Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-07-2016
Executado por User (administrador) em HELDERPAI-PC (05-07-2016 16:35:17)
Executando a partir de F:\
Perfis Carregados: User (Perfis Disponíveis: User)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 9\MacDrive.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 9\MacDrive9Service.exe
(M-Audio) C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe
(M-Audio) C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe
(M-Audio) C:\Program Files (x86)\M-Audio\M-Track Plus\AudioDevMon.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [MacDrive 9 application] => C:\Program Files\Mediafour\MacDrive 9\MacDrive.exe [507904 2012-11-02] (Mediafour Corporation)
HKLM-x32\...\Run: [M-Audio Panel Launcher] => C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe [1190096 2013-04-24] (M-Audio)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\MountPoints2: {afb03741-e331-11e2-904c-047d7b98494b} - E:\Autorun.exe
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\MountPoints2: {bbf75334-adf8-11e4-be1f-047d7b98494b} - E:\LGAutoRun.exe
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\MountPoints2: {fefe8dab-7bf4-11e5-83a1-047d7b98494b} - E:\LaunchU3.exe -a
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [MacDriveVolumeIcon] -> {6B21AF46-EE37-40D0-A707-C06C17D06CE9} => C:\Program Files\Mediafour\MacDrive 9\MDVolumeIcons.dll [2012-05-21] (Mediafour Corporation)
ShellIconOverlayIdentifiers: [MacDriveVolumeIconReadOnly] -> {E9BC4DCA-0A4E-4C65-9D40-621C9D0CDC5F} => C:\Program Files\Mediafour\MacDrive 9\MDVolumeIcons.dll [2012-05-21] (Mediafour Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
AlternateShell:
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5DB29014-B7B0-477D-AE5B-1A41D26B07AB}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DE904BA3-F61A-45A0-8E1C-C57EB5AE1BC2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.psafe.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.psafe.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-359040354-3672872302-106447875-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=pt-br
HKU\S-1-5-21-359040354-3672872302-106447875-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.psafe.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_d4w_14_42_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyBtAyDtB0BtAtBzyyByCzytN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtBtDzz0F0D0F0BtGtA0AtDyDtGyEyCtDtDtG0B0BtD0FtGtAyCtA0BtDtDzzzytAzztByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAzzyB0AtA0CyBtGtAtAtCtCtGyEyEyEzytGzzyC0DtCtGtBtBtBtA0BzytDyDtAzztByB2Q&cr=354849476&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_d4w_14_42_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyBtAyDtB0BtAtBzyyByCzytN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtBtDzz0F0D0F0BtGtA0AtDyDtGyEyCtDtDtG0B0BtD0FtGtAyCtA0BtDtDzzzytAzztByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAzzyB0AtA0CyBtGtAtAtCtCtGyEyEyEzytGzzyC0DtCtGtBtBtBtA0BzytDyDtAzztByB2Q&cr=354849476&ir=
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {10BD7F68-7E3C-47E9-93D1-89BA1DC48741} URL = hxxp://www.search.ask.com/web?tpid=ATU4-SP&o=APN11391&pf=V7&p2=^BAY^YYYYYY^YY^BR&gct=&itbv=12.22.0.13&apn_uid=FD3A2C20-1466-43B6-AD48-9FF01996250F&apn_ptnrs=^BAY&apn_dtid=^YYYYYY^YY^BR&apn_dbr=cr_36.0.1985.125&doi=2014-12-15&trgb=CR&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {89A89BA2-B2FD-4979-BDDF-FF2DFE5AD9CD} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851643&CUI=UN21339252832070932&UM=1
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {DC101E3A-4143-47C9-92C9-600C4C332FF2} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_d4w_14_42_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyBtAyDtB0BtAtBzyyByCzytN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtBtDzz0F0D0F0BtGtA0AtDyDtGyEyCtDtDtG0B0BtD0FtGtAyCtA0BtDtDzzzytAzztByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAzzyB0AtA0CyBtGtAtAtCtCtGyEyEyEzytGzzyC0DtCtGtBtBtBtA0BzytDyDtAzztByB2Q&cr=354849476&ir=
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-30] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL => Nenhum Arquivo
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll => Nenhum Arquivo
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-30] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll => Nenhum Arquivo
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-05-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-05-27] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => Nenhum Arquivo
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll => Nenhum Arquivo
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.50.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Azov Sea Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlbggommlbjkfcfpclbcffgfkmkmega [2014-01-20]
CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-06]
CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (PConverter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2016-06-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-27]
CHR HKU\S-1-5-21-359040354-3672872302-106447875-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-359040354-3672872302-106447875-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - C:\Users\User\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx [2013-05-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - C:\Users\User\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx [2013-05-22]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-20] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 MacDrive9Service; C:\Program Files\Mediafour\MacDrive 9\MacDrive9Service.exe [178176 2012-11-02] (Mediafour Corporation) [Arquivo não assinado]
R2 MTrackAudioDevMon; C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe [546816 2013-04-24] (M-Audio) [Arquivo não assinado]
R2 MTrackPlusAudioDevMon; C:\Program Files (x86)\M-Audio\M-Track Plus\AudioDevMon.exe [2363664 2014-08-04] (M-Audio)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-30] (AVAST Software)
R1 CBDisk; C:\Windows\system32\drivers\CBDisk.sys [70344 2011-05-06] (EldoS Corporation)
S3 CLAVIAUSB64; C:\Windows\System32\DRIVERS\ClaviaUSB64.sys [26496 2011-10-06] (Clavia DMI AB) [Arquivo não assinado]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2015-02-16] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
S3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.)
R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [322768 2012-11-15] (Mediafour Corporation)
R0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [32464 2012-06-05] (Mediafour Corporation)
R0 MDRAID; C:\Windows\System32\DRIVERS\MDRAID.sys [187120 2012-06-11] (Mediafour Corporation)
S3 MONEYPENNY; C:\Windows\System32\DRIVERS\MAudioFastTrackC400.sys [486704 2011-06-03] (M-Audio)
S3 MONEYPENNYDFU; C:\Windows\System32\DRIVERS\MAudioFastTrackC400_DFU.sys [30512 2011-06-03] (Avid)
R3 MTRACK; C:\Windows\System32\DRIVERS\MAudioMTrack.sys [471040 2013-04-24] (M-Audio)
R1 NPF; C:\Windows\System32\DRIVERS\npf.sys [35344 2010-07-15] (CACE Technologies, Inc.)
R1 NPF; C:\Windows\SysWOW64\DRIVERS\npf.sys [35088 2010-07-15] (CACE Technologies, Inc.)
S3 RDID1141; C:\Windows\System32\Drivers\rdwm1141.sys [202752 2013-10-18] (Roland Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 16:30 - 2016-07-05 16:35 - 00000000 ____D C:\FRST
2016-07-05 16:22 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-05 16:17 - 2015-08-18 23:39 - 01034556 _____ C:\Users\User\Desktop\Windows6.1-KB2999226-x64.msu
2016-07-05 16:10 - 2016-07-05 16:10 - 00000000 ____D C:\Users\User\AppData\Local\Waves Audio
2016-07-05 16:09 - 2016-07-05 16:12 - 00000000 ____D C:\Users\Todos os Usuários\Waves Audio
2016-07-05 16:09 - 2016-07-05 16:12 - 00000000 ____D C:\ProgramData\Waves Audio
2016-07-05 16:01 - 2016-07-05 16:23 - 00000000 ____D C:\Program Files (x86)\Waves Central
2016-07-05 16:01 - 2016-07-05 16:01 - 00001233 _____ C:\Users\Public\Desktop\Waves Central.lnk
2016-07-05 16:01 - 2016-07-05 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves Central
2016-07-05 16:01 - 2016-07-05 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2016-07-05 15:33 - 2016-07-05 16:01 - 00000000 ____D C:\Users\User\Desktop\Waves.Complete.v2016.04.20.Incl.Patched.and.Keygen-R2R
2016-07-05 15:03 - 2016-07-05 15:03 - 00001973 _____ C:\Users\Public\Desktop\Pro Tools 10.lnk
2016-07-05 15:03 - 2016-07-05 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
2016-07-05 14:53 - 2016-07-05 14:53 - 00000000 ____D C:\Program Files\Avid
2016-07-05 14:39 - 2015-03-05 16:10 - 75864734 _____ C:\Users\User\Desktop\Patch KillerBugs v.5.rar
2016-07-05 14:38 - 2015-08-18 16:25 - 1909680164 _____ C:\Users\User\Desktop\Pro_Tools_10_3_9_Win_81889.zip
2016-07-01 10:32 - 2016-07-01 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-01 10:31 - 2016-07-01 10:31 - 00000000 ____D C:\Users\User\AppData\Local\CEF
2016-07-01 10:31 - 2016-06-30 14:46 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-30 14:46 - 2016-06-30 14:46 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-30 14:46 - 2016-06-30 14:46 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-30 14:46 - 2016-06-30 14:46 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-28 09:46 - 2016-06-28 09:46 - 00280328 _____ C:\Windows\Minidump\062816-40591-01.dmp
2016-06-27 15:37 - 2016-06-30 14:59 - 38896842 _____ C:\Users\User\Desktop\VS- CORAÇÃO MACHUCADO.wav
2016-06-22 12:43 - 2016-06-22 12:43 - 00000000 ____D C:\Users\User\Downloads\@FOTOS
2016-06-22 12:42 - 2016-06-22 12:42 - 00000000 ____D C:\Users\User\Downloads\@MUSICAS
2016-06-22 12:30 - 2016-06-22 12:42 - 00000000 ____D C:\Users\User\Downloads\@PROGRAMAS
2016-06-21 12:09 - 2016-06-21 12:09 - 00000000 ____D C:\Users\User\Luiz e Isac
2016-06-20 16:43 - 2016-06-20 17:05 - 00000000 ____D C:\Users\User\Documents\ttt
2016-06-20 16:28 - 2016-06-20 16:28 - 00001818 _____ C:\Users\Public\Desktop\Webinaria.lnk
2016-06-20 16:28 - 2016-06-20 16:28 - 00000000 ___SD C:\Users\User\Documents\Webinaria Files
2016-06-20 16:28 - 2016-06-20 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webinaria
2016-06-20 16:28 - 2016-06-20 16:28 - 00000000 ____D C:\Program Files (x86)\Webinaria
2016-06-16 14:09 - 2016-06-16 14:09 - 59809674 _____ C:\Users\User\Downloads\MODA DERRAMADA.rar
2016-06-15 11:43 - 2016-06-15 12:08 - 00000000 ____D C:\Users\User\Downloads\Curso Kontakt 5 PT
2016-06-15 11:43 - 2016-06-15 11:43 - 00000000 ____D C:\Users\User\Desktop\Curso Completo do Kontakt 5 em Português
2016-06-15 11:42 - 2016-06-15 11:42 - 00002638 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-06-15 11:39 - 2016-06-15 11:39 - 00050048 _____ C:\Users\User\Downloads\Curso Kontakt 5 PT.torrent
2016-06-14 19:27 - 2016-06-14 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 16:35 - 2015-02-03 22:03 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 16:23 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-05 16:23 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-05 16:19 - 2009-07-14 14:55 - 00717858 _____ C:\Windows\system32\prfh0416.dat
2016-07-05 16:19 - 2009-07-14 14:55 - 00141842 _____ C:\Windows\system32\prfc0416.dat
2016-07-05 16:19 - 2009-07-14 02:13 - 01655652 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 16:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-05 16:09 - 2015-02-03 22:03 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-05 16:09 - 2013-08-15 22:11 - 00000000 ____D C:\Users\User\AppData\Roaming\Waves Audio
2016-07-05 16:08 - 2013-07-01 18:02 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-07-05 16:08 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-05 16:06 - 2013-07-22 18:24 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-05 16:06 - 2013-07-22 18:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-05 16:01 - 2013-07-01 17:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-05 15:40 - 2014-07-22 23:26 - 00116688 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-05 15:39 - 2013-08-15 22:04 - 00000000 ____D C:\Program Files (x86)\Waves
2016-07-05 15:39 - 2013-08-15 22:04 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2016-07-05 15:19 - 2016-06-03 11:04 - 00000000 ____D C:\Users\User\Documents\tttt
2016-07-05 15:19 - 2013-09-18 12:50 - 00000000 ____D C:\Program Files\Recuva
2016-07-05 15:15 - 2015-01-21 21:32 - 00000000 ____D C:\Users\User\AvidLogFiles
2016-07-05 15:12 - 2012-11-01 05:51 - 00000000 ___HD C:\Users\User\AppData\Local\3aUDemxw4
2016-07-05 15:06 - 2014-07-22 23:26 - 00429472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-05 15:05 - 2013-07-01 18:02 - 00000832 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-07-05 15:02 - 2015-01-21 21:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Avid
2016-07-04 17:15 - 2016-04-11 10:50 - 00000000 ____D C:\Users\User\Desktop\Repertorio Luiz Felipe
2016-07-04 14:25 - 2013-07-03 20:05 - 00000000 ____D C:\Users\User\AppData\Roaming\MiniLyrics
2016-07-04 12:55 - 2016-04-19 11:21 - 00000000 ____D C:\Users\User\Desktop\VS ABERTOS SERTANEJOS
2016-07-01 12:21 - 2015-11-23 09:39 - 00000000 ____D C:\Sonar_Temporarios
2016-07-01 11:02 - 2013-07-05 11:23 - 00056832 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-01 10:32 - 2016-03-23 18:07 - 00003904 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458767235
2016-07-01 10:31 - 2013-07-01 16:33 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-30 14:47 - 2013-07-01 16:33 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-30 14:46 - 2016-03-23 18:07 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-30 14:46 - 2014-04-20 09:21 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146730887110502
2016-06-30 14:46 - 2013-07-01 16:33 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-29 12:05 - 2016-05-27 11:28 - 00000000 ____D C:\Users\User\Desktop\ensaio blocos
2016-06-29 11:44 - 2013-07-02 17:28 - 00000000 ____D C:\Cakewalk Projects
2016-06-29 09:47 - 2015-02-16 18:25 - 00000000 ____D C:\Users\User\Documents\Addictive Drums 2 Logs
2016-06-28 09:46 - 2015-02-04 12:55 - 461479567 _____ C:\Windows\MEMORY.DMP
2016-06-28 09:46 - 2015-02-04 12:55 - 00000000 ____D C:\Windows\Minidump
2016-06-26 00:25 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-22 12:33 - 2015-07-10 14:34 - 00000000 ____D C:\Users\User\Desktop\MLyrics
2016-06-22 12:29 - 2015-07-29 15:35 - 00001986 _____ C:\Users\User\Desktop\Nero StartSmart Essentials.lnk
2016-06-22 12:29 - 2014-11-12 11:20 - 00001202 _____ C:\Users\User\Desktop\Avast Free Antivirus.lnk
2016-06-22 12:28 - 2015-12-14 18:56 - 00002094 _____ C:\Users\User\Desktop\aTube Catcher.lnk
2016-06-22 12:27 - 2015-03-07 13:54 - 00000000 ____D C:\Users\User\Desktop\VARIOS LOOPS ,VANERA ,PAGODE , ETC ;
2016-06-20 16:32 - 2013-07-02 14:30 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-06-20 15:29 - 2014-10-11 22:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-20 15:29 - 2013-07-02 19:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-06-20 15:29 - 2013-07-02 19:22 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-06-20 15:29 - 2013-07-02 19:22 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 15:37 - 2013-07-01 17:29 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 11:45 - 2016-05-11 09:16 - 00000000 ____D C:\Users\User\Desktop\LUIZ FELIPE BLOCOS
2016-06-14 19:27 - 2014-10-11 22:39 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2016-06-10 16:25 - 2015-07-19 20:38 - 00000000 ____D C:\Users\User\Desktop\Para Barzinho
2016-06-08 12:27 - 2016-04-28 12:50 - 00000000 ____D C:\Users\User\Desktop\vs mp3 luiz felipe
==================== Arquivos na raiz de alguns diretórios =======
2012-06-26 10:10 - 2012-06-26 10:10 - 0488448 _____ (Mediafour Corporation) C:\Program Files\Common Files\M4LIC2.hht
2015-07-17 17:01 - 2015-07-17 17:01 - 0000000 _____ () C:\Users\User\AppData\Roaming\botpc.cdr
2013-07-05 11:23 - 2016-07-01 11:02 - 0056832 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-03 11:48 - 2015-09-03 11:48 - 0000000 _____ () C:\Users\User\AppData\Local\{3CEDF947-2D25-4718-8ABE-3FA901CDDBF8}
2014-10-13 10:05 - 2014-10-13 10:05 - 0000020 _____ () C:\ProgramData\bc.ini
Alguns arquivos em TEMP:
====================
C:\Users\User\AppData\Local\Temp\aacdec.exe
C:\Users\User\AppData\Local\Temp\atcMedia2761427068372.exe
C:\Users\User\AppData\Local\Temp\atcMedia3631418656128.exe
C:\Users\User\AppData\Local\Temp\atcMedia841434389477.exe
C:\Users\User\AppData\Local\Temp\BD16.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-06-27 12:56
==================== Fim de FRST.txt ============================
Executado por User (administrador) em HELDERPAI-PC (05-07-2016 16:35:17)
Executando a partir de F:\
Perfis Carregados: User (Perfis Disponíveis: User)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 9\MacDrive.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 9\MacDrive9Service.exe
(M-Audio) C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe
(M-Audio) C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe
(M-Audio) C:\Program Files (x86)\M-Audio\M-Track Plus\AudioDevMon.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [MacDrive 9 application] => C:\Program Files\Mediafour\MacDrive 9\MacDrive.exe [507904 2012-11-02] (Mediafour Corporation)
HKLM-x32\...\Run: [M-Audio Panel Launcher] => C:\Program Files (x86)\M-Audio\M-Track\MAPanel.exe [1190096 2013-04-24] (M-Audio)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\MountPoints2: {afb03741-e331-11e2-904c-047d7b98494b} - E:\Autorun.exe
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\MountPoints2: {bbf75334-adf8-11e4-be1f-047d7b98494b} - E:\LGAutoRun.exe
HKU\S-1-5-21-359040354-3672872302-106447875-1000\...\MountPoints2: {fefe8dab-7bf4-11e5-83a1-047d7b98494b} - E:\LaunchU3.exe -a
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [MacDriveVolumeIcon] -> {6B21AF46-EE37-40D0-A707-C06C17D06CE9} => C:\Program Files\Mediafour\MacDrive 9\MDVolumeIcons.dll [2012-05-21] (Mediafour Corporation)
ShellIconOverlayIdentifiers: [MacDriveVolumeIconReadOnly] -> {E9BC4DCA-0A4E-4C65-9D40-621C9D0CDC5F} => C:\Program Files\Mediafour\MacDrive 9\MDVolumeIcons.dll [2012-05-21] (Mediafour Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL Nenhum Arquivo
AlternateShell:
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5DB29014-B7B0-477D-AE5B-1A41D26B07AB}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{DE904BA3-F61A-45A0-8E1C-C57EB5AE1BC2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.psafe.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.psafe.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-359040354-3672872302-106447875-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=pt-br
HKU\S-1-5-21-359040354-3672872302-106447875-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.psafe.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_d4w_14_42_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyBtAyDtB0BtAtBzyyByCzytN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtBtDzz0F0D0F0BtGtA0AtDyDtGyEyCtDtDtG0B0BtD0FtGtAyCtA0BtDtDzzzytAzztByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAzzyB0AtA0CyBtGtAtAtCtCtGyEyEyEzytGzzyC0DtCtGtBtBtBtA0BzytDyDtAzztByB2Q&cr=354849476&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_d4w_14_42_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyBtAyDtB0BtAtBzyyByCzytN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtBtDzz0F0D0F0BtGtA0AtDyDtGyEyCtDtDtG0B0BtD0FtGtAyCtA0BtDtDzzzytAzztByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAzzyB0AtA0CyBtGtAtAtCtCtGyEyEyEzytGzzyC0DtCtGtBtBtBtA0BzytDyDtAzztByB2Q&cr=354849476&ir=
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {10BD7F68-7E3C-47E9-93D1-89BA1DC48741} URL = hxxp://www.search.ask.com/web?tpid=ATU4-SP&o=APN11391&pf=V7&p2=^BAY^YYYYYY^YY^BR&gct=&itbv=12.22.0.13&apn_uid=FD3A2C20-1466-43B6-AD48-9FF01996250F&apn_ptnrs=^BAY&apn_dtid=^YYYYYY^YY^BR&apn_dbr=cr_36.0.1985.125&doi=2014-12-15&trgb=CR&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {89A89BA2-B2FD-4979-BDDF-FF2DFE5AD9CD} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851643&CUI=UN21339252832070932&UM=1
SearchScopes: HKU\S-1-5-21-359040354-3672872302-106447875-1000 -> {DC101E3A-4143-47C9-92C9-600C4C332FF2} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_d4w_14_42_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyBtAyDtB0BtAtBzyyByCzytN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtBtDzz0F0D0F0BtGtA0AtDyDtGyEyCtDtDtG0B0BtD0FtGtAyCtA0BtDtDzzzytAzztByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtAzzyB0AtA0CyBtGtAtAtCtCtGyEyEyEzytGzzyC0DtCtGtBtBtBtA0BzytDyDtAzztByB2Q&cr=354849476&ir=
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-30] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL => Nenhum Arquivo
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll => Nenhum Arquivo
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-30] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll => Nenhum Arquivo
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-05-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-05-27] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => Nenhum Arquivo
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll => Nenhum Arquivo
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.50.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Azov Sea Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlbggommlbjkfcfpclbcffgfkmkmega [2014-01-20]
CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-06]
CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (PConverter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2016-06-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-27]
CHR HKU\S-1-5-21-359040354-3672872302-106447875-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-359040354-3672872302-106447875-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - C:\Users\User\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx [2013-05-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - C:\Users\User\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx [2013-05-22]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-20] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 MacDrive9Service; C:\Program Files\Mediafour\MacDrive 9\MacDrive9Service.exe [178176 2012-11-02] (Mediafour Corporation) [Arquivo não assinado]
R2 MTrackAudioDevMon; C:\Program Files (x86)\M-Audio\M-Track\AudioDevMon.exe [546816 2013-04-24] (M-Audio) [Arquivo não assinado]
R2 MTrackPlusAudioDevMon; C:\Program Files (x86)\M-Audio\M-Track Plus\AudioDevMon.exe [2363664 2014-08-04] (M-Audio)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-30] (AVAST Software)
R1 CBDisk; C:\Windows\system32\drivers\CBDisk.sys [70344 2011-05-06] (EldoS Corporation)
S3 CLAVIAUSB64; C:\Windows\System32\DRIVERS\ClaviaUSB64.sys [26496 2011-10-06] (Clavia DMI AB) [Arquivo não assinado]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2015-02-16] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
S3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.)
R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [322768 2012-11-15] (Mediafour Corporation)
R0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [32464 2012-06-05] (Mediafour Corporation)
R0 MDRAID; C:\Windows\System32\DRIVERS\MDRAID.sys [187120 2012-06-11] (Mediafour Corporation)
S3 MONEYPENNY; C:\Windows\System32\DRIVERS\MAudioFastTrackC400.sys [486704 2011-06-03] (M-Audio)
S3 MONEYPENNYDFU; C:\Windows\System32\DRIVERS\MAudioFastTrackC400_DFU.sys [30512 2011-06-03] (Avid)
R3 MTRACK; C:\Windows\System32\DRIVERS\MAudioMTrack.sys [471040 2013-04-24] (M-Audio)
R1 NPF; C:\Windows\System32\DRIVERS\npf.sys [35344 2010-07-15] (CACE Technologies, Inc.)
R1 NPF; C:\Windows\SysWOW64\DRIVERS\npf.sys [35088 2010-07-15] (CACE Technologies, Inc.)
S3 RDID1141; C:\Windows\System32\Drivers\rdwm1141.sys [202752 2013-10-18] (Roland Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 16:30 - 2016-07-05 16:35 - 00000000 ____D C:\FRST
2016-07-05 16:22 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-05 16:17 - 2015-08-18 23:39 - 01034556 _____ C:\Users\User\Desktop\Windows6.1-KB2999226-x64.msu
2016-07-05 16:10 - 2016-07-05 16:10 - 00000000 ____D C:\Users\User\AppData\Local\Waves Audio
2016-07-05 16:09 - 2016-07-05 16:12 - 00000000 ____D C:\Users\Todos os Usuários\Waves Audio
2016-07-05 16:09 - 2016-07-05 16:12 - 00000000 ____D C:\ProgramData\Waves Audio
2016-07-05 16:01 - 2016-07-05 16:23 - 00000000 ____D C:\Program Files (x86)\Waves Central
2016-07-05 16:01 - 2016-07-05 16:01 - 00001233 _____ C:\Users\Public\Desktop\Waves Central.lnk
2016-07-05 16:01 - 2016-07-05 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves Central
2016-07-05 16:01 - 2016-07-05 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2016-07-05 15:33 - 2016-07-05 16:01 - 00000000 ____D C:\Users\User\Desktop\Waves.Complete.v2016.04.20.Incl.Patched.and.Keygen-R2R
2016-07-05 15:03 - 2016-07-05 15:03 - 00001973 _____ C:\Users\Public\Desktop\Pro Tools 10.lnk
2016-07-05 15:03 - 2016-07-05 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
2016-07-05 14:53 - 2016-07-05 14:53 - 00000000 ____D C:\Program Files\Avid
2016-07-05 14:39 - 2015-03-05 16:10 - 75864734 _____ C:\Users\User\Desktop\Patch KillerBugs v.5.rar
2016-07-05 14:38 - 2015-08-18 16:25 - 1909680164 _____ C:\Users\User\Desktop\Pro_Tools_10_3_9_Win_81889.zip
2016-07-01 10:32 - 2016-07-01 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-01 10:31 - 2016-07-01 10:31 - 00000000 ____D C:\Users\User\AppData\Local\CEF
2016-07-01 10:31 - 2016-06-30 14:46 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-30 14:46 - 2016-06-30 14:46 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-30 14:46 - 2016-06-30 14:46 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-30 14:46 - 2016-06-30 14:46 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-28 09:46 - 2016-06-28 09:46 - 00280328 _____ C:\Windows\Minidump\062816-40591-01.dmp
2016-06-27 15:37 - 2016-06-30 14:59 - 38896842 _____ C:\Users\User\Desktop\VS- CORAÇÃO MACHUCADO.wav
2016-06-22 12:43 - 2016-06-22 12:43 - 00000000 ____D C:\Users\User\Downloads\@FOTOS
2016-06-22 12:42 - 2016-06-22 12:42 - 00000000 ____D C:\Users\User\Downloads\@MUSICAS
2016-06-22 12:30 - 2016-06-22 12:42 - 00000000 ____D C:\Users\User\Downloads\@PROGRAMAS
2016-06-21 12:09 - 2016-06-21 12:09 - 00000000 ____D C:\Users\User\Luiz e Isac
2016-06-20 16:43 - 2016-06-20 17:05 - 00000000 ____D C:\Users\User\Documents\ttt
2016-06-20 16:28 - 2016-06-20 16:28 - 00001818 _____ C:\Users\Public\Desktop\Webinaria.lnk
2016-06-20 16:28 - 2016-06-20 16:28 - 00000000 ___SD C:\Users\User\Documents\Webinaria Files
2016-06-20 16:28 - 2016-06-20 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webinaria
2016-06-20 16:28 - 2016-06-20 16:28 - 00000000 ____D C:\Program Files (x86)\Webinaria
2016-06-16 14:09 - 2016-06-16 14:09 - 59809674 _____ C:\Users\User\Downloads\MODA DERRAMADA.rar
2016-06-15 11:43 - 2016-06-15 12:08 - 00000000 ____D C:\Users\User\Downloads\Curso Kontakt 5 PT
2016-06-15 11:43 - 2016-06-15 11:43 - 00000000 ____D C:\Users\User\Desktop\Curso Completo do Kontakt 5 em Português
2016-06-15 11:42 - 2016-06-15 11:42 - 00002638 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-06-15 11:39 - 2016-06-15 11:39 - 00050048 _____ C:\Users\User\Downloads\Curso Kontakt 5 PT.torrent
2016-06-14 19:27 - 2016-06-14 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-07-05 16:35 - 2015-02-03 22:03 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 16:23 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-05 16:23 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-05 16:19 - 2009-07-14 14:55 - 00717858 _____ C:\Windows\system32\prfh0416.dat
2016-07-05 16:19 - 2009-07-14 14:55 - 00141842 _____ C:\Windows\system32\prfc0416.dat
2016-07-05 16:19 - 2009-07-14 02:13 - 01655652 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 16:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-05 16:09 - 2015-02-03 22:03 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-05 16:09 - 2013-08-15 22:11 - 00000000 ____D C:\Users\User\AppData\Roaming\Waves Audio
2016-07-05 16:08 - 2013-07-01 18:02 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-07-05 16:08 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-05 16:06 - 2013-07-22 18:24 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-05 16:06 - 2013-07-22 18:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-05 16:01 - 2013-07-01 17:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-05 15:40 - 2014-07-22 23:26 - 00116688 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-05 15:39 - 2013-08-15 22:04 - 00000000 ____D C:\Program Files (x86)\Waves
2016-07-05 15:39 - 2013-08-15 22:04 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2016-07-05 15:19 - 2016-06-03 11:04 - 00000000 ____D C:\Users\User\Documents\tttt
2016-07-05 15:19 - 2013-09-18 12:50 - 00000000 ____D C:\Program Files\Recuva
2016-07-05 15:15 - 2015-01-21 21:32 - 00000000 ____D C:\Users\User\AvidLogFiles
2016-07-05 15:12 - 2012-11-01 05:51 - 00000000 ___HD C:\Users\User\AppData\Local\3aUDemxw4
2016-07-05 15:06 - 2014-07-22 23:26 - 00429472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-05 15:05 - 2013-07-01 18:02 - 00000832 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-07-05 15:02 - 2015-01-21 21:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Avid
2016-07-04 17:15 - 2016-04-11 10:50 - 00000000 ____D C:\Users\User\Desktop\Repertorio Luiz Felipe
2016-07-04 14:25 - 2013-07-03 20:05 - 00000000 ____D C:\Users\User\AppData\Roaming\MiniLyrics
2016-07-04 12:55 - 2016-04-19 11:21 - 00000000 ____D C:\Users\User\Desktop\VS ABERTOS SERTANEJOS
2016-07-01 12:21 - 2015-11-23 09:39 - 00000000 ____D C:\Sonar_Temporarios
2016-07-01 11:02 - 2013-07-05 11:23 - 00056832 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-01 10:32 - 2016-03-23 18:07 - 00003904 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458767235
2016-07-01 10:31 - 2013-07-01 16:33 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-30 14:47 - 2013-07-01 16:33 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-30 14:46 - 2016-03-23 18:07 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-30 14:46 - 2014-04-20 09:21 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146730887110502
2016-06-30 14:46 - 2013-07-01 16:33 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-30 14:46 - 2013-07-01 16:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-29 12:05 - 2016-05-27 11:28 - 00000000 ____D C:\Users\User\Desktop\ensaio blocos
2016-06-29 11:44 - 2013-07-02 17:28 - 00000000 ____D C:\Cakewalk Projects
2016-06-29 09:47 - 2015-02-16 18:25 - 00000000 ____D C:\Users\User\Documents\Addictive Drums 2 Logs
2016-06-28 09:46 - 2015-02-04 12:55 - 461479567 _____ C:\Windows\MEMORY.DMP
2016-06-28 09:46 - 2015-02-04 12:55 - 00000000 ____D C:\Windows\Minidump
2016-06-26 00:25 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-22 12:33 - 2015-07-10 14:34 - 00000000 ____D C:\Users\User\Desktop\MLyrics
2016-06-22 12:29 - 2015-07-29 15:35 - 00001986 _____ C:\Users\User\Desktop\Nero StartSmart Essentials.lnk
2016-06-22 12:29 - 2014-11-12 11:20 - 00001202 _____ C:\Users\User\Desktop\Avast Free Antivirus.lnk
2016-06-22 12:28 - 2015-12-14 18:56 - 00002094 _____ C:\Users\User\Desktop\aTube Catcher.lnk
2016-06-22 12:27 - 2015-03-07 13:54 - 00000000 ____D C:\Users\User\Desktop\VARIOS LOOPS ,VANERA ,PAGODE , ETC ;
2016-06-20 16:32 - 2013-07-02 14:30 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-06-20 15:29 - 2014-10-11 22:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-20 15:29 - 2013-07-02 19:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-06-20 15:29 - 2013-07-02 19:22 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-06-20 15:29 - 2013-07-02 19:22 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 15:37 - 2013-07-01 17:29 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 11:45 - 2016-05-11 09:16 - 00000000 ____D C:\Users\User\Desktop\LUIZ FELIPE BLOCOS
2016-06-14 19:27 - 2014-10-11 22:39 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2016-06-10 16:25 - 2015-07-19 20:38 - 00000000 ____D C:\Users\User\Desktop\Para Barzinho
2016-06-08 12:27 - 2016-04-28 12:50 - 00000000 ____D C:\Users\User\Desktop\vs mp3 luiz felipe
==================== Arquivos na raiz de alguns diretórios =======
2012-06-26 10:10 - 2012-06-26 10:10 - 0488448 _____ (Mediafour Corporation) C:\Program Files\Common Files\M4LIC2.hht
2015-07-17 17:01 - 2015-07-17 17:01 - 0000000 _____ () C:\Users\User\AppData\Roaming\botpc.cdr
2013-07-05 11:23 - 2016-07-01 11:02 - 0056832 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-03 11:48 - 2015-09-03 11:48 - 0000000 _____ () C:\Users\User\AppData\Local\{3CEDF947-2D25-4718-8ABE-3FA901CDDBF8}
2014-10-13 10:05 - 2014-10-13 10:05 - 0000020 _____ () C:\ProgramData\bc.ini
Alguns arquivos em TEMP:
====================
C:\Users\User\AppData\Local\Temp\aacdec.exe
C:\Users\User\AppData\Local\Temp\atcMedia2761427068372.exe
C:\Users\User\AppData\Local\Temp\atcMedia3631418656128.exe
C:\Users\User\AppData\Local\Temp\atcMedia841434389477.exe
C:\Users\User\AppData\Local\Temp\BD16.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-06-27 12:56
==================== Fim de FRST.txt ============================