Ir ao conteúdo
  • Cadastre-se
ricardo548

Arquivos maliciosos encontrados no pc

Recommended Posts

Olá a todos os analistas salvadores de vidas deste fórum.

Bom, formatei o pc faz alguns dias e rodei hoje uma verificação com o Malwarebytes que detectou 5 arquivos como sendo maliciosos e, como não sei nada dessa área, venho até aqui pedir sua ajuda.

Segue abaixo em anexo o log do ZA-scan. Obrigado.

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @ricardo548

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @ricardo548

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde,@diego_moicano . Segue log do FRST:

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 28-06-2016
Executado por PC (administrador) em PECE (28-06-2016 16:52:51)
Executando a partir de C:\Users\PC\Desktop
Perfis Carregados: PC (Perfis Disponíveis: PC)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1388544 2004-10-14] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [860160 2004-09-23] (Analog Devices, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\Run: [EaseUS Cleanup] => "C:\Program Files\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe" 10 300
HKU\S-1-5-21-2059868641-3344325090-1251847769-1000\...\Run: [uTorrent] => C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe [2530304 2016-06-15] (BitTorrent Inc.)
HKU\S-1-5-21-2059868641-3344325090-1251847769-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3373248 2016-06-08] (Disc Soft Ltd)
HKU\S-1-5-21-2059868641-3344325090-1251847769-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-2059868641-3344325090-1251847769-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{57B2387E-CFD6-4BCE-A854-342348C20110}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2059868641-3344325090-1251847769-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-17] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-17] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-15] (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

Chrome: 
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-15]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-15]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-15]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-15]
CHR Extension: (Planilhas do Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-15]
CHR Extension: (Documentos Google off-line) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-15]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-23]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1133760 2016-06-08] (Disc Soft Ltd)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [633808 2016-03-21] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 aeaudio; C:\Windows\System32\drivers\aeaudio.sys [127872 2005-03-04] (Andrea Electronics Corporation) [Arquivo não assinado]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-06-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-06-16] (Disc Soft Ltd)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11728 2016-03-02] (Windows (R) Win 7 DDK provider)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MidiSyn; C:\Windows\System32\drivers\MidiSyn.sys [88960 2004-09-14] (Analog Devices, Inc.)
R3 senfilt; C:\Windows\System32\drivers\senfilt.sys [392704 2005-03-01] (Sensaura) [Arquivo não assinado]
R3 smwdm; C:\Windows\System32\drivers\smwdm.sys [220992 2005-03-28] (Analog Devices, Inc.) [Arquivo não assinado]
R3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [88016 2016-03-02] (Wacom Technology)
R3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [12752 2016-03-02] (Wacom Technology)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-28 16:52 - 2016-06-28 16:53 - 00009991 _____ C:\Users\PC\Desktop\FRST.txt
2016-06-28 16:51 - 2016-06-28 16:52 - 00000000 ____D C:\FRST
2016-06-28 16:50 - 2016-06-28 16:50 - 01740288 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2016-06-28 09:11 - 2016-06-28 14:53 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2016-06-27 22:23 - 2016-06-27 22:23 - 00000000 ____D C:\Users\Todos os Usuários\SYSTEMAX Software Development
2016-06-27 22:23 - 2016-06-27 22:23 - 00000000 ____D C:\Users\PC\AppData\Roaming\SYSTEMAX Software Development
2016-06-27 22:23 - 2016-06-27 22:23 - 00000000 ____D C:\ProgramData\SYSTEMAX Software Development
2016-06-27 22:17 - 2016-06-27 22:17 - 00002141 _____ C:\Users\PC\Desktop\PaintTool SAI .lnk
2016-06-27 22:17 - 2016-06-27 22:17 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaintTool SAI
2016-06-27 22:17 - 2016-06-27 22:17 - 00000000 ____D C:\Program Files\Eddie Sekiguchi programas
2016-06-27 22:15 - 2016-06-27 22:15 - 11176503 _____ C:\Users\PC\Downloads\Paint Tool Sai Português.rar
2016-06-27 19:16 - 2016-06-27 19:19 - 00000000 ____D C:\Users\PC\Desktop\olx
2016-06-27 17:49 - 2016-06-27 17:49 - 00000770 _____ C:\Users\Public\Desktop\NarutoOnline.lnk
2016-06-27 17:49 - 2016-06-27 17:49 - 00000000 ____D C:\Users\PC\AppData\Roaming\Brotsoft
2016-06-27 17:49 - 2016-06-27 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NarutoOnline
2016-06-27 17:48 - 2016-06-27 17:48 - 26671784 _____ C:\Users\PC\AppData\Roaming\gameboxsetup.exe
2016-06-27 17:36 - 2016-06-27 17:37 - 27190808 _____ C:\Users\PC\Downloads\NarutoOnline_pt_2.3.0.6072_oas.exe
2016-06-25 23:25 - 2016-06-25 23:25 - 00000216 _____ C:\Users\PC\Desktop\Emily is Away.url
2016-06-25 13:41 - 2016-06-25 13:41 - 00001822 _____ C:\Users\PC\Desktop\ZHPCleaner.txt
2016-06-25 13:31 - 2016-06-25 13:50 - 00000000 ____D C:\Users\PC\AppData\Roaming\ZHP
2016-06-25 13:31 - 2016-06-25 13:31 - 00000823 _____ C:\Users\PC\Desktop\ZHPCleaner.lnk
2016-06-25 13:30 - 2016-06-25 13:30 - 00002502 _____ C:\Users\PC\Desktop\JRT.txt
2016-06-25 13:18 - 2016-06-25 13:23 - 00000000 ____D C:\AdwCleaner
2016-06-25 13:17 - 2016-06-25 13:17 - 03703360 _____ C:\Users\PC\Desktop\adwcleaner_5.200.exe
2016-06-25 13:17 - 2016-06-25 13:17 - 01610816 _____ (Malwarebytes) C:\Users\PC\Desktop\JRT.exe
2016-06-25 00:53 - 2016-06-25 03:53 - 00000000 ____D C:\Users\PC\Downloads\Need.For.Speed.2014.1080p.Dual-WOLVERDONFILMES.COM
2016-06-24 22:47 - 2016-06-24 22:47 - 00335366 _____ C:\Users\PC\Documents\GTA San Andreas User Files.rar
2016-06-23 22:51 - 2016-06-23 23:00 - 00000307 _____ C:\Users\PC\Desktop\Seriais.txt
2016-06-23 19:01 - 2016-06-23 19:01 - 00000000 ____D C:\Program Files\Microsoft WSE
2016-06-23 15:00 - 2016-06-23 15:37 - 00000000 ____D C:\Users\PC\AppData\Local\Game Dev Tycoon - Steam
2016-06-22 20:25 - 2016-06-22 20:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\WTablet
2016-06-22 20:25 - 2016-06-22 20:25 - 00000000 ____D C:\Users\PC\AppData\Local\Wacom
2016-06-22 20:25 - 2016-06-22 20:25 - 00000000 ____D C:\Users\PC\.android
2016-06-22 20:16 - 2016-06-22 20:16 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-06-22 20:16 - 2016-06-22 20:16 - 00000000 ____D C:\ProgramData\Origin
2016-06-22 19:16 - 2016-06-22 19:17 - 00000000 ____D C:\Program Files\TabletPlugins
2016-06-22 19:16 - 2016-06-22 19:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mesa Gráfica Wacom
2016-06-22 19:15 - 2016-06-22 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2016-06-22 19:14 - 2016-06-22 19:15 - 00000000 ____D C:\Program Files\Tablet
2016-06-22 19:14 - 2016-06-22 19:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2016-06-22 19:14 - 2016-03-21 17:28 - 01695696 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2016-06-22 19:14 - 2016-03-21 17:28 - 01692624 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2016-06-22 19:14 - 2016-03-21 17:28 - 01685968 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2016-06-22 19:14 - 2016-03-21 17:28 - 01583568 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2016-06-22 19:14 - 2016-03-02 20:05 - 00088016 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2016-06-22 19:14 - 2016-03-02 20:05 - 00012752 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2016-06-22 19:14 - 2016-03-02 20:05 - 00011728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2016-06-22 19:14 - 2012-12-11 19:12 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2016-06-22 19:14 - 2012-12-11 19:12 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2016-06-21 21:53 - 2016-06-21 21:57 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Daybreak Game Company
2016-06-21 21:53 - 2016-06-21 21:53 - 00000000 ____D C:\Users\PC\AppData\Local\SCE
2016-06-21 21:53 - 2016-06-21 21:53 - 00000000 ____D C:\Users\PC\AppData\Local\Daybreak Game Company
2016-06-21 21:53 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-06-21 21:53 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-06-21 21:53 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-06-21 19:56 - 2016-06-21 19:56 - 00000000 ____D C:\Users\PC\AppData\Roaming\.atlauncher
2016-06-21 19:55 - 2016-06-21 19:56 - 00000000 ____D C:\ATLauncher
2016-06-21 18:08 - 2016-06-21 18:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\TubeTycoon
2016-06-21 18:07 - 2016-06-21 18:07 - 00001005 _____ C:\Users\PC\Desktop\Tube Tycoon.lnk
2016-06-21 18:06 - 2016-06-21 18:21 - 00000000 ____D C:\Program Files\Tube Tycoon
2016-06-21 16:15 - 2016-06-21 16:15 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Smartly Dressed Games
2016-06-21 15:51 - 2016-06-21 15:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\com.playsaurus.heroclicker
2016-06-21 15:49 - 2016-06-21 15:49 - 00000216 _____ C:\Users\PC\Desktop\Clicker Heroes.url
2016-06-21 15:45 - 2016-06-21 15:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\BrawlhallaAir
2016-06-21 15:44 - 2016-06-25 23:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-21 15:35 - 2016-06-21 15:35 - 00000000 ____D C:\Users\PC\AppData\Local\Steam
2016-06-21 15:35 - 2016-06-21 15:35 - 00000000 ____D C:\Users\PC\AppData\Local\CEF
2016-06-21 15:30 - 2016-06-28 14:53 - 00000000 ____D C:\Program Files\Steam
2016-06-21 15:30 - 2016-06-21 15:30 - 00000925 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-06-21 00:15 - 2016-06-21 00:15 - 00000000 ____D C:\Users\PC\AppData\Roaming\Windosill
2016-06-21 00:15 - 2016-06-21 00:15 - 00000000 ____D C:\Users\PC\AppData\Roaming\Macromedia
2016-06-21 00:15 - 2016-06-21 00:15 - 00000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2016-06-20 22:39 - 2016-06-20 22:39 - 00013268 _____ C:\ZA-Scan.txt
2016-06-20 22:36 - 2016-06-20 22:36 - 00000000 ____D C:\zoek_backup
2016-06-20 22:21 - 2016-06-20 22:22 - 01370112 _____ C:\Users\PC\Desktop\ZA-Scan.exe
2016-06-20 21:10 - 2016-06-20 21:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\epm
2016-06-20 19:29 - 2016-06-25 15:51 - 00001096 _____ C:\Users\PC\Desktop\nativelog.txt
2016-06-20 18:11 - 2016-06-20 18:14 - 00000000 _____ C:\Windows\BcdLog.txt
2016-06-20 18:02 - 2016-06-20 18:02 - 00000000 ____D C:\Users\Todos os Usuários\createonepart
2016-06-20 18:02 - 2016-06-20 18:02 - 00000000 ____D C:\ProgramData\createonepart
2016-06-20 18:01 - 2016-06-20 18:01 - 00000000 ____D C:\Users\Todos os Usuários\deletepart
2016-06-20 18:01 - 2016-06-20 18:01 - 00000000 ____D C:\ProgramData\deletepart
2016-06-20 18:00 - 2016-06-20 18:00 - 00000000 ____D C:\Users\Todos os Usuários\formatpart
2016-06-20 18:00 - 2016-06-20 18:00 - 00000000 ____D C:\ProgramData\formatpart
2016-06-20 17:58 - 2016-06-20 17:58 - 00000000 ____D C:\Users\Todos os Usuários\redistpart
2016-06-20 17:58 - 2016-06-20 17:58 - 00000000 ____D C:\Users\Todos os Usuários\launcher
2016-06-20 17:58 - 2016-06-20 17:58 - 00000000 ____D C:\Users\Todos os Usuários\explauncher
2016-06-20 17:58 - 2016-06-20 17:58 - 00000000 ____D C:\ProgramData\redistpart
2016-06-20 17:58 - 2016-06-20 17:58 - 00000000 ____D C:\ProgramData\launcher
2016-06-20 17:58 - 2016-06-20 17:58 - 00000000 ____D C:\ProgramData\explauncher
2016-06-20 17:53 - 2016-06-20 17:53 - 00000000 ____D C:\Users\PC\AppData\Local\Downloaded Installations
2016-06-20 16:04 - 2016-06-28 16:36 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-20 15:58 - 2016-06-20 15:58 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-20 15:58 - 2016-06-20 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-20 15:57 - 2016-06-20 15:58 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-20 15:57 - 2016-06-20 15:57 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-06-20 15:57 - 2016-06-20 15:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-20 15:57 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-20 15:57 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-20 15:57 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-20 15:21 - 2016-06-21 21:10 - 00000000 ____D C:\Users\PC\Downloads\Deuses.do.Egito.2016.1080p.BluRay.DUAL-LAPUMiA
2016-06-20 13:46 - 2016-06-20 13:56 - 00000000 ____D C:\Users\PC\AppData\Roaming\.pixelmon
2016-06-20 13:46 - 2016-06-20 13:46 - 00000000 ____D C:\Users\Todos os Usuários\Ikara Software Limited
2016-06-20 13:46 - 2016-06-20 13:46 - 00000000 ____D C:\Users\Todos os Usuários\Caphyon
2016-06-20 13:46 - 2016-06-20 13:46 - 00000000 ____D C:\ProgramData\Ikara Software Limited
2016-06-20 13:46 - 2016-06-20 13:46 - 00000000 ____D C:\ProgramData\Caphyon
2016-06-20 13:33 - 2016-06-20 13:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Ikara Software Limited
2016-06-19 20:34 - 2016-06-20 02:16 - 00000000 ____D C:\Users\PC\Documents\FFOutput
2016-06-19 20:30 - 2016-06-19 20:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\Thinstall
2016-06-19 20:30 - 2016-06-19 20:30 - 00000000 ____D C:\Users\PC\AppData\Local\Thinstall
2016-06-18 17:01 - 2016-06-18 17:01 - 00000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2016-06-18 14:30 - 2016-06-18 14:30 - 00000132 _____ C:\Users\PC\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2016-06-18 14:30 - 2016-06-18 14:30 - 00000040 ____H C:\7B7E3E0E3E42
2016-06-18 14:20 - 2016-06-18 14:20 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Adobe
2016-06-18 13:22 - 2016-06-18 13:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-06-18 12:53 - 2016-06-18 18:30 - 00000000 ____D C:\Users\PC\Documents\Minecraft Rig
2016-06-18 12:39 - 2016-06-18 12:39 - 00003490 _____ C:\Users\PC\Desktop\CINEMA 4D.lnk
2016-06-18 12:39 - 2016-06-18 12:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\MAXON
2016-06-18 08:15 - 2016-06-18 08:16 - 00000000 ____D C:\Users\PC\Documents\Cinema 4D R14 Portable ZikaMerMoO
2016-06-18 08:12 - 2016-06-18 08:13 - 125613845 _____ C:\Users\PC\Downloads\Cinema 4D R14 Portable ZikaMerMoO.rar
2016-06-17 23:45 - 2016-06-17 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameVicio
2016-06-17 23:39 - 2016-06-17 23:39 - 00000000 ____D C:\Users\PC\AppData\Local\Disc_Soft_Ltd
2016-06-17 23:38 - 2016-06-17 23:38 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-06-17 23:32 - 2016-06-18 18:45 - 00000000 ____D C:\Users\Todos os Usuários\Media Center Programs
2016-06-17 23:32 - 2016-06-18 18:45 - 00000000 ____D C:\ProgramData\Media Center Programs
2016-06-17 18:40 - 2016-06-18 00:02 - 00000000 ____D C:\ftb
2016-06-17 18:39 - 2016-06-18 00:04 - 00000000 ____D C:\Users\PC\AppData\Local\ftblauncher
2016-06-17 18:39 - 2016-06-17 18:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\ftblauncher
2016-06-17 18:37 - 2016-06-17 18:38 - 07650529 _____ C:\Users\PC\Desktop\Feed The Beast.exe
2016-06-17 18:36 - 2016-06-17 18:36 - 00000000 ____D C:\Users\PC\AppData\Roaming\Curse
2016-06-17 18:30 - 2016-06-17 18:33 - 00000000 ____D C:\Users\PC\AppData\Roaming\.technic
2016-06-17 18:27 - 2016-06-17 18:29 - 04734664 _____ () C:\Users\PC\Desktop\Technic.exe
2016-06-17 10:46 - 2016-06-17 10:46 - 00000000 ____D C:\Users\PC\AppData\Local\clone.AD
2016-06-17 02:02 - 2016-06-17 02:02 - 00000000 ____D C:\Users\Todos os Usuários\clone.AD
2016-06-17 02:02 - 2016-06-17 02:02 - 00000000 ____D C:\ProgramData\clone.AD
2016-06-17 00:05 - 2016-06-17 10:48 - 00000000 ____D C:\Users\Todos os Usuários\PMS
2016-06-17 00:05 - 2016-06-17 10:48 - 00000000 ____D C:\ProgramData\PMS
2016-06-17 00:05 - 2016-06-17 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2016-06-17 00:04 - 2016-06-17 00:05 - 00000000 ____D C:\Program Files\PS3 Media Server
2016-06-17 00:02 - 2016-06-17 00:02 - 00000000 ____D C:\Users\PC\AppData\Roaming\Sun
2016-06-17 00:02 - 2016-06-17 00:02 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Sun
2016-06-17 00:02 - 2016-06-17 00:02 - 00000000 ____D C:\Users\PC\.oracle_jre_usage
2016-06-17 00:02 - 2016-06-17 00:02 - 00000000 ____D C:\Program Files\Common Files\Java
2016-06-17 00:01 - 2016-06-17 00:01 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-06-17 00:01 - 2016-06-17 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-17 00:00 - 2016-06-17 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-06-17 00:00 - 2016-06-17 00:00 - 00000000 ____D C:\ProgramData\Oracle
2016-06-17 00:00 - 2016-06-17 00:00 - 00000000 ____D C:\Program Files\Java
2016-06-16 23:59 - 2016-06-16 23:59 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Oracle
2016-06-16 23:56 - 2016-06-16 23:57 - 00000000 ____D C:\Users\PC\Downloads\X.Men.Apocalipse.2016.720p.HDRip.X264-DUAL-RK
2016-06-16 23:51 - 2016-06-25 14:06 - 00000000 ____D C:\KMPlayer
2016-06-16 23:51 - 2016-06-16 23:51 - 00000606 _____ C:\Users\PC\Desktop\KMPlayer.lnk
2016-06-16 23:51 - 2016-06-16 23:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2016-06-16 23:44 - 2016-06-25 15:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2016-06-16 23:44 - 2016-06-16 23:44 - 00000000 ____D C:\Users\PC\AppData\Roaming\java
2016-06-16 23:36 - 2016-06-16 23:44 - 00000000 ____D C:\Program Files\Minecraft
2016-06-16 23:36 - 2016-06-16 23:36 - 00000931 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-06-16 23:36 - 2016-06-16 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-06-16 18:39 - 2016-06-16 18:40 - 01222729 _____ C:\Users\PC\Downloads\Swift shader 3.0 Ready.rar
2016-06-16 18:35 - 2016-06-20 21:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2016-06-16 18:35 - 2016-06-16 18:35 - 00000000 ____D C:\Users\PC\Documents\Bully Scholarship Edition
2016-06-16 00:26 - 2016-06-16 00:26 - 00000000 ____D C:\Users\Todos os Usuários\Ubisoft
2016-06-16 00:26 - 2016-06-16 00:26 - 00000000 ____D C:\ProgramData\Ubisoft
2016-06-16 00:04 - 2016-06-16 00:04 - 00040504 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-06-16 00:03 - 2016-06-17 23:38 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2016-06-16 00:03 - 2016-06-16 00:04 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-06-16 00:03 - 2016-06-16 00:03 - 00026168 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-06-16 00:03 - 2016-06-16 00:03 - 00001930 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-06-16 00:03 - 2016-06-16 00:03 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite
2016-06-16 00:03 - 2016-06-16 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-06-16 00:03 - 2016-06-16 00:03 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-06-15 22:22 - 2016-06-18 00:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-15 22:22 - 2016-06-15 22:38 - 00000000 ____D C:\Users\PC\Documents\GTA San Andreas User Files
2016-06-15 22:22 - 2016-06-15 22:22 - 00000000 ____D C:\Users\Todos os Usuários\modloader
2016-06-15 22:22 - 2016-06-15 22:22 - 00000000 ____D C:\Users\PC\AppData\Local\modloader
2016-06-15 22:22 - 2016-06-15 22:22 - 00000000 ____D C:\ProgramData\modloader
2016-06-15 22:19 - 2016-06-28 14:53 - 00000000 ___SD C:\Users\PC\AppData\LocalLow\Temp
2016-06-15 22:15 - 2016-06-20 17:16 - 00000000 ____D C:\Users\PC\AppData\Local\SKIDROW
2016-06-15 22:15 - 2016-06-20 16:37 - 00000000 ____D C:\Users\PC\Documents\My Games
2016-06-15 22:15 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-06-15 22:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-06-15 22:15 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-06-15 22:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-06-15 22:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-06-15 22:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-06-15 22:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-06-15 22:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-15 22:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-06-15 22:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-06-15 22:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-06-15 22:15 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-06-15 22:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-06-15 22:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-06-15 22:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-06-15 22:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-06-15 22:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-06-15 22:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-06-15 22:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-06-15 22:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-06-15 22:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-06-15 22:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-06-15 22:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-06-15 22:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-06-15 22:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-06-15 22:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-06-15 22:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-06-15 22:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-06-15 22:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-06-15 22:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-06-15 22:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-06-15 22:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-06-15 22:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-06-15 22:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-06-15 22:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-06-15 22:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-06-15 22:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-06-15 22:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-06-15 22:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-06-15 22:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-06-15 22:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-06-15 22:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-06-15 22:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-06-15 22:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-06-15 22:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-06-15 22:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-06-15 22:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-06-15 22:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-06-15 22:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-06-15 22:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-06-15 22:15 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-06-15 22:15 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-06-15 22:15 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-06-15 22:15 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-06-15 22:15 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-06-15 22:15 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-06-15 22:15 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-06-15 22:15 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-06-15 22:15 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-06-15 22:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-06-15 22:15 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-06-15 22:15 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-06-15 22:15 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-06-15 22:15 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-06-15 22:15 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-06-15 22:15 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-06-15 22:15 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-06-15 22:15 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-06-15 22:15 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-06-15 22:15 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-06-15 22:15 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-06-15 22:15 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-06-15 22:15 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-06-15 22:15 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-06-15 22:15 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-06-15 22:15 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-06-15 22:15 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-06-15 22:15 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-06-15 22:15 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-06-15 22:15 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-06-15 22:15 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-06-15 22:15 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-06-15 22:15 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-06-15 22:15 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-06-15 22:15 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-06-15 22:15 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-06-15 22:15 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-06-15 22:13 - 2016-06-15 22:15 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-06-15 22:13 - 2016-06-15 22:15 - 00000000 ____D C:\Windows\system32\directx
2016-06-15 22:07 - 2016-06-15 22:07 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2016-06-15 22:06 - 2016-06-15 22:07 - 00000000 ____D C:\Program Files\WinRAR
2016-06-15 22:06 - 2016-06-15 22:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-15 22:06 - 2016-06-15 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-15 22:03 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-06-15 21:43 - 2016-06-27 17:48 - 00000000 ____D C:\Games
2016-06-15 21:22 - 2016-06-15 21:22 - 00002620 _____ C:\Users\PC\Desktop\µTorrent.lnk
2016-06-15 21:22 - 2016-06-15 21:22 - 00002620 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-06-15 21:21 - 2016-06-28 16:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2016-06-15 19:27 - 2016-06-16 16:39 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 19:27 - 2016-06-16 16:39 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-15 19:27 - 2016-06-15 20:21 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2016-06-15 19:25 - 2016-06-28 16:36 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-15 19:25 - 2016-06-28 14:53 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-15 19:25 - 2016-06-15 19:26 - 00000000 ____D C:\Program Files\Google
2016-06-15 19:10 - 2016-06-15 19:11 - 00000000 _____ C:\Windows\AS_Debug.txt
2016-06-15 19:10 - 2016-06-15 19:10 - 00000000 ____D C:\Program Files\Intel
2016-06-15 19:09 - 2016-06-15 19:09 - 00000000 ____D C:\Program Files\Marvell
2016-06-15 19:09 - 2016-04-21 15:05 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 19:03 - 2016-06-15 19:03 - 00057560 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-15 19:03 - 2016-06-15 19:03 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2016-06-15 19:03 - 2016-06-15 19:03 - 00000000 ____D C:\Users\PC\AppData\Roaming\ATI
2016-06-15 19:03 - 2016-06-15 19:03 - 00000000 ____D C:\Users\PC\AppData\Local\ATI
2016-06-15 19:03 - 2016-06-15 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2016-06-15 19:03 - 2016-06-15 19:03 - 00000000 ____D C:\ProgramData\ATI
2016-06-15 18:59 - 2016-06-15 18:59 - 00000000 ____D C:\Users\PC\Desktop\PenDrive Riick
2016-06-15 18:59 - 2004-09-14 12:55 - 00088960 _____ (Analog Devices, Inc.) C:\Windows\system32\Drivers\MidiSyn.sys
2016-06-15 18:58 - 2016-06-15 19:03 - 00000000 ____D C:\Program Files\ATI Technologies
2016-06-15 18:58 - 2016-06-15 18:58 - 00000000 ____D C:\Program Files\ATI
2016-06-15 18:57 - 2016-06-24 23:03 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-15 18:57 - 2016-06-15 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundMAX
2016-06-15 18:57 - 2016-06-15 18:58 - 00000000 ____D C:\Users\PC\Desktop\Pendrive
2016-06-15 18:57 - 2016-06-15 18:57 - 00000000 ____D C:\Windows\VirtualEar
2016-06-15 18:57 - 2016-06-15 18:57 - 00000000 ____D C:\Program Files\Analog Devices
2016-06-15 18:57 - 2005-03-28 09:19 - 00220992 _____ (Analog Devices, Inc.) C:\Windows\system32\Drivers\smwdm.sys
2016-06-15 18:57 - 2005-03-04 19:53 - 00127872 _____ (Andrea Electronics Corporation) C:\Windows\system32\Drivers\aeaudio.sys
2016-06-15 18:57 - 2005-03-01 12:01 - 00392704 _____ (Sensaura) C:\Windows\system32\Drivers\senfilt.sys
2016-06-15 18:57 - 2004-12-08 16:16 - 00049152 _____ (Analog Devices Inc.) C:\Windows\system32\DSndUp.exe
2016-06-15 18:57 - 2003-08-19 18:36 - 00065536 _____ (Sensaura Ltd) C:\Windows\system32\Audio3d.dll
2016-06-15 18:57 - 2003-08-19 18:36 - 00065536 _____ (Sensaura Ltd) C:\Windows\system32\a3d.dll
2016-06-15 18:57 - 2002-04-17 14:05 - 00045056 _____ (adi) C:\Windows\system32\CleanUp.exe
2016-06-15 18:57 - 2001-10-04 14:50 - 00991232 _____ (Sensaura) C:\Windows\system32\virtear.dll
2016-06-15 18:57 - 2001-09-19 12:47 - 00765952 _____ (Sensaura Ltd) C:\Windows\system\crlds3d.dll
2016-06-15 18:57 - 2001-09-11 14:20 - 01285632 _____ (Analog Devices) C:\Windows\system32\SMMedia.dll
2016-06-15 18:57 - 2001-09-11 14:20 - 00030208 _____ (Analog Devices Inc.) C:\Windows\system32\wdmioctl.dll
2016-06-15 18:56 - 2016-06-15 18:56 - 00000000 ____D C:\ATI
2016-06-15 18:55 - 2016-06-15 18:55 - 00000000 ____D C:\Users\PC\Downloads\Kung Fu Panda 3
2016-06-15 18:54 - 2016-06-15 18:56 - 00000000 ____D C:\Users\PC\Desktop\Pendrive Senac
2016-06-15 18:53 - 2016-06-15 18:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-06-15 11:51 - 2016-06-22 20:25 - 00000000 ____D C:\Users\PC
2016-06-15 11:51 - 2016-06-15 11:51 - 00001393 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-15 11:51 - 2016-06-15 11:51 - 00000020 ___SH C:\Users\PC\ntuser.ini
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Modelos
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Meus documentos
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Menu Iniciar
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Documents\Minhas músicas
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Documents\Minhas imagens
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Documents\Meus vídeos
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Dados de aplicativos
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Configurações locais
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\AppData\Local\Histórico
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\AppData\Local\Dados de aplicativos
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Ambiente de rede
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 _SHDL C:\Users\PC\Ambiente de impressão
2016-06-15 11:51 - 2016-06-15 11:51 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2016-06-15 11:51 - 2011-02-05 14:50 - 00000000 ____D C:\Users\PC\AppData\Roaming\Media Center Programs
2016-06-15 11:49 - 2016-06-15 11:49 - 00298072 __RSH C:\PCIEN
2016-06-15 11:49 - 2016-06-15 11:49 - 00000020 __RSH C:\win7.ld
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Modelos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\ProgramData\Modelos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\ProgramData\Documentos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-06-15 11:48 - 2016-06-15 11:48 - 00000000 _SHDL C:\Arquivos de Programas
2016-06-15 11:43 - 2016-06-15 11:43 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-06-15 11:43 - 2016-06-15 11:43 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-06-15 11:41 - 2016-06-15 11:41 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-06-15 11:38 - 2016-06-15 11:38 - 00008192 __RSH C:\BOOTSECT.BAK
2016-06-15 11:38 - 2010-11-20 03:40 - 00383786 __RSH C:\bootmgr

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-28 15:00 - 2009-07-14 01:34 - 00016656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-28 15:00 - 2009-07-14 01:34 - 00016656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-28 14:53 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-24 23:03 - 2009-07-14 01:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-22 19:15 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-06-22 02:15 - 2011-02-04 14:30 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-22 02:15 - 2009-07-14 05:31 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-06-22 02:15 - 2009-07-14 05:31 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-06-20 21:06 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-06-15 18:59 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-15 18:57 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system
2016-06-15 11:49 - 2011-02-04 14:58 - 00000000 ____D C:\Windows\Panther
2016-06-15 11:49 - 2009-07-14 01:34 - 00000000 ____D C:\Windows\Setup
2016-06-15 11:48 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-15 11:48 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2016-06-15 11:48 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT
2016-06-15 11:45 - 2009-07-14 01:33 - 00265944 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 11:45 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\oobe
2016-06-15 11:40 - 2011-02-05 14:50 - 00000000 ____D C:\Windows\CSC
2016-06-15 11:38 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template

==================== Arquivos na raiz de alguns diretórios =======

2016-06-27 17:48 - 2016-06-27 17:48 - 26671784 _____ () C:\Users\PC\AppData\Roaming\gameboxsetup.exe
2016-06-18 14:30 - 2016-06-18 14:30 - 0000132 _____ () C:\Users\PC\AppData\Roaming\Preferências do Formato PNG do Adobe CS6

Alguns arquivos em TEMP:
====================
C:\Users\PC\AppData\Local\Temp\libeay32.dll
C:\Users\PC\AppData\Local\Temp\msvcr120.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\ubiF117.tmp.exe
C:\Users\PC\AppData\Local\Temp\_isEF97.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-27 01:45

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @ricardo548

 

Primeiro

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

Citação

CreateRestorePoint:
CloseProcesses:

C:\Users\PC\AppData\Local\Temp\libeay32.dll
C:\Users\PC\AppData\Local\Temp\msvcr120.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll
C:\Users\PC\AppData\Local\Temp\ubiF117.tmp.exe
C:\Users\PC\AppData\Local\Temp\_isEF97.exe

CMD:ipconfig /flushdns
EmptyTemp:

 

  • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
  • Execute novamente o FRST e clique no botão Corrigir;
  • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Segundo

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @ricardo548

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá, @diego_moicano . Segue log:

 

McAfee Stinger Scan Results

McAfee® Labs Stinger™ Version 12.1.0.2048 built on Jul 1 2016 at 12:44:40 Copyright© 2015, McAfee, Inc. All Rights Reserved. AV Engine version v5800.7501 for Windows. Virus data file v1000.0 created on Jul 1, 2016 Ready to scan for 9814 viruses, trojans and variants. Custom scan initiated on sexta-feira, julho 01, 2016 17:26:03 Rootkit scan result : Clean. C:\Games\Grand Chase History\GCHAC.dll [MD5:89ddce43febd1ffb177fd50c1df4eab9] is infected with Artemis!89DDCE43FEBD C:\Games\Grand Chase History\GCHAC.dll has been Deleted C:\Games\Grand Chase History\grandchase.dll [MD5:7c3b8225a8f9b70a1a920e297601a096] is infected with Artemis!7C3B8225A8F9 C:\Games\Grand Chase History\grandchase.dll has been Deleted C:\Games\Grand Chase History\main.exe [MD5:9d53ef2419735dbedc7ab81ccc61bcad] is infected with Artemis!9D53EF241973 C:\Games\Grand Chase History\main.exe has been Deleted E:\Users\Pecê\AppData\Roaming\DriverPack Notifier\DriverPackNotifier.exe [MD5:d663176b9297a432309140315169274c] is infected with Artemis!D663176B9297 E:\Users\Pecê\AppData\Roaming\DriverPack Notifier\DriverPackNotifier.exe has been Deleted Summary Report on C: E: File(s) TotalFiles:............ 1282040 Clean:................. 271826 Not Scanned:........... 1010210 Possibly Infected:..... 4 Time: 08:06:04 Scan completed on sábado, julho 02, 2016 01:32:07

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @ricardo548

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde, @diego_moicano. Aqui está o log:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 02.07.2016 13:20:47
Path starting: C:\Users\PC\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: PC
VersionXML: 3.16is-02.07.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x86) Professional Lang: Portuguese(0416)
Installation date OS: 15.06.2016 14:49:43
LicenseStatus: Windows(R) 7, Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [297.6 Gb] Used: [82.3 Gb] Free: [215.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 8.0.7601.17514 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control disabled
The elevation prompt for administrators disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Automatic Updates disabled (-1)
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
360 Total Security (disabled)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
360 Total Security (disabled)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
360 Total Security v.8.6.0.1133
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
TeamViewer 10 v.10.0.50527 A Warning! Download Update
WinRAR 5.31 (32-bit) v.5.31.0
TeamViewer 10 (TeamViewer) - The service is running
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.7.42330 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 91 v.8.0.910.15 Warning! Download Update
Uninstall old version and install new one (jre-8u92-windows-i586.exe).
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.103 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files\Google\Chrome\Application\chrome.exe v.51.0.2704.103
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMScheduler (MBAMScheduler) - The service has stopped
MBAMService (MBAMService) - The service has stopped
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe v.15.4.0.543
Windows Defender (WinDefend) - The service is running
360 Total Security (QHActiveDefense) - The service is running
C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe v.8.6.0.1002
C:\Program Files\360\Total Security\safemon\QHWatchdog.exe v.8.2.0.1000
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @ricardo548

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×