cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:10-04-2016 01
Executado por USER (administrador) em USER-PC (12-04-2016 11:05:50)
Executando a partir de C:\Users\USER\Desktop
Perfis Carregados: USER (Perfis Disponíveis: USER)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Users\USER\AppData\Roaming\Egograa\Egograa.exe
() C:\Users\USER\AppData\Roaming\Egograa\Relbazrav.exe
() C:\Users\USER\AppData\Roaming\Egograa\Lelrynriie.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [LightGate] => C:\ProgramData\LightGate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [HomePageHelper] => C:\Users\USER\AppData\Roaming\HomePage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [sun21] => [X]
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-1220592256-3116126855-2318922363-1000\...\MountPoints2: {32d9f447-c2d4-11e5-b00f-001c254ca763} - F:\iLinker.exe
HKU\S-1-5-21-1220592256-3116126855-2318922363-1000\...\MountPoints2: {eb53ec9e-af20-11e5-8856-806e6f6e6963} - D:\BlueBirds.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712 2009-07-13] (Microsoft Corporation)ATENÇÃO: LibraryPath deve ser "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448 2009-07-13] (Microsoft Corporation)ATENÇÃO: LibraryPath deve ser "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-13] (Microsoft Corporation)ATENÇÃO: LibraryPath deve ser "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-13] (Microsoft Corporation)ATENÇÃO: LibraryPath deve ser "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation)ATENÇÃO: LibraryPath deve ser "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation)ATENÇÃO: LibraryPath deve ser "%SystemRoot%\system32\pnrpnsp.dll"
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 189.5.192.54 189.5.192.45
Tcpip\..\Interfaces\{0DF726C9-7F05-4B3A-94D2-FE6D2CF7C2D6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21A487DE-9A40-4FE8-B05F-4CC035183D4C}: [DhcpNameServer] 189.5.192.54 189.5.192.45

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://minilua.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://minilua.com/
HKU\S-1-5-21-1220592256-3116126855-2318922363-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://minilua.com/
HKU\S-1-5-21-1220592256-3116126855-2318922363-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://minilua.com/
HKU\S-1-5-21-1220592256-3116126855-2318922363-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL =
SearchScopes: HKU\S-1-5-21-1220592256-3116126855-2318922363-1000 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-30] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-30] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2011-07-14] (the VideoLAN Team)
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\fm2oyc72.default\searchplugins\.xml [2016-04-10]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\fm2oyc72.default\searchplugins\navegaki.xml [2016-04-10]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]

Chrome:
=======
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-30]
CHR Extension: (Google Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Google Search) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Planilhas do Google) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-30]
CHR Extension: (Documentos Google off-line) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-30]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 GoogleChromeUpSvc; C:\Users\USER\AppData\Roaming\svrupg.exe [2767872 2016-04-11] (TODO: ) [Arquivo não assinado]
R2 Kapro; C:\Users\USER\AppData\Roaming\Egograa\Egograa.exe [174448 2016-04-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Arquivo não assinado]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Rebvajam; "C:\Users\USER\AppData\Roaming\MhveMuywg\Jijpih.exe" -cms [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2016-04-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-04-12] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-12 11:05 - 2016-04-12 11:06 - 00015169 _____ C:\Users\USER\Desktop\FRST.txt
2016-04-12 11:05 - 2016-04-12 11:05 - 02375168 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2016-04-12 11:05 - 2016-04-12 11:05 - 00000000 ____D C:\FRST
2016-04-12 11:04 - 2016-04-12 11:05 - 02375168 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe
2016-04-12 10:52 - 2016-04-12 10:52 - 00001108 ____R C:\Users\USER\Desktop\Yeabeats Browser.lnk
2016-04-11 18:25 - 2016-04-11 18:38 - 00137224 _____ C:\Windows\ntbtlog.txt
2016-04-11 18:05 - 2016-04-11 18:05 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-04-11 18:05 - 2016-04-11 18:05 - 00000000 ____D C:\ProgramData\System32
2016-04-11 16:55 - 2016-04-11 16:55 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-11 16:55 - 2016-04-11 16:55 - 00000000 ____D C:\Users\USER\Downloads\Atm
2016-04-11 16:55 - 2016-04-11 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-11 16:48 - 2016-04-11 16:51 - 22851472 _____ (Malwarebytes ) C:\Users\USER\Downloads\mbam-setup-cnet.exe
2016-04-11 16:46 - 2016-04-11 16:47 - 10226405 _____ C:\Users\USER\Downloads\Atm.rar
2016-04-11 14:36 - 2016-04-12 10:52 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-11 14:29 - 2016-04-11 14:30 - 06784174 _____ C:\Users\USER\Downloads\Malwarebytes-Actıvator.exe
2016-04-11 14:16 - 2016-04-11 14:16 - 00002976 _____ C:\Windows\System32\Tasks\{7087BCC1-BE94-421D-8A5C-71A2EFAA7BFA}
2016-04-11 14:16 - 2016-04-11 14:16 - 00002976 _____ C:\Windows\System32\Tasks\{3B57E4B2-82A6-448A-B5D5-137CBC9CAF3F}
2016-04-11 14:14 - 2016-04-11 14:14 - 00002976 _____ C:\Windows\System32\Tasks\{D3AA8044-A309-4592-896C-BE6848D308BD}
2016-04-11 14:14 - 2016-04-11 14:14 - 00000000 ____D C:\Users\USER\AppData\Local\ElevatedDiagnostics
2016-04-11 14:13 - 2016-04-11 14:13 - 00002976 _____ C:\Windows\System32\Tasks\{22A21CFA-9A91-41DC-8CE7-A6C040EAC6DE}
2016-04-11 14:13 - 2016-04-11 14:13 - 00002976 _____ C:\Windows\System32\Tasks\{1881B95D-B467-4BE3-AAA8-CD393E690930}
2016-04-11 14:04 - 2016-04-11 16:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-11 14:04 - 2016-04-11 14:04 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-04-11 14:04 - 2016-04-11 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-11 14:04 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-11 14:04 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-11 14:04 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-11 10:45 - 2016-04-12 10:50 - 00000000 ____D C:\AdwCleaner
2016-04-11 10:45 - 2016-04-11 10:45 - 03465280 _____ C:\Users\USER\Desktop\adwcleaner_5.110.exe
2016-04-10 23:03 - 2016-02-24 06:18 - 01085440 _____ C:\Users\USER\AppData\Roaming\delCalendarReg.exe
2016-04-10 23:03 - 2015-12-10 15:43 - 00600312 _____ C:\Users\USER\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-04-10 23:02 - 2016-04-11 10:31 - 00016815 _____ C:\Users\USER\AppData\Roaming\webad.xml
2016-04-10 23:02 - 2015-11-25 15:31 - 01100288 _____ C:\Users\USER\AppData\Roaming\HomePage.exe
2016-04-10 21:26 - 2016-04-10 21:26 - 00000041 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-04-10 21:26 - 2016-04-10 21:26 - 00000041 _____ C:\ProgramData\xcgui_debug.txt
2016-04-10 19:37 - 2016-04-10 19:37 - 00000000 ____D C:\Windows\system32\appmgmt
2016-04-10 19:25 - 2016-04-10 19:25 - 00000000 ____D C:\Users\USER\AppData\Local\csdi_monetize_120160408
2016-04-10 19:23 - 2016-04-11 10:28 - 00000000 ____D C:\Program Files (x86)\badu
2016-04-10 19:22 - 2016-04-10 19:22 - 00000034 ___SH C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2016-04-10 19:20 - 2016-04-10 19:20 - 00000000 ____D C:\Users\USER\AppData\Roaming\MCorp
2016-04-10 19:16 - 2016-04-10 19:34 - 00001423 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 19:13 - 2016-04-11 10:28 - 00000000 ____D C:\Windows\system32\axie
2016-04-10 19:08 - 2016-04-11 17:14 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-04-10 19:08 - 2016-04-11 17:14 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-04-10 19:07 - 2016-04-11 10:13 - 00000090 _____ C:\Users\USER\AppData\default.pls
2016-04-10 19:06 - 2016-04-11 10:13 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-04-10 19:06 - 2016-04-10 19:16 - 00000000 ____D C:\Users\USER\AppData\Local\app
2016-04-10 19:05 - 2016-04-11 10:28 - 00000000 ____D C:\Users\USER\AppData\Local\Setup Wizard
2016-04-10 19:04 - 2016-04-11 10:28 - 00000000 ____D C:\Program Files (x86)\osTip
2016-04-10 19:04 - 2016-04-10 19:05 - 00000000 ____D C:\Users\USER\AppData\Local\F727A298-4DB4-456A-AC54-A93EA5F8554D
2016-04-10 19:03 - 2016-04-11 10:28 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-04-10 19:03 - 2016-04-11 10:28 - 00000000 ____D C:\ProgramData\Windows Update
2016-04-10 19:02 - 2016-04-12 10:52 - 00000000 ____D C:\Users\USER\AppData\Roaming\LightGate
2016-04-10 19:02 - 2016-04-11 10:31 - 02767872 _____ (TODO: ) C:\Users\USER\AppData\Roaming\svrupg.exe
2016-04-10 19:02 - 2016-04-10 23:01 - 00014920 _____ C:\Users\Todos os Usuários\webad.xml
2016-04-10 19:02 - 2016-04-10 23:01 - 00014920 _____ C:\ProgramData\webad.xml
2016-04-10 19:02 - 2016-04-10 19:04 - 00000000 ____D C:\Users\USER\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-10 19:02 - 2015-12-04 13:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-04-10 19:02 - 2015-12-04 13:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-04-10 19:02 - 2015-11-25 15:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-04-10 19:02 - 2015-11-25 15:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-04-10 18:59 - 2016-04-10 19:00 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-10 18:58 - 2016-04-11 10:28 - 00000000 ____D C:\Users\USER\AppData\Roaming\UPUpdata
2016-04-10 18:55 - 2016-04-11 10:28 - 00000000 ____D C:\Users\USER\AppData\Roaming\Egograa
2016-04-10 18:55 - 2016-04-11 10:28 - 00000000 ____D C:\Program Files\Mawgutfobpukuko
2016-04-10 18:55 - 2016-04-10 18:55 - 00003338 _____ C:\Windows\System32\Tasks\Fimeexus
2016-04-10 18:55 - 2016-04-10 18:55 - 00000000 ____D C:\Users\USER\AppData\Local\Tempfolder
2016-04-10 18:55 - 2016-04-10 18:55 - 00000000 ____D C:\uninst
2016-04-08 18:45 - 2016-04-08 18:47 - 00002002 ____H C:\Users\USER\Documents\Default.rdp
2016-04-08 18:42 - 2016-04-08 18:46 - 36941104 _____ (Microsoft Corporation) C:\Users\USER\Downloads\IE9-Windows7-x64-ptb.exe
2016-04-08 18:35 - 2016-04-08 18:39 - 60959120 _____ (Microsoft Corporation) C:\Users\USER\Downloads\EIE11_PT-BR_WOL_WIN764.EXE
2016-04-08 18:22 - 2016-04-08 18:22 - 00002934 _____ C:\Windows\System32\Tasks\{45267DB8-FF61-4A75-A27D-335EE0AF9269}
2016-04-08 15:17 - 2016-04-08 18:25 - 00000000 ____D C:\Users\USER\AppData\Roaming\Kodi
2016-04-05 08:04 - 2016-04-05 08:04 - 00000165 ____H C:\Users\USER\Desktop\~$Jogo 244 (Salvo automaticamente).xlsm
2016-04-04 15:21 - 2016-04-04 15:21 - 00000000 ____D C:\Users\USER\AppData\LocalLow\Temp
2016-04-04 15:04 - 2016-04-04 15:04 - 00000000 ____D C:\Users\USER\Desktop\Comprovante TV
2016-04-03 16:07 - 2016-04-03 16:07 - 00532838 _____ C:\Users\USER\Downloads\E-book hipertrofia (feito pelo usuário RTiago).pdf
2016-03-23 12:09 - 2016-03-23 12:21 - 79972791 _____ C:\Users\USER\Downloads\Omar Khorshid - Rhythms from the Orient.rar
2016-03-23 12:07 - 2016-03-23 12:16 - 39960058 _____ C:\Users\USER\Downloads\Ritmos Arabes Vol.2 2006.rar
2016-03-07 12:41 - 2016-04-11 09:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-03 21:30 - 2016-03-03 21:30 - 00001242 _____ C:\Users\USER\Desktop\VSDC Free Video Converter.lnk
2016-03-03 21:27 - 2016-03-03 21:29 - 19734032 _____ (Flash-Integro LLC ) C:\Users\USER\Downloads\video_converter.exe
2016-03-03 21:18 - 2016-03-03 21:30 - 00000000 ____D C:\Users\USER\Documents\FlashIntegro
2016-03-03 21:18 - 2016-03-03 21:30 - 00000000 ____D C:\Users\USER\AppData\Roaming\FlashIntegro
2016-03-03 21:18 - 2016-03-03 21:18 - 00000000 ____D C:\Users\USER\AppData\Roaming\VideoEditor
2016-03-03 21:15 - 2016-04-11 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
2016-03-03 21:15 - 2016-03-03 21:30 - 00000000 ____D C:\Program Files (x86)\FlashIntegro
2016-03-03 21:15 - 2016-03-03 21:15 - 00001206 _____ C:\Users\USER\Desktop\VSDC Free Video Editor.lnk
2016-03-03 21:15 - 2015-12-09 15:13 - 00081792 _____ (Flash-Integro LLC) C:\Windows\SysWOW64\mslvddsfilter2.ax
2016-03-03 21:15 - 2005-08-01 18:43 - 00245760 _____ () C:\Windows\SysWOW64\lame.ax
2016-03-03 21:15 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-03-03 21:15 - 2004-09-06 15:06 - 00053248 _____ C:\Windows\SysWOW64\xvid.ax
2016-03-03 21:15 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divx.dll
2016-03-03 21:15 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
2016-03-03 21:15 - 2003-05-21 22:50 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-03-03 21:15 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
2016-03-03 21:15 - 2003-05-21 22:50 - 00156910 _____ C:\Windows\WMSysPr8.prx
2016-03-03 21:15 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
2016-03-03 21:15 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
2016-03-03 21:15 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2016-03-03 21:15 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
2016-03-03 21:15 - 2003-03-18 22:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-03-03 21:15 - 2003-02-21 02:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-03-03 21:15 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
2016-03-03 21:15 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
2016-03-03 21:08 - 2016-03-03 21:13 - 31148640 _____ (Flash-Integro LLC ) C:\Users\USER\Downloads\video_editor.exe
2016-02-24 10:34 - 2016-02-24 10:34 - 00000000 ____D C:\Users\USER\aTubeCatcher
2016-02-24 10:29 - 2016-04-11 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-02-24 10:29 - 2016-02-24 10:30 - 00000000 ____D C:\Users\USER\AppData\Roaming\Apple Computer
2016-02-24 10:29 - 2016-02-24 10:29 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-24 10:29 - 2016-02-24 10:29 - 00000000 ____D C:\Users\USER\AppData\Local\Apple Computer
2016-02-24 10:29 - 2016-02-24 10:29 - 00000000 ____D C:\Users\Todos os Usuários\Apple Computer
2016-02-24 10:29 - 2016-02-24 10:29 - 00000000 ____D C:\ProgramData\Apple Computer
2016-02-24 10:29 - 2016-02-24 10:29 - 00000000 ____D C:\Program Files\iTunes
2016-02-24 10:29 - 2016-02-24 10:29 - 00000000 ____D C:\Program Files\iPod
2016-02-24 10:29 - 2016-02-24 10:29 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-02-24 10:28 - 2016-02-24 10:28 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-02-24 10:28 - 2016-02-24 10:28 - 00000000 ____D C:\Users\USER\AppData\Local\Apple
2016-02-24 10:28 - 2016-02-24 10:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-02-24 10:27 - 2016-02-24 10:29 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-02-24 10:27 - 2016-02-24 10:28 - 00000000 ____D C:\Users\Todos os Usuários\Apple
2016-02-24 10:27 - 2016-02-24 10:28 - 00000000 ____D C:\ProgramData\Apple
2016-02-24 10:27 - 2016-02-24 10:28 - 00000000 ____D C:\Program Files\Bonjour
2016-02-24 10:27 - 2016-02-24 10:28 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-02-24 09:56 - 2016-02-24 10:25 - 167583000 _____ (Apple Inc.) C:\Users\USER\Downloads\iTunes6464Setup.exe
2016-02-19 16:31 - 2016-02-19 16:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-02-19 10:16 - 2016-02-19 10:16 - 595947408 _____ C:\Users\USER\Documents\TempImage.nrg
2016-02-02 18:06 - 2016-03-03 02:02 - 00000000 ____D C:\Windows\System32\Tasks\Games
2016-02-02 18:06 - 2016-02-02 18:07 - 00000000 ____D C:\Users\USER\AppData\Local\Microsoft Games
2016-01-26 12:43 - 2016-01-26 12:43 - 02481146 _____ C:\Users\USER\Downloads\ManualdoUsuario_mar12.pdf
2016-01-25 14:52 - 2016-04-07 12:16 - 00050992 _____ C:\Users\USER\Desktop\Jogo 244 (Salvo automaticamente).xlsm
2016-01-25 14:51 - 2016-01-25 14:51 - 00000051 _____ C:\Users\USER\Desktop\infraero protocolo.txt
2016-01-20 20:27 - 2016-01-20 20:27 - 00000000 ____D C:\Users\USER\AppData\Local\CEF
2016-01-20 14:53 - 2016-04-04 15:23 - 00000000 ____D C:\Users\USER\Desktop\Comprovante fatura 2016
2016-01-19 20:48 - 2016-01-19 20:48 - 00014979 _____ C:\Users\USER\Documents\DIETA.xlsx
2016-01-19 13:01 - 2016-04-12 10:51 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-01-19 13:01 - 2016-01-19 13:01 - 00001024 _____ C:\.rnd
2016-01-19 13:01 - 2016-01-19 13:01 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-01-19 13:01 - 2016-01-19 13:01 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-01-19 13:01 - 2016-01-19 13:01 - 00000000 ____D C:\Program Files\Diebold
2016-01-19 13:01 - 2015-03-18 09:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-01-19 12:59 - 2016-04-12 10:51 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-19 12:59 - 2016-01-19 12:59 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-19 12:59 - 2016-01-19 12:59 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-01-19 12:59 - 2016-01-19 12:59 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-19 12:59 - 2016-01-19 12:59 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-01-19 12:58 - 2016-01-19 12:58 - 02665128 _____ (CAIXA) C:\Users\USER\Downloads\iGBPCEFwr.exe

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-12 10:58 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-12 10:58 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-12 10:56 - 2015-12-30 22:45 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-12 10:52 - 2015-12-30 22:45 - 00000953 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 10:52 - 2015-12-30 22:45 - 00000941 ____R C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-12 10:52 - 2015-12-30 22:33 - 00000665 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-12 10:52 - 2015-12-30 22:33 - 00000653 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-12 10:51 - 2015-12-30 22:45 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-12 10:51 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-12 10:51 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Cursors
2016-04-11 17:59 - 2015-12-30 20:02 - 00000000 ____D C:\Windows\PCHEALTH
2016-04-11 17:24 - 2009-07-29 13:08 - 00663606 _____ C:\Windows\system32\prfh0416.dat
2016-04-11 17:24 - 2009-07-29 13:08 - 00127896 _____ C:\Windows\system32\prfc0416.dat
2016-04-11 17:24 - 2009-07-14 02:13 - 01517030 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-11 17:24 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-04-11 15:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-04-11 13:27 - 2015-12-30 22:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-11 10:28 - 2015-12-30 22:27 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-04-11 10:28 - 2015-12-30 22:27 - 00000000 ____D C:\Windows\system32\Macromed
2016-04-11 10:28 - 2009-07-14 04:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-04-11 10:28 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 __RSD C:\Windows\Media
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\AppCompat
2016-04-11 10:28 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-11 10:13 - 2015-12-30 20:37 - 00000000 ____D C:\Users\USER\AppData\Local\Ahead
2016-04-11 09:41 - 2015-12-30 22:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-10 19:16 - 2009-07-14 01:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 19:06 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-04-08 19:23 - 2016-01-03 18:58 - 00000000 ____D C:\Users\USER\AppData\Roaming\Macromedia
2016-04-08 19:22 - 2015-12-30 22:28 - 00000000 ____D C:\Users\USER\AppData\Roaming\Adobe
2016-04-08 18:46 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Arquivos na raiz de alguns diretórios =======

2016-04-10 23:03 - 2016-02-24 06:18 - 1085440 _____ () C:\Users\USER\AppData\Roaming\delCalendarReg.exe
2016-04-10 23:02 - 2015-11-25 15:31 - 1100288 _____ () C:\Users\USER\AppData\Roaming\HomePage.exe
2016-04-10 19:02 - 2016-04-11 10:31 - 2767872 _____ (TODO: ) C:\Users\USER\AppData\Roaming\svrupg.exe
2016-04-10 23:02 - 2016-04-11 10:31 - 0016815 _____ () C:\Users\USER\AppData\Roaming\webad.xml
2016-04-10 23:03 - 2015-12-10 15:43 - 0600312 _____ () C:\Users\USER\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-04-10 19:02 - 2015-11-25 15:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-04-10 19:02 - 2015-12-04 13:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-04-10 19:02 - 2016-04-10 23:01 - 0014920 _____ () C:\ProgramData\webad.xml
2016-04-10 21:26 - 2016-04-10 21:26 - 0000041 _____ () C:\ProgramData\xcgui_debug.txt

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe


Alguns arquivos em TEMP:
====================
C:\Users\USER\AppData\Local\Temp\23333.exe
C:\Users\USER\AppData\Local\Temp\AOQ21OFIDE.exe
C:\Users\USER\AppData\Local\Temp\Browser_V5.6.11466.7_r_4728_(Build1603281525).exe
C:\Users\USER\AppData\Local\Temp\libeay32.dll
C:\Users\USER\AppData\Local\Temp\msvcr120.dll
C:\Users\USER\AppData\Local\Temp\nsmEFDC.tmp.exe
C:\Users\USER\AppData\Local\Temp\ose00000.exe
C:\Users\USER\AppData\Local\Temp\sqlite3.dll
C:\Users\USER\AppData\Local\Temp\ui.dll
C:\Users\USER\AppData\Local\Temp\YHKU1ITH3F.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-08 13:59

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité