19 - 00000000 ____D C:\Users\win8.1\AppData\Local\Max_HD
2017-02-20 23:33 - 2017-02-20 23:33 - 00000000 ____D C:\Users\win8.1\AppData\Local\Smart PC Soft
2017-02-20 21:47 - 2017-02-20 22:09 - 00002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-20 21:47 - 2017-02-20 21:52 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-20 21:47 - 2017-02-20 21:52 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-20 21:22 - 2017-02-20 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-20 20:49 - 2017-02-21 12:34 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-20 11:09 - 2017-02-20 11:09 - 00000000 ____D C:\Users\Todos os Usuários\0loqLkE0pHh
2017-02-20 11:09 - 2017-02-20 11:09 - 00000000 ____D C:\ProgramData\0loqLkE0pHh
2017-02-20 10:22 - 2017-02-20 10:22 - 00000000 ____D C:\Users\win8.1\Documents\LabVIEW Data
2017-02-20 08:49 - 2017-02-20 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KGB Archiver
2017-02-20 08:49 - 2017-02-20 08:49 - 00000000 ____D C:\Program Files (x86)\KGB Archiver
2017-02-19 10:13 - 2017-02-19 10:13 - 00003922 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-19 10:10 - 2017-02-06 05:14 - 00086248 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2017-02-18 20:23 - 2017-02-22 11:16 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-02-18 20:23 - 2017-02-22 11:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-18 20:18 - 2012-08-30 13:15 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2017-02-18 20:18 - 2012-08-17 10:38 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2017-02-18 20:10 - 2017-02-18 20:44 - 00000000 ____D C:\Users\win8.1\.zenmap
2017-02-17 13:16 - 2017-02-17 13:16 - 00000000 ____D C:\Users\win8.1\Documents\Any Video Converter Ultimate
2017-02-17 13:08 - 2013-10-12 16:58 - 00033872 _____ (AnvSoft Inc.) C:\Windows\system32\Drivers\anvsnddrv.sys
2017-02-16 09:58 - 2017-02-21 10:08 - 00000000 ____D C:\Users\win8.1\Desktop\programas portáteis x86
2017-02-13 13:18 - 2017-02-22 16:37 - 00000000 ____D C:\Users\win8.1\Desktop\Nova pasta
2017-02-12 23:30 - 2017-02-12 23:30 - 00001043 _____ C:\Users\win8.1\AppData\Roaming\Microsoft\Windows\Start Menu\Resistor Calculator.LNK
2017-02-12 23:29 - 2000-02-25 18:43 - 00061440 _____ C:\Windows\system\RICHTX32.oca
2017-02-12 23:29 - 2000-02-25 18:41 - 00238080 _____ C:\Windows\system\COMCTL32.oca
2017-02-12 23:29 - 1998-06-24 00:00 - 00609584 _____ (Microsoft Corporation) C:\Windows\system\COMCTL32.OCX
2017-02-12 23:29 - 1997-07-19 17:01 - 00196880 _____ (Microsoft Corporation) C:\Windows\system\RICHTX32.OCX
2017-02-12 23:29 - 1997-07-19 16:55 - 01347344 _____ (Microsoft Corporation) C:\Windows\system\MSVBVM50.DLL
2017-02-12 23:29 - 1997-01-16 00:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system\VB5STKIT.DLL
2017-02-12 11:34 - 2017-02-12 11:34 - 00000000 ____D C:\Users\Todos os Usuários\Schematica
2017-02-12 11:34 - 2017-02-12 11:34 - 00000000 ____D C:\ProgramData\Schematica
2017-02-12 11:33 - 2017-02-12 11:33 - 00000000 ____D C:\Program Files\ResistorColorCode
2017-02-06 14:07 - 2017-02-22 10:34 - 00000000 __SHD C:\$360Section
2017-01-31 09:19 - 2017-02-22 08:18 - 00000000 ____D C:\Users\Todos os Usuários\360Quarant
2017-01-31 09:19 - 2017-02-22 08:18 - 00000000 ____D C:\ProgramData\360Quarant
2017-01-31 09:19 - 2017-02-19 15:16 - 00000000 ____D C:\Windows\Tasks\360Disabled
2017-01-30 22:07 - 2017-01-31 11:07 - 00000000 ____D C:\Users\win8.1\AppData\Local\Hardcoded Software
2017-01-30 11:51 - 2017-01-30 11:51 - 00000020 ___SH C:\Users\win8.1\ntuser.ini
2017-01-29 12:53 - 2017-01-29 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-27 11:39 - 2017-02-22 01:12 - 00007636 _____ C:\Users\win8.1\AppData\Local\Resmon.ResmonCfg
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-02-23 01:35 - 2016-12-09 01:17 - 00000000 ____D C:\Users\win8.1\.VirtualBox
2017-02-23 01:26 - 2016-12-10 00:40 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{59F1189C-8DBE-47A8-A915-9D73106CA4BC}
2017-02-23 00:35 - 2017-01-23 11:26 - 00000000 ____D C:\Users\win8.1\VirtualBox VMs
2017-02-23 00:18 - 2016-12-09 00:03 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4285185113-558508907-1912671537-1001
2017-02-22 19:38 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 16:29 - 2017-01-14 05:54 - 00000000 ____D C:\WinReducer81_x64
2017-02-22 11:02 - 2016-12-17 18:04 - 00000000 ____D C:\Users\win8.1\.gstreamer-0.10
2017-02-22 11:02 - 2016-12-17 18:03 - 00000000 ____D C:\Users\win8.1\AppData\Local\MinhaBox.br
2017-02-22 10:17 - 2016-12-08 23:58 - 00000000 ____D C:\Users\win8.1
2017-02-22 08:32 - 2016-12-17 18:03 - 00000000 ____D C:\Program Files (x86)\Minhateca.com.br Box
2017-02-22 08:29 - 2016-12-09 00:11 - 00000000 ____D C:\Users\win8.1\AppData\LocalLow\360WD
2017-02-22 08:13 - 2016-12-09 00:11 - 00000000 _RSHD C:\360SANDBOX
2017-02-22 02:58 - 2016-12-08 23:58 - 00000000 ____D C:\Users\win8.1\AppData\Local\Packages
2017-02-22 02:53 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 02:01 - 2017-01-23 13:21 - 00000000 _____ C:\Users\Todos os Usuários\TEMP
2017-02-22 02:01 - 2017-01-23 13:21 - 00000000 _____ C:\ProgramData\TEMP
2017-02-22 00:48 - 2017-01-16 18:00 - 00000000 ____D C:\Users\win8.1\1
2017-02-21 12:27 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
2017-02-21 12:27 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2017-02-21 12:12 - 2016-12-12 18:58 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\IDM
2017-02-21 12:03 - 2017-01-05 13:17 - 00000000 ____D C:\WinReducerESWimConverter
2017-02-21 09:13 - 2016-12-12 18:58 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-21 01:27 - 2016-12-10 11:37 - 00000000 ____D C:\Windows\system32\MRT
2017-02-21 01:24 - 2016-12-10 11:37 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-21 00:54 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-20 21:47 - 2016-12-10 14:12 - 00000000 ____D C:\Users\win8.1\AppData\Local\Google
2017-02-19 10:10 - 2017-01-12 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-02-12 11:33 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\System
2017-02-06 05:14 - 2016-12-09 00:11 - 00330472 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2017-02-06 05:14 - 2016-12-09 00:11 - 00086248 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2017-02-01 19:46 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-31 09:55 - 2016-12-09 05:53 - 00000000 ____D C:\Windows\Panther
2017-01-31 09:19 - 2016-12-09 00:11 - 00000000 ____D C:\Users\Todos os Usuários\360safe
2017-01-31 09:19 - 2016-12-09 00:11 - 00000000 ____D C:\ProgramData\360safe
2017-01-30 18:29 - 2016-12-09 00:05 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-30 18:29 - 2013-08-31 13:31 - 00774702 _____ C:\Windows\system32\prfh0416.dat
2017-01-30 18:29 - 2013-08-31 13:31 - 00158296 _____ C:\Windows\system32\prfc0416.dat
2017-01-29 12:52 - 2017-01-09 21:27 - 00000000 ____D C:\Users\win8.1\AppData\Roaming\IObit
2017-01-28 17:15 - 2016-12-09 23:36 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2017-01-28 17:15 - 2016-12-09 23:36 - 00000000 ____D C:\ProgramData\ProductData
==================== Arquivos na raiz de alguns diretórios =======
2017-01-27 11:39 - 2017-02-22 01:12 - 0007636 _____ () C:\Users\win8.1\AppData\Local\Resmon.ResmonCfg
2017-02-18 20:25 - 2017-02-18 20:36 - 0001456 _____ () C:\Users\win8.1\AppData\Local\zenmap.exe.log
2017-02-21 01:01 - 2017-02-21 01:01 - 1620992 _____ () C:\ProgramData\service.exe
2017-01-23 13:21 - 2017-02-22 02:01 - 0000000 _____ () C:\ProgramData\TEMP
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Temp\00032253\msiql.exe
C:\ProgramData\service.exe
C:\Users\Todos os Usuários\service.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-18 11:33
==================== Fim de FRST.txt ============================