cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 17-07-2016 03
Executado por Rhyan (administrador) em DELL (18-07-2016 11:05:53)
Executando a partir de C:\Users\Rhyan\Desktop
Perfis Carregados: Rhyan (Perfis Disponíveis: Rhyan & Administrador)
Platform: Microsoft Windows 10 Pro Versão 1511 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
() C:\Program Files\Garena Plus\ggdllhost.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2014-11-28] (Caixa Economica Federal)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Rhyan\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [GoogleChromeAutoLaunch_7629CE93C1BBF7478E48E7091F82DD20] => C:\Users\Rhyan\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [MK LOL] => C:\Program Files\MKJogo\MK IM\Bin\MKIM.exe [1092296 2016-05-28] ()
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Run: [uTorrent] => C:\Users\Rhyan\AppData\Roaming\uTorrent\updates\3.4.7_42330.exe [2133504 2016-06-23] (BitTorrent Inc.)
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Policies\Explorer: []
HKU\S-1-5-21-341881914-638213641-549414203-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1789792 2014-11-28] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Rhyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\atajo.lnk [2016-05-06]
ShortcutTarget: atajo.lnk -> (Nenhum Arquivo)
Startup: C:\Users\Rhyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2015-05-05]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Rhyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk [2015-09-16]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk -> C:\Program Files\Hp\HP Deskjet 3050 J610 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-341881914-638213641-549414203-1001] => 127.0.0.1:8118
AutoConfigURL: [S-1-5-21-341881914-638213641-549414203-1001] => 127.0.0.1:8118
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.67.220.220 208.67.222.222
Tcpip\..\Interfaces\{3b2d2925-94e9-4782-a8fe-593a787d8525}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{5631e668-dc35-402c-8577-01a256dc9bb9}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5631e668-dc35-402c-8577-01a256dc9bb9}: [DhcpNameServer] 208.67.220.220 208.67.222.222

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=xy_79232fe6¶m1=ArFaIWVoNqArQGMVHFFoNqAqBbFaITQbQGR7xTVoN9IAy7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVI9JmIXvFI4ISoWvFFdImk3wVVdISoWvmldISoXwVU9GqYVNUI3wGYGwVM4J6oVwVU9GqUNNos3wCIYwVA9JmIYwVA9J6ITwVI9GqUNNFM3wGQENEVcGCIXvFI9ImIWwVA9J6ILNFdcIaUXNEBcGqQANFdcFCk8NoM9ISk4NVA3vCIYvmo3vmIWwVw9JaYXNVU9ISISwVU4ICoXwVM9I6oXvFE4ICIWwVw9JqYUwVU9J6oWvFNdJGYXNVA9IWYTNVNbFCILNF9cIqUXNolcEqULNopcGWUIvmFbF6IVNVU4ISoXNVU4JqYVwVI9I6oVvFQ3vCoXwVw4ICIVNVA4JmISNVQ9JqYVNVM9I6IXNVI3vCoWvFM4IGYUwVQ4J6oXvmldIGQIwV5dJGYNvmE9JrFbMnMbQGMVNGRbLGV9MaxcNrFbMnVoN9I4ATsux81cMo1bLU06ynM4C7Upw6QhATofwU1cMo1cLU0rASRbNr5bOqVoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQJxn1%3D¶m2=NGBcNWJaMGJcMJ%3D%3D
HKU\S-1-5-21-341881914-638213641-549414203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.protectedio.com/?u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=hp&inst=1468810842
HKU\S-1-5-21-341881914-638213641-549414203-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.latinamweb.com/
SearchScopes: HKLM -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=srch&inst=1468638730
SearchScopes: HKLM -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCzztDyB0FyDzz0DyBtAtN0D0Tzu0StCyDzzyBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0EyCtCzy0AyDyDtGyBzztA0AtG0E0B0DzztGtCtBtD0CtGyD0DyE0AyB0C0BtDyB0EyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AyDyB0AyB0DtDtGyDyBzyyBtGyEtD0FyBtG0BtB0D0CtGtB0DzyyCyCyE0EtByCyBzz0E2QtN0A0LzutB%26cr%3D1951218890%26a%3Dwncy_adwrldint_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=srch&inst=1468638730
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adwrldint_16_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCzztDyB0FyDzz0DyBtAtN0D0Tzu0StCyDzzyBtN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StC0EyCtCzy0AyDyDtGyBzztA0AtG0E0B0DzztGtCtBtD0CtGyD0DyE0AyB0C0BtDyB0EyByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AyDyB0AyB0DtDtGyDyBzyyBtGyEtD0FyBtG0BtB0D0CtGtB0DzyyCyCyE0EtByCyBzz0E2QtN0A0LzutB%26cr%3D1951218890%26a%3Dwncy_adwrldint_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=srch&inst=1467946850
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-341881914-638213641-549414203-1001 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=srch&inst=1468638730
SearchScopes: HKU\S-1-5-21-341881914-638213641-549414203-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=pcm&utm_campaign=install_ie&utm_content=ds&from=pcm&uid=WDCXWD3200BEVT-75ZCT2_WD-WXD0E49H3893H3893&ts=1437712846&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-341881914-638213641-549414203-1001 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=srch&inst=1468638730
SearchScopes: HKU\S-1-5-21-341881914-638213641-549414203-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=pcm&utm_campaign=install_ie&utm_content=ds&from=pcm&uid=WDCXWD3200BEVT-75ZCT2_WD-WXD0E49H3893H3893&ts=1437712846&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-341881914-638213641-549414203-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=1fbf6001a243e485478a0cc13eee0409&c=p1&src=srch&inst=1467946850
SearchScopes: HKU\S-1-5-21-341881914-638213641-549414203-1001 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2015-01-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-20] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2015-05-27] ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-341881914-638213641-549414203-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rhyan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Extension: Firefox Helper - C:\Program Files\Mozilla Firefox\distribution\bundles\1fbf6001a243e485478a0cc13eee0409 [2015-08-02] [não assinado]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => Nenhum Arquivo
CHR Plugin: (Shockwave Flash) - C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll => Nenhum Arquivo
CHR Profile: C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tampermonkey) - C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-06-30]
CHR Extension: (Slither.io Mods,Plus & friends & Skins) - C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hficpeaiodbodebnnlimbagpfajmbdln [2016-06-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\Rhyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-23]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-341881914-638213641-549414203-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [396952 2016-03-09] ()
S4 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2015-04-23] (Flexera Software LLC)
S4 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1897480 2016-04-05] (LogMeIn Inc.)
S4 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-12-15] (Hi-Rez Studios) [Arquivo não assinado]
S4 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S4 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2016-04-05] (LogMeIn, Inc.)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [239880 2016-02-05] (McAfee, Inc.)
S2 PrivoxyService; C:\Program Files\IT Viewer\privoxy.exe [371200 2016-07-17] (The Privoxy team - www.privoxy.org) [Arquivo não assinado] <==== ATENÇÃO
S2 SoftProvide; C:\Program Files\Softprovide\SoftProvide.exe [502784 2016-07-02] () [Arquivo não assinado] <==== ATENÇÃO
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [396952 2016-03-09] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S2 WeatherChiknSrvr; C:\Program Files\WeatherChickn\WeatherChickn.exe [238592 2016-04-15] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag.sys [23040 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem.sys [27776 2012-07-03] (LG Electronics Inc.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63l.sys [4715008 2015-10-30] (Broadcom Corporation)
R3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [16384 2016-03-07] (Cypress Semiconductor, Inc.)
R1 dfmirage; C:\WINDOWS\system32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R1 ee9318577acb341c78ea748abef8e07a; C:\WINDOWS\system32\drivers\ee9318577acb341c78ea748abef8e07a.sys [68976 2016-06-15] (CNW2LH)
R0 GbpKm; C:\WINDOWS\System32\drivers\gbpkm.sys [46552 2015-04-23] (GAS Tecnologia)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [38512 2015-08-03] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-11-18] (REALiX(tm))
S3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x86_VPN.sys [37704 2016-03-26] (SoftEther Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [295640 2016-03-07] (Realsil Semiconductor Corporation)
R2 SecDrv; C:\WINDOWS\system32\drivers\SECDRV.SYS [163644 2016-05-06] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Arquivo não assinado]
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x86.sys [44368 2016-03-26] (SoftEther Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [35432 2016-03-07] (Synaptics Incorporated)
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [23296 2016-02-01] (AAA Internet Publishing, Inc.)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65768 2016-05-18] (Wellbia.com)
S3 xspirit; C:\WINDOWS\xspirit.sys [73576 2015-12-25] ()
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2015-10-30] (Marvell)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-18 11:05 - 2016-07-18 11:06 - 00021229 _____ C:\Users\Rhyan\Desktop\FRST.txt
2016-07-18 11:05 - 2016-07-18 11:05 - 00000000 ____D C:\FRST
2016-07-18 11:04 - 2016-07-18 11:05 - 01741824 _____ (Farbar) C:\Users\Rhyan\Desktop\FRST.exe
2016-07-13 13:55 - 2016-07-02 01:37 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-07-13 13:55 - 2016-07-02 01:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-07-06 19:31 - 2016-07-06 19:40 - 70087104 _____ (Microsoft Corporation) C:\Users\Rhyan\Desktop\NDP451-KB2858728-x86-x64-AllOS-ENU.exe
2016-07-06 19:29 - 2016-07-06 19:30 - 06503984 _____ (Microsoft Corporation) C:\Users\Rhyan\Desktop\vcredist_x86.exe
2016-07-06 19:14 - 2016-07-06 19:48 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\EloBuddy
2016-07-06 19:12 - 2016-07-06 19:13 - 03389620 _____ C:\Users\Rhyan\Downloads\EloBuddy.Loader.Complete (1).zip
2016-07-06 13:50 - 2016-07-17 19:29 - 00000000 ____D C:\Users\Rhyan\Desktop\elobuddy
2016-07-06 13:49 - 2016-07-06 13:49 - 03389620 _____ C:\Users\Rhyan\Downloads\EloBuddy.Loader.Complete.zip
2016-07-02 00:07 - 2016-07-02 00:08 - 00000000 ____D C:\Users\Rhyan\AppData\Local\NetBar
2016-07-02 00:04 - 2016-07-02 00:07 - 00000000 ____D C:\Program Files\Softprovide
2016-07-02 00:04 - 2016-07-02 00:04 - 00000000 ____D C:\Program Files\NetBar
2016-07-01 16:15 - 2016-07-01 16:15 - 00291328 _____ C:\Users\Rhyan\AppData\Roaming\abracadabra_2093.exe
2016-06-30 17:41 - 2016-06-30 17:41 - 00001296 _____ C:\Users\Public\Desktop\Wise Memory Optimizer.lnk
2016-06-30 17:41 - 2016-06-30 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer
2016-06-30 15:45 - 2016-06-30 15:45 - 00002656 _____ C:\Users\Rhyan\Downloads\slitherio-plugin.user.js
2016-06-30 15:42 - 2016-06-30 15:42 - 00055539 _____ C:\Users\Rhyan\Downloads\bot.user.js
2016-06-30 15:42 - 2016-06-30 15:42 - 00055539 _____ C:\Users\Rhyan\Downloads\bot (1).user.js
2016-06-30 14:03 - 2016-06-30 14:03 - 00128571 _____ C:\Users\Rhyan\Desktop\fatura_vivo_0416.pdf
2016-06-30 14:02 - 2016-06-30 14:02 - 00125625 _____ C:\Users\Rhyan\Desktop\fatura_vivo_0516.pdf
2016-06-30 13:59 - 2016-06-30 13:59 - 00044566 _____ C:\Users\Rhyan\Desktop\https___meuvivo.vivo.com.br_meuvivo_portlets_servicos_gerencieSuaFatura_gerencieSuaFaturaPopUpImpressaoSemImg.pdf
2016-06-29 17:30 - 2016-06-29 17:30 - 00001071 _____ C:\Users\Public\Desktop\EloBuddy.lnk
2016-06-29 17:30 - 2016-06-29 17:30 - 00000046 _____ C:\Users\Public\Desktop\Visit EloBuddy Website.url
2016-06-29 17:29 - 2016-06-29 17:29 - 03026432 _____ C:\Users\Rhyan\AppData\Roaming\svchost.exe
2016-06-27 17:57 - 2016-06-27 17:57 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\Wise Care 365
2016-06-27 17:55 - 2016-07-11 13:35 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\Wise Game Booster
2016-06-27 17:55 - 2016-06-30 17:41 - 00000000 ____D C:\Program Files\Wise
2016-06-27 17:55 - 2016-06-27 17:55 - 00001245 _____ C:\Users\Public\Desktop\Wise Game Booster.lnk
2016-06-27 17:55 - 2016-06-27 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Game Booster
2016-06-27 17:54 - 2016-06-27 17:54 - 00000566 _____ C:\Users\Rhyan\Documents\cc_20160627_175435.reg
2016-06-27 17:52 - 2016-06-27 17:52 - 00001030 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-27 17:52 - 2016-06-27 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-27 17:52 - 2016-06-27 17:52 - 00000000 ____D C:\Program Files\CCleaner
2016-06-27 17:51 - 2015-01-20 00:57 - 00000000 ____D C:\Users\Rhyan\Desktop\Como Aumentar o FPS em Qualquer Jogo (MEGA PACK - TxTutors)
2016-06-27 17:46 - 2016-06-27 17:51 - 07173486 _____ C:\Users\Rhyan\Desktop\Como Aumentar o FPS em Qualquer Jogo (MEGA PACK - TxTutors).rar
2016-06-27 15:47 - 2016-06-27 15:47 - 00001042 _____ C:\Users\Public\Desktop\GamePower.lnk
2016-06-27 15:47 - 2016-06-27 15:47 - 00000000 ____D C:\Users\Rhyan\AppData\Local\Tecno_Clique
2016-06-27 15:47 - 2016-06-27 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamePower
2016-06-25 19:53 - 2016-06-25 19:53 - 00002175 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-06-25 19:53 - 2016-06-25 19:53 - 00000000 ____D C:\WINDOWS\IObit
2016-06-25 00:05 - 2016-06-25 00:05 - 02049556 _____ C:\Users\Rhyan\AppData\Roaming\sb250.dat
2016-06-25 00:05 - 2016-06-25 00:05 - 00350720 _____ C:\Users\Rhyan\AppData\Roaming\Setup438.exe
2016-06-25 00:05 - 2016-06-25 00:05 - 00000000 ____D C:\Users\Rhyan\AppData\Local\Setup615793734
2016-06-24 17:03 - 2016-06-24 17:03 - 00000000 ____D C:\Users\Rhyan\Downloads\Rocket_League-FLT
2016-06-23 20:41 - 2016-06-23 20:44 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\SmartSteamEmu
2016-06-23 19:16 - 2016-06-23 19:47 - 231999012 ____R C:\Users\Rhyan\Downloads\Stranded.Deep.Patch.0.04.E1.Experimental.x86.zip
2016-06-19 10:08 - 2016-06-21 21:31 - 00000000 ____D C:\Users\Rhyan\Desktop\Pack de videos de zueira 2 !
2016-06-19 10:03 - 2016-06-19 10:06 - 46066434 _____ C:\Users\Rhyan\Desktop\Pack de videos de zueira 2 !.rar
2016-06-19 09:54 - 2016-06-19 09:54 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\Publish Providers
2016-06-19 09:53 - 2016-06-19 09:53 - 00002704 _____ C:\Users\Rhyan\Documents\Register Movie Studio Platinum.htm
2016-06-19 09:49 - 2016-06-21 21:32 - 00000000 ____D C:\Users\Rhyan\Documents\Movie Studio Platinum 13.0 Projects
2016-06-19 09:45 - 2016-06-19 09:45 - 00001295 _____ C:\Users\Public\Desktop\Movie Studio Platinum 13.0.lnk
2016-06-19 09:45 - 2016-06-19 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-19 09:44 - 2016-06-19 09:49 - 00000000 ____D C:\Users\Rhyan\AppData\Local\Sony
2016-06-19 09:44 - 2016-06-19 09:44 - 00000000 ____D C:\Users\Todos os Usuários\Sony
2016-06-19 09:44 - 2016-06-19 09:44 - 00000000 ____D C:\ProgramData\Sony
2016-06-19 09:44 - 2016-06-19 09:44 - 00000000 ____D C:\Program Files\Sony
2016-06-19 09:43 - 2016-06-19 09:54 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\Sony
2016-06-19 09:42 - 2015-05-15 12:26 - 00000000 ____D C:\Users\Rhyan\Desktop\Sony Vegas Pro 13 (32 bits)
2016-06-19 09:40 - 2016-06-19 09:41 - 341812161 _____ C:\Users\Rhyan\Desktop\Sony Vegas Pro 13 (32 bits).rar

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-18 11:05 - 2016-05-06 12:03 - 00000342 _____ C:\WINDOWS\Tasks\{5B7E9E9B-D042-FF6B-B145-718A2729FA67}.job
2016-07-18 10:08 - 2016-05-10 19:03 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-18 04:05 - 2015-10-30 02:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-18 03:36 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-18 03:35 - 2016-05-10 19:03 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-18 03:35 - 2016-03-11 00:22 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-07-18 03:34 - 2016-02-13 09:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-18 03:30 - 2016-05-06 00:55 - 00000000 ____D C:\Users\Rhyan
2016-07-18 03:30 - 2015-10-30 02:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-17 23:44 - 2015-08-02 21:44 - 00000282 _____ C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job
2016-07-17 13:24 - 2014-11-17 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-07-17 13:23 - 2014-11-17 17:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-07-16 12:30 - 2015-10-30 02:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-13 20:22 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-13 13:41 - 2014-11-18 00:17 - 141983760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-13 13:41 - 2014-11-18 00:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-11 20:45 - 2016-04-26 20:26 - 00000000 ____D C:\Users\Rhyan\Documents\MKJogo
2016-07-11 15:05 - 2015-01-17 19:46 - 00000217 _____ C:\Users\Rhyan\AppData\Roaming\WB.CFG
2016-07-09 14:09 - 2016-04-22 00:02 - 00000000 ____D C:\Program Files\Icoon
2016-07-09 14:08 - 2015-08-18 15:44 - 00000000 ____D C:\WINDOWS\system32\SupportAppXL
2016-07-09 14:08 - 2014-12-16 11:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-07-08 16:01 - 2015-10-30 02:47 - 00000000 ____D C:\WINDOWS\INF
2016-07-06 21:39 - 2014-11-17 19:11 - 00400552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-06 19:00 - 2014-12-14 23:08 - 00000000 ____D C:\Users\Rhyan\AppData\Roaming\uTorrent
2016-06-30 15:20 - 2016-02-13 08:55 - 00785640 _____ C:\WINDOWS\system32\prfh0416.dat
2016-06-30 15:20 - 2016-02-13 08:55 - 00154426 _____ C:\WINDOWS\system32\prfc0416.dat
2016-06-30 15:20 - 2015-08-01 16:30 - 01819278 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-27 16:34 - 2014-11-29 00:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-27 15:59 - 2016-05-06 23:07 - 00000000 ____D C:\Program Files\Steam
2016-06-25 19:53 - 2015-11-18 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-25 18:02 - 2015-05-22 10:06 - 00000000 ____D C:\Users\Rhyan\Desktop\Stranded.Deep.Patch.0.04.E1.Experimental.x86
2016-06-23 19:17 - 2016-06-15 22:12 - 00000000 ____D C:\Users\Rhyan\Desktop\coisas
2016-06-23 18:48 - 2014-11-29 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 14:04 - 2016-04-01 20:35 - 00000000 ____D C:\Users\Rhyan\Desktop\REPLAY
2016-06-20 13:38 - 2016-04-11 23:34 - 00002087 _____ C:\Users\Rhyan\Desktop\chrome - Atalho.lnk
2016-06-18 11:54 - 2015-10-30 02:48 - 00000000 ____D C:\WINDOWS\rescache

==================== Arquivos na raiz de alguns diretórios =======

2015-08-29 20:03 - 2015-08-29 20:03 - 0000000 _____ () C:\Users\Rhyan\AppData\Roaming\1375.tmp
2015-08-26 20:01 - 2015-08-26 20:01 - 0000000 _____ () C:\Users\Rhyan\AppData\Roaming\3B8.tmp
2015-08-27 20:01 - 2015-08-27 20:01 - 0000000 _____ () C:\Users\Rhyan\AppData\Roaming\9AEC.tmp
2016-07-01 16:15 - 2016-07-01 16:15 - 0291328 _____ () C:\Users\Rhyan\AppData\Roaming\abracadabra_2093.exe
2015-08-02 17:44 - 2015-08-02 17:44 - 0000000 _____ () C:\Users\Rhyan\AppData\Roaming\AE59.tmp
2015-07-13 09:32 - 2015-07-13 09:49 - 0470528 _____ () C:\Users\Rhyan\AppData\Roaming\app01
2015-08-28 20:00 - 2015-08-28 20:00 - 0000000 _____ () C:\Users\Rhyan\AppData\Roaming\BAD1.tmp
2016-04-18 19:00 - 2016-04-18 19:05 - 0001347 _____ () C:\Users\Rhyan\AppData\Roaming\Bubble Dock.boostrap.log
2016-04-18 19:01 - 2016-04-18 19:03 - 0005713 _____ () C:\Users\Rhyan\AppData\Roaming\Bubble Dock.installation.log
2015-07-05 23:10 - 2015-07-05 23:18 - 0002813 _____ () C:\Users\Rhyan\AppData\Roaming\droid4xinstaller.log
2015-07-13 09:32 - 2015-07-13 09:49 - 0000551 _____ () C:\Users\Rhyan\AppData\Roaming\maouse.tt
2016-06-09 12:43 - 2016-06-09 12:43 - 2042704 _____ () C:\Users\Rhyan\AppData\Roaming\NetBar.exe
2015-07-05 02:53 - 2015-07-05 02:53 - 0045270 _____ () C:\Users\Rhyan\AppData\Roaming\room_v3.dat
2016-05-29 00:06 - 2016-05-29 00:06 - 2049556 _____ () C:\Users\Rhyan\AppData\Roaming\sb156.dat
2016-06-25 00:05 - 2016-06-25 00:05 - 2049556 _____ () C:\Users\Rhyan\AppData\Roaming\sb250.dat
2016-05-12 00:04 - 2016-05-12 00:04 - 3064852 _____ () C:\Users\Rhyan\AppData\Roaming\sb921.dat
2016-05-12 00:03 - 2016-05-12 00:04 - 0406528 _____ () C:\Users\Rhyan\AppData\Roaming\Setup339.exe
2016-06-25 00:05 - 2016-06-25 00:05 - 0350720 _____ () C:\Users\Rhyan\AppData\Roaming\Setup438.exe
2016-05-29 00:06 - 2016-05-29 00:06 - 0384000 _____ () C:\Users\Rhyan\AppData\Roaming\Setup480.exe
2016-06-29 17:29 - 2016-06-29 17:29 - 3026432 _____ () C:\Users\Rhyan\AppData\Roaming\svchost.exe
2015-01-17 19:46 - 2016-07-11 15:05 - 0000217 _____ () C:\Users\Rhyan\AppData\Roaming\WB.CFG
2016-04-18 19:00 - 2016-04-18 19:00 - 0000097 _____ () C:\Users\Rhyan\AppData\Roaming\WindApp.boostrap.log
2016-04-18 19:03 - 2016-04-18 19:03 - 0000030 _____ () C:\Users\Rhyan\AppData\Roaming\WindApp.installation.log
2015-04-23 20:11 - 2015-07-15 22:34 - 0005632 _____ () C:\Users\Rhyan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-03 19:16 - 2016-02-20 14:59 - 0007597 _____ () C:\Users\Rhyan\AppData\Local\Resmon.ResmonCfg
2016-01-13 18:20 - 2016-01-13 18:22 - 0000000 _____ () C:\Users\Rhyan\AppData\Local\{23BB40AF-4209-4E21-9640-61A7E9D02D98}
2015-03-11 15:44 - 2015-03-11 15:44 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-01-18 19:30 - 2015-01-18 19:30 - 0000227 _____ () C:\ProgramData\bc.ini
2015-04-23 14:02 - 2015-04-23 14:02 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{5B7E9E9B-D042-FF6B-B145-718A2729FA67}.job


Alguns arquivos em TEMP:
====================
C:\Users\Rhyan\AppData\Local\Temp\GPUpd5781BA500.exe
C:\Users\Rhyan\AppData\Local\Temp\GPUpd5789586C0.exe
C:\Users\Rhyan\AppData\Local\Temp\libeay32.dll
C:\Users\Rhyan\AppData\Local\Temp\msvcr120.dll
C:\Users\Rhyan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

Publicité


Signaler le contenu de ce document

Publicité