cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-07-2016
Executado por Marcos (administrador) em MARCOS-RICOLDI (05-07-2016 23:39:31)
Executando a partir de C:\Users\Marcos\Downloads
Perfis Carregados: Marcos (Perfis Disponíveis: Marcos)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: "C:\Program Files (x86)\Toolrain\Application\chrome.exe" "%1")
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(Winziper Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(tsvr.com) C:\Users\Marcos\AppData\Roaming\TSv\TSvr.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\SFK\SSFK.exe
(TData.com) C:\Program Files (x86)\TData\TData.exe
(WFini LIMITED) C:\ProgramData\3winp3\WFini.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Marcos\AppData\Roaming\uTorrent\uTorrent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Marcos\Local Settings\Apps\F.lux\flux.exe
() C:\Program Files (x86)\TP-LINK\Utilitário de Configuração Wireless da TP-LINK\TWCU.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Corsair Components Inc) C:\Program Files (x86)\Corsair\M65 Mouse\CorsTra.exe
(BitTorrent Inc.) C:\Users\Marcos\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Marcos\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\ProgramData\Toolrain\Toolrain.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-27] (Raptr, Inc)
HKLM-x32\...\Run: [Corsair M65 Mouse] => C:\Program Files (x86)\Corsair\M65 Mouse\M65Hid.exe [1766912 2013-08-15] (Corsair Components Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-01] (Plays.tv, LLC)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [uTorrent] => C:\Users\Marcos\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-21] (BitTorrent Inc.)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [GoogleChromeAutoLaunch_C1BC9AC30E031DFD659FEA797D292C8F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\Run: [F.lux] => C:\Users\Marcos\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: D - "D:\SETUP.EXE"
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: F - "F:\Setup.exe"
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: {07dedbdf-1926-11e5-8263-74d435e3ad4d} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: {6f374af4-ff33-11e4-825c-74d435e3ad4d} - "D:\Startme.exe"
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: {7866fdbd-2276-11e5-8267-74d435e3ad4d} - "D:\SETUP.EXE"
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: {d49ec0c4-0f37-11e6-828c-74d435e3ad4d} - "F:\Setup.exe"
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\...\MountPoints2: {e9cbd330-9867-11e5-827c-74d435e3ad4d} - "F:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Utilitário de Configuração Wireless da TP-LINK.lnk [2015-04-18]
ShortcutTarget: Utilitário de Configuração Wireless da TP-LINK.lnk -> C:\Program Files (x86)\TP-LINK\Utilitário de Configuração Wireless da TP-LINK\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{E8601129-C1EE-4971-9631-C8EC6D110F78}: [DhcpNameServer] 192.168.15.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1467254321&z=1943dc145efc457381f7a63g3z9q2mbobwfz1c7g2m&from=eve0629&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=2211&b=3&installkey=r8q4on0LzeEIXlpxuhIT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1466694204&z=59d50fa44c6d626929feccfg8z9q3qeqat6z1g9t8b&from=wpm0616&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1466694204&z=59d50fa44c6d626929feccfg8z9q3qeqat6z1g9t8b&from=wpm0616&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1467254321&z=1943dc145efc457381f7a63g3z9q2mbobwfz1c7g2m&from=eve0629&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1467254321&z=1943dc145efc457381f7a63g3z9q2mbobwfz1c7g2m&from=eve0629&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1466694204&z=59d50fa44c6d626929feccfg8z9q3qeqat6z1g9t8b&from=wpm0616&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1466694204&z=59d50fa44c6d626929feccfg8z9q3qeqat6z1g9t8b&from=wpm0616&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1467254321&z=1943dc145efc457381f7a63g3z9q2mbobwfz1c7g2m&from=eve0629&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=2211&b=3&installkey=r8q4on0LzeEIXlpxuhIT
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1467254321&z=1943dc145efc457381f7a63g3z9q2mbobwfz1c7g2m&from=eve0629&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560
HKU\S-1-5-21-3355082971-3927395873-3234585976-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1467254321&z=1943dc145efc457381f7a63g3z9q2mbobwfz1c7g2m&from=eve0629&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1466694204&z=59d50fa44c6d626929feccfg8z9q3qeqat6z1g9t8b&from=wpm0616&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1466694204&z=59d50fa44c6d626929feccfg8z9q3qeqat6z1g9t8b&from=wpm0616&uid=WDCXWD3200AAJS-00L7A0_WD-WMAV2429756097560&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.globasearch.com/?serie=2211&installkey=r8q4on0LzeEIXlpxuhIT&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=2211&installkey=r8q4on0LzeEIXlpxuhIT&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.globasearch.com/?serie=2211&installkey=r8q4on0LzeEIXlpxuhIT&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3355082971-3927395873-3234585976-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.globasearch.com/?serie=2211&installkey=r8q4on0LzeEIXlpxuhIT&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3355082971-3927395873-3234585976-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.globasearch.com/?serie=2211&installkey=r8q4on0LzeEIXlpxuhIT&b=3&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3355082971-3927395873-3234585976-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-01] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1465942032&from=6b1d0614&uid=wdcxwd3200aajs-00l7a0_wd-wmav2429756097560&z=0cf40a5fcfefc44830ae93fgezeq2wdtez0o8e7c8e
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1465942032&from=6b1d0614&uid=wdcxwd3200aajs-00l7a0_wd-wmav2429756097560&z=0cf40a5fcfefc44830ae93fgezeq2wdtez0o8e7c8e"
CHR Profile: C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-13] (EasyAntiCheat Ltd)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Arquivo não assinado]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 IhPul; C:\Users\Marcos\AppData\Roaming\TSv\TSvr.exe [364752 2016-06-27] (tsvr.com)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-12] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-01] (Plays.tv, LLC)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-01-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-07] ()
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [735448 2016-06-28] (Qksee Pvt Ltd.)
S2 server; C:\Program Files (x86)\yessearchesbnd\server.exe [273112 2015-11-11] ()
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [Arquivo não assinado]
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [133856 2016-06-28] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [135880 2016-06-12] (TData.com)
R2 ToolrainP; C:\ProgramData\Toolrain\Toolrain.exe [424832 2016-06-28] ()
S2 ToolrainU; C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe [590208 2016-06-28] ()
R2 WdMan; C:\ProgramData\3winp3\WFini.exe [210152 2016-06-27] (WFini LIMITED)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1140856 2016-06-12] (Winziper Pvt Ltd.) <==== ATENÇÃO
S2 Update Sharp Angle; "C:\Program Files (x86)\Sharp Angle\updateSharpAngle.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-08-12] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-05] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-04-05] ()
R2 RtNdPt630; C:\Windows\system32\DRIVERS\RtNdPt630.sys [27792 2012-09-12] (Realtek Semiconductor Corp.)
S3 RTTEAMPT; C:\Windows\system32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
R3 SnakeEyes; C:\Windows\system32\drivers\SnakeEyes.sys [25600 2012-09-05] ( )
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2013-08-12] (VIA Technologies, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-04-05] (Basil Projects)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-05 23:38 - 2016-07-05 23:39 - 00023576 _____ C:\Users\Marcos\Downloads\FRST.txt
2016-07-05 23:38 - 2016-07-05 23:39 - 00000000 ____D C:\FRST
2016-07-05 23:38 - 2016-07-05 23:38 - 02390016 _____ (Farbar) C:\Users\Marcos\Downloads\FRST64.exe
2016-07-05 23:37 - 2016-07-05 23:37 - 01740288 _____ (Farbar) C:\Users\Marcos\Downloads\FRST.exe
2016-07-05 23:30 - 2016-07-05 23:30 - 00000660 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-07-05 23:30 - 2016-07-05 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-07-05 21:41 - 2016-07-05 21:43 - 14749120 _____ (Microsoft Corporation) C:\Users\Marcos\Downloads\vc_redist.x64.exe
2016-07-05 19:13 - 2012-02-14 17:12 - 00000000 ____D C:\Users\Marcos\Downloads\bios de ps2 by WESLEY1UP 2
2016-07-05 19:10 - 2016-07-05 19:11 - 17837152 _____ C:\Users\Marcos\Downloads\pcsx2-1.4.0-setup (1).exe
2016-07-05 19:08 - 2016-07-05 19:09 - 21362479 _____ C:\Users\Marcos\Downloads\bios de ps2 by Wesley1Up secundario.rar
2016-07-05 19:06 - 2016-07-05 23:30 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-07-05 19:06 - 2016-07-05 23:30 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-05 19:05 - 2016-07-05 19:17 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-07-05 19:01 - 2016-07-05 19:02 - 17837152 _____ C:\Users\Marcos\Downloads\pcsx2-1.4.0-setup.exe
2016-07-05 19:00 - 2016-07-05 21:52 - 3156650106 _____ C:\Users\Marcos\Downloads\Não confirmado 699760.crdownload
2016-07-03 20:40 - 2016-07-03 20:40 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\eCyber
2016-07-03 20:40 - 2011-05-09 22:54 - 00000000 ____D C:\Users\Marcos\Downloads\God of War 1 & 2 + Bonus Disc (DVD5 NTSC)_PS2
2016-07-03 11:36 - 2016-07-03 11:36 - 00016061 _____ C:\Users\Marcos\Downloads\[baixargamestorrent.biz]god-of-war-2-PS2 (1).torrent
2016-07-03 11:31 - 2016-07-03 11:31 - 00016061 _____ C:\Users\Marcos\Downloads\[baixargamestorrent.biz]god-of-war-2-PS2.torrent
2016-07-03 10:16 - 2016-07-03 19:59 - 3028925886 ____R C:\Users\Marcos\Downloads\God of War 1 & 2 + Bonus Disc (DVD5 NTSC)_PS2.7z
2016-07-03 10:12 - 2016-07-03 11:37 - 00000000 ____D C:\Users\Marcos\Downloads\GOD OF WAR 2 LEGENDADO PT-Br
2016-06-29 23:39 - 2016-06-29 23:39 - 00000073 _____ C:\Windows\SysWOW64\EN_1056612671.html
2016-06-29 23:39 - 2016-06-29 23:39 - 00000072 _____ C:\Windows\SysWOW64\EN_1056615984.html
2016-06-29 23:39 - 2016-06-29 23:39 - 00000072 _____ C:\Windows\SysWOW64\EN_1056614531.html
2016-06-29 23:39 - 2016-06-29 23:39 - 00000072 _____ C:\Windows\SysWOW64\EN_1056614265.html
2016-06-29 23:39 - 2016-06-29 23:39 - 00000072 _____ C:\Windows\SysWOW64\EN_1056612984.html
2016-06-29 23:38 - 2016-06-29 23:38 - 02774265 _____ (Update) C:\Program Files (x86)\SSFK.exe
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056608890.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056608640.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056596531.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056596203.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056595718.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056595421.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\EN_1056591062.html
2016-06-29 23:38 - 2016-06-29 23:38 - 00000072 _____ C:\Windows\SysWOW64\br_1056590562.html
2016-06-29 20:41 - 2016-06-29 20:41 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-29 19:41 - 2016-06-29 19:41 - 00003556 _____ C:\Windows\System32\Tasks\ToolrainUpdateTaskMachineCore
2016-06-29 19:41 - 2016-06-29 19:41 - 00003468 _____ C:\Windows\System32\Tasks\ToolrainUpdateTaskMachineUA
2016-06-29 19:41 - 2016-06-29 19:41 - 00000000 ____D C:\Users\Todos os Usuários\Toolrain
2016-06-29 19:41 - 2016-06-29 19:41 - 00000000 ____D C:\Users\Marcos\AppData\Local\Toolrain
2016-06-29 19:41 - 2016-06-29 19:41 - 00000000 ____D C:\ProgramData\Toolrain
2016-06-29 19:41 - 2016-06-29 19:41 - 00000000 ____D C:\Program Files (x86)\Toolrain
2016-06-29 19:38 - 2016-07-05 22:56 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-29 19:38 - 2016-07-03 16:07 - 00000000 ____D C:\Program Files (x86)\qksee
2016-06-29 19:38 - 2016-06-29 19:38 - 00000000 ____D C:\Users\Todos os Usuários\3winp3
2016-06-29 19:38 - 2016-06-29 19:38 - 00000000 ____D C:\ProgramData\3winp3
2016-06-23 12:04 - 2016-06-29 19:38 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\qksee
2016-06-23 12:04 - 2016-06-23 12:04 - 00000072 _____ C:\Windows\SysWOW64\EN_496523828.html
2016-06-23 12:04 - 2016-06-23 12:04 - 00000072 _____ C:\Windows\SysWOW64\EN_496521406.html
2016-06-23 12:04 - 2016-06-23 12:04 - 00000072 _____ C:\Windows\SysWOW64\EN_496521031.html
2016-06-23 12:04 - 2016-06-23 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-06-23 12:03 - 2016-07-05 21:55 - 00000000 ____D C:\Program Files (x86)\SFK
2016-06-23 12:03 - 2016-06-29 23:38 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-06-23 12:03 - 2016-06-29 23:38 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\TSv
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496492781.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496492468.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496488484.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496488187.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496485781.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496485453.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496484828.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496484484.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\EN_496461421.html
2016-06-23 12:03 - 2016-06-23 12:03 - 00000072 _____ C:\Windows\SysWOW64\br_496460531.html
2016-06-19 19:44 - 2016-07-05 21:55 - 00000000 ____D C:\Users\Marcos\AppData\LocalLow\uTorrent
2016-06-17 20:06 - 2016-06-24 14:43 - 00001366 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2016-06-17 20:06 - 2016-06-17 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2016-06-17 19:36 - 2014-09-16 18:45 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-06-17 18:12 - 2016-06-17 18:12 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-06-17 18:12 - 2016-06-17 18:12 - 00000000 ____D C:\Program Files (x86)\TData
2016-06-17 18:09 - 2016-06-17 18:09 - 00280744 _____ C:\Windows\Minidump\061716-19125-01.dmp
2016-06-12 11:52 - 2016-06-12 11:52 - 00000000 ____D C:\Windows\system32\log
2016-06-12 11:31 - 2016-06-12 11:31 - 00000000 ____D C:\Users\Marcos\AppData\Local\SKIDROW
2016-06-04 22:06 - 2016-06-04 22:07 - 09267256 _____ (InstallShield Software Corporation) C:\Users\Marcos\Downloads\acrobat5.exe
2016-05-25 19:03 - 2016-07-04 16:59 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-05-25 19:03 - 2016-06-29 19:38 - 00009430 _____ C:\Windows\System32\Tasks\Browser Updater Task(Core)
2016-05-25 19:03 - 2016-06-12 11:51 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\WinZiper
2016-05-25 19:03 - 2016-05-25 19:03 - 00000000 ____D C:\Users\Todos os Usuários\zwinpz
2016-05-25 19:03 - 2016-05-25 19:03 - 00000000 ____D C:\ProgramData\zwinpz
2016-05-25 19:03 - 2016-05-25 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-05-25 19:03 - 2016-05-25 19:03 - 00000000 ____D C:\Program Files (x86)\QQBrowser
2016-05-10 18:05 - 2016-05-10 18:05 - 00010266 _____ C:\Users\Marcos\Desktop\PLANO MENSAL.xlsx
2016-05-08 01:26 - 2016-05-08 01:26 - 00000923 _____ C:\Users\Marcos\Desktop\HITMAN- ABSOLUTION.lnk
2016-05-08 01:20 - 2016-05-08 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
2016-05-08 00:55 - 2016-05-08 00:55 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-05-08 00:42 - 2016-05-08 00:42 - 00000559 _____ C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\musicas.lnk
2016-05-08 00:42 - 2016-05-08 00:42 - 00000559 _____ C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\imagens (2).lnk
2016-04-30 23:59 - 2016-04-30 23:59 - 00559424 _____ C:\Users\Marcos\Downloads\flux-setup.exe
2016-04-30 23:59 - 2016-04-30 23:59 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-04-30 22:34 - 2016-05-01 19:06 - 00000000 ____D C:\Users\Marcos\Downloads\Hitman.Absolution-SKIDROW
2016-04-30 22:32 - 2016-04-30 22:45 - 00000000 ____D C:\Users\Marcos\Downloads\Hitman.Absolution.CRACK.ONLY-SKIDROW
2016-04-10 13:22 - 2016-04-10 13:29 - 54306914 _____ C:\Users\Marcos\Downloads\2. Terravita X Riot Ten - I'm On It - Buygore.wav

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-05 23:39 - 2015-04-05 23:36 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\uTorrent
2016-07-05 23:35 - 2015-04-05 19:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 23:35 - 2015-04-05 19:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3355082971-3927395873-3234585976-1001
2016-07-05 23:33 - 2015-04-05 21:07 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-05 23:33 - 2015-04-05 21:07 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-05 23:29 - 2015-10-13 22:26 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\Skype
2016-07-05 22:35 - 2015-04-05 19:46 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-05 21:59 - 2015-04-05 19:47 - 00000000 ____D C:\Users\Marcos\AppData\Local\Adobe
2016-07-05 21:56 - 2016-03-09 19:38 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\PlaysTV
2016-07-05 21:56 - 2015-04-05 21:09 - 00000000 ____D C:\Users\Marcos\AppData\Roaming\Raptr
2016-07-05 21:54 - 2015-04-05 19:54 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-05 21:54 - 2015-04-05 19:32 - 00000000 ___RD C:\Users\Marcos\SkyDrive
2016-07-05 21:53 - 2015-07-05 13:25 - 00000690 _____ C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2016-07-05 21:53 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-05 21:52 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-04 14:49 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-03 21:32 - 2015-06-05 03:17 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-03 13:35 - 2015-11-20 20:02 - 00000000 ____D C:\Program Files (x86)\yessearchesbnd
2016-07-03 13:29 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-07-03 11:25 - 2015-04-25 17:11 - 01011200 ___SH C:\Users\Marcos\Downloads\Thumbs.db
2016-06-29 23:42 - 2015-10-17 09:36 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-06-29 23:42 - 2015-04-21 20:00 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-06-29 21:33 - 2015-04-05 20:34 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-06-29 21:33 - 2015-04-05 20:34 - 00000000 ____D C:\ProgramData\Origin
2016-06-29 19:41 - 2015-04-05 19:46 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-29 19:41 - 2015-04-05 19:46 - 00002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-18 14:52 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-17 18:18 - 2015-04-05 22:29 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-06-17 18:16 - 2015-04-21 20:01 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-06-17 18:09 - 2015-04-25 19:29 - 785078566 _____ C:\Windows\MEMORY.DMP
2016-06-17 18:09 - 2015-04-25 19:29 - 00000000 ____D C:\Windows\Minidump
2016-06-16 20:00 - 2015-04-05 19:25 - 00000000 ____D C:\Users\Marcos
2016-06-15 21:32 - 2015-06-05 03:20 - 00003864 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1433485190
2016-06-15 21:32 - 2015-06-05 03:19 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-06-15 17:40 - 2015-06-24 18:28 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-14 18:39 - 2015-12-19 07:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-14 18:39 - 2015-10-13 22:25 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-06-14 18:39 - 2015-10-13 22:25 - 00000000 ____D C:\ProgramData\Skype
2016-06-12 13:04 - 2015-04-05 20:34 - 00000000 ____D C:\Program Files (x86)\Origin

==================== Arquivos na raiz de alguns diretórios =======

2016-06-29 23:38 - 2016-06-29 23:38 - 2774265 _____ (Update) C:\Program Files (x86)\SSFK.exe
2015-09-13 23:01 - 2016-02-16 18:17 - 0000132 _____ () C:\Users\Marcos\AppData\Roaming\Preferências do Formato PNG do Adobe CS6

Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job


Alguns arquivos em TEMP:
====================
C:\Users\Marcos\AppData\Local\Temp\1441316245.exe
C:\Users\Marcos\AppData\Local\Temp\1443335501.exe
C:\Users\Marcos\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppgp52y.dll
C:\Users\Marcos\AppData\Local\Temp\ICReinstall_Alfie O Sedutor Torrent Dublado 720p E 1080p.exe
C:\Users\Marcos\AppData\Local\Temp\InstallHelper.exe
C:\Users\Marcos\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Marcos\AppData\Local\Temp\ose00000.exe
C:\Users\Marcos\AppData\Local\Temp\playstv_patch.exe
C:\Users\Marcos\AppData\Local\Temp\raptrpatch.exe
C:\Users\Marcos\AppData\Local\Temp\raptr_stub.exe
C:\Users\Marcos\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcos\AppData\Local\Temp\sonarinst.exe
C:\Users\Marcos\AppData\Local\Temp\tmp55DD.exe
C:\Users\Marcos\AppData\Local\Temp\tmp5CEA.exe
C:\Users\Marcos\AppData\Local\Temp\tmp5DA0.exe
C:\Users\Marcos\AppData\Local\Temp\tmp6F55.exe
C:\Users\Marcos\AppData\Local\Temp\tmpF066.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-29 20:03

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité