cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-07-2016
Executado por admin (administrador) em ADMIN-PC (21-07-2016 20:29:51)
Executando a partir de C:\Users\admin\Downloads
Perfis Carregados: admin (Perfis Disponíveis: admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 10 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Misty Deposit\Misty Deposit.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11380\CalendarServ.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11380\calendar.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Spotify Ltd) C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [network_smb_linkbucks3rgxw] => "C:\Users\admin\AppData\Local\Temp\\BI_RunOnce.exe" /initurl hxxp://sub.nappee.info/init/N0LB40epA/:uid:? /affid "-" /id "0" /name " " /uniqid N0LB40epA /uuid 03000200-0400-0500-0006-000700080009 /bio (a entrada de dados tem 92 mais caracteres). <===== ATENÇÃO
HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\...\Run: [Chromium] => "c:\users\admin\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-13] (Spotify Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 82.163.142.6 95.211.158.133
Tcpip\..\Interfaces\{899EBFC9-1862-449B-A797-6E00F7E3C9B0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2623976734-2838552711-1810889803-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2623976734-2838552711-1810889803-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: RRepliApp -> {34AE17AE-AF57-4F2C-86C3-ECD6C3AD4E76} -> C:\Program Files (x86)\RRepliApp\EOH1f6WRVCUUQi.x64.dll [2015-08-05] ()
BHO: rockAupps -> {60F66998-01AD-4980-A60F-0885CBC4A0E5} -> C:\Program Files (x86)\rockAupps\d20wrqK8kJqIgc.x64.dll [2015-08-06] ()
BHO: COnvertApps -> {67B643C2-DC82-42B9-93DB-7FAF72B8D3D3} -> C:\Program Files (x86)\COnvertApps\wQrImX8izO1dKa.x64.dll [2015-08-28] ()
BHO: roockApps -> {796A8681-65E2-42C2-805C-3AFCBA63C2C7} -> C:\Program Files (x86)\roockApps\UKCU4kAKjqAsiK.x64.dll [2015-08-06] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: ConovertApps -> {D7212A47-3BC0-4228-A0F4-910C280353F2} -> C:\Program Files (x86)\ConovertApps\lXnAg5OCuproQJ.x64.dll [2015-08-28] ()
BHO-x32: RRepliApp -> {34AE17AE-AF57-4F2C-86C3-ECD6C3AD4E76} -> C:\Program Files (x86)\RRepliApp\EOH1f6WRVCUUQi.dll [2015-08-05] ()
BHO-x32: rockAupps -> {60F66998-01AD-4980-A60F-0885CBC4A0E5} -> C:\Program Files (x86)\rockAupps\d20wrqK8kJqIgc.dll [2015-08-06] ()
BHO-x32: COnvertApps -> {67B643C2-DC82-42B9-93DB-7FAF72B8D3D3} -> C:\Program Files (x86)\COnvertApps\wQrImX8izO1dKa.dll [2015-08-28] ()
BHO-x32: roockApps -> {796A8681-65E2-42C2-805C-3AFCBA63C2C7} -> C:\Program Files (x86)\roockApps\UKCU4kAKjqAsiK.dll [2015-08-06] ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: ConovertApps -> {D7212A47-3BC0-4228-A0F4-910C280353F2} -> C:\Program Files (x86)\ConovertApps\lXnAg5OCuproQJ.dll [2015-08-28] ()
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\k5c961is.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF SelectedSearchEngine: Search Provided by Yahoo
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_21¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0BtD0AyC0B0F0AtCtB0AtN0D0Tzu0StCyDzyyBtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtCtDtN1L1G1B1V1N2Y1L1Qzu2SyByB0CyCtCzyyCtBtGyDtCyCyBtGyE0DyB0EtGyEyC0FyDtGyD0ByE0BtBtDtA0D0FzzyB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByBtA0C0C0EyC0BtG0AyB0B0CtGyE0E0A0BtG0BtC0FzytG0D0AtBtDtA0ByE0Bzz0F0F0E2QtN0A0LzuyE%26cr%3D1302987438%26a%3Dwbf_fs_16_21%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-07-07] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-09-05] (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-12-23] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2623976734-2838552711-1810889803-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\k5c961is.default\searchplugins\Search Provided by Yahoo.xml [2016-05-16]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=SAMSUNGXHD322HJ_S24LJ50SA21626&ts=1380303829
CHR StartupUrls: Default -> "chrome://apps/","hxxp://www.google.com.br/","hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxps://www.google.com.br/","hxxp://www.istartsurf.com/?type=hp&ts=1427581286&from=smt&uid=SAMSUNGXHD322HJ_S24LJ50SA21626","hxxp://www.istartsurf.com/?type=hppp&ts=1427581335&from=smt&uid=SAMSUNGXHD322HJ_S24LJ50SA21626"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-11] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATENÇÃO
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-11] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATENÇÃO
CHR Extension: (Into The Mist) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2015-11-02]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-11] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATENÇÃO
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-21]
CHR Extension: (DownSoave) - C:\ProgramData\lenjdioddmkamnekbpekbfafbhgimehj\ []
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2623976734-2838552711-1810889803-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 26d866bb; c:\Program Files (x86)\SteamHelper\SteamHelper.dll [3100672 2015-08-05] () [Arquivo não assinado]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-07-12] (Hi-Rez Studios) [Arquivo não assinado]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 Misty Deposit; C:\Program Files (x86)\Misty Deposit\Misty Deposit.exe [8016488 2015-07-08] () [Arquivo não assinado] <==== ATENÇÃO
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-09-27] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-09-27] ()
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11380\CalendarServ.exe [153200 2016-05-19] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies, Inc.)
S2 48d9be4d; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\TampaInit\TampaInit.dll",serv
S3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-08] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-16] (Qualcomm Atheros Co., Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-21 20:26 - 2016-07-21 20:29 - 00022472 _____ C:\Users\admin\Downloads\FRST.txt
2016-07-21 20:26 - 2016-07-21 20:27 - 00033136 _____ C:\Users\admin\Downloads\Addition.txt
2016-07-21 20:25 - 2016-07-21 20:29 - 00000000 ____D C:\FRST
2016-07-21 20:25 - 2016-07-21 20:25 - 02393600 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-07-21 20:24 - 2016-07-21 20:24 - 01743872 _____ (Farbar) C:\Users\admin\Downloads\FRST.exe
2016-07-21 20:15 - 2016-07-21 20:15 - 14749120 _____ (Microsoft Corporation) C:\Users\admin\Downloads\vc_redist.x64.exe
2016-07-21 20:13 - 2016-07-21 20:13 - 00000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente de Atualização do Windows 10.lnk
2016-07-21 20:13 - 2016-07-21 20:13 - 00000682 _____ C:\Users\admin\Desktop\Assistente de Atualização do Windows 10.lnk
2016-07-21 20:13 - 2016-07-21 20:13 - 00000000 ____D C:\Windows10Upgrade
2016-07-21 20:07 - 2016-07-21 20:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-07-21 20:01 - 2016-07-21 20:01 - 00001158 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-07-21 20:01 - 2016-07-21 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-07-21 19:58 - 2016-07-21 19:58 - 00000000 ____D C:\Users\admin\AppData\Roaming\Battle.net
2016-07-21 19:46 - 2016-07-21 19:46 - 03012080 _____ (Blizzard Entertainment) C:\Users\admin\Downloads\Battle.net-Setup.exe
2016-07-16 23:39 - 2016-07-16 23:39 - 00072127 _____ C:\Users\admin\Downloads\IMG-20160716-WA0012.jpg.jpeg
2016-07-16 23:34 - 2016-07-16 23:34 - 00053224 _____ C:\Users\admin\Downloads\IMG-20160716-WA0011.jpg.jpeg
2016-07-11 18:47 - 2016-07-11 18:47 - 00074581 _____ C:\Users\admin\Downloads\boleto.pdf
2016-07-11 18:47 - 2016-07-11 18:47 - 00074581 _____ C:\Users\admin\Desktop\boleto.pdf
2016-07-06 22:34 - 2016-07-14 11:42 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-07-06 22:23 - 2016-07-06 22:23 - 00003164 _____ C:\Windows\System32\Tasks\{E7DCB2FE-5746-4A89-A9FD-615808B82EA1}
2016-07-06 19:59 - 2016-07-06 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-07-06 19:42 - 2016-07-06 19:42 - 00016507 _____ C:\Users\admin\Downloads\InstallHiRezSmiteBrazil.exe (1).torrent
2016-07-06 19:20 - 2016-07-06 19:41 - 40938952 _____ C:\Users\admin\Downloads\Não confirmado 316007.crdownload
2016-07-06 19:16 - 2016-07-06 19:16 - 00000000 ___HD C:\$GetCurrent
2016-07-06 19:13 - 2016-07-06 19:16 - 12704906 _____ C:\Users\admin\Downloads\Não confirmado 423984.crdownload
2016-07-06 19:00 - 2016-07-06 19:00 - 00016507 _____ C:\Users\admin\Downloads\InstallHiRezSmiteBrazil.exe.torrent
2016-07-06 18:36 - 2016-07-06 18:36 - 00400944 _____ () C:\Users\admin\Downloads\smite (1).exe
2016-07-06 12:25 - 2016-07-06 12:25 - 51444000 _____ (Hi-Rez Studios) C:\Users\admin\Downloads\InstallSmite.exe
2016-07-02 13:05 - 2016-07-02 13:05 - 00000003 _____ C:\Windows\SysWOW64\HRUPPROG.EXIT
2016-07-02 13:04 - 2016-07-14 11:42 - 00000003 _____ C:\Windows\SysWOW64\HRUPPROG.TXT
2016-07-02 13:00 - 2016-07-02 13:00 - 00400944 _____ () C:\Users\admin\Downloads\smite.exe
2016-07-02 12:59 - 2016-07-02 12:59 - 00043351 _____ C:\Users\admin\Downloads\Tera_Installer.torrent
2016-06-30 18:14 - 2016-06-30 18:14 - 00274288 _____ C:\Windows\Minidump\063016-20500-01.dmp
2016-06-30 18:09 - 2016-06-30 18:09 - 00000000 ____D C:\Program Files (x86)\Errors
2016-06-30 18:08 - 2016-06-30 18:09 - 00000000 ____D C:\Program Files (x86)\Cache
2016-06-29 19:12 - 2016-06-29 19:12 - 00000000 ____D C:\Users\Todos os Usuários\cc7a52aa-69d5-0
2016-06-29 19:12 - 2016-06-29 19:12 - 00000000 ____D C:\ProgramData\cc7a52aa-69d5-0
2016-06-29 18:44 - 2016-06-30 21:12 - 00000000 ____D C:\Program Files (x86)\Data
2016-06-29 18:44 - 2016-06-29 18:44 - 00000000 ____D C:\Program Files (x86)\Interface
2016-06-29 18:41 - 2016-06-29 18:43 - 00000000 ____D C:\Program Files (x86)\Utils
2016-06-29 18:40 - 2016-06-30 18:12 - 00000000 ____D C:\Program Files (x86)\WTF
2016-06-29 18:40 - 2016-06-30 18:01 - 00000000 ____D C:\Program Files (x86)\Updates
2016-06-29 18:35 - 2016-06-29 18:36 - 25841218 _____ (Firestorm ) C:\Users\admin\Downloads\FirestormLauncherSetup.exe
2016-06-27 12:52 - 2016-06-27 12:52 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-06-24 18:39 - 2016-07-20 21:13 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-06-24 18:38 - 2016-07-20 21:04 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-06-24 18:22 - 2016-06-24 18:23 - 05788016 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Windows10Upgrade9194.exe
2016-06-21 01:11 - 2016-06-21 01:11 - 00919500 _____ C:\Users\admin\Downloads\facebook-alexssanderbujak.zip

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-21 20:29 - 2015-01-30 08:27 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-07-21 20:18 - 2009-07-14 01:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-21 20:18 - 2009-07-14 01:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-21 20:16 - 2015-01-25 14:33 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-21 20:16 - 2015-01-25 14:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-21 20:14 - 2016-05-16 17:23 - 00000000 ____D C:\Users\admin\AppData\Roaming\CalendarTool
2016-07-21 20:04 - 2015-01-25 10:51 - 00005002 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for admin-PC-admin admin-PC
2016-07-21 20:01 - 2015-01-30 08:20 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-21 19:55 - 2015-09-23 18:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-21 19:53 - 2015-09-17 17:22 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 19:52 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-21 19:46 - 2015-09-17 17:22 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 18:30 - 2015-01-30 08:23 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-07-21 16:38 - 2015-08-05 22:38 - 00000336 _____ C:\Windows\Tasks\SmartDesign.job
2016-07-18 17:03 - 2015-01-30 08:25 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2016-07-15 17:12 - 2015-08-08 23:41 - 00000000 ____D C:\Program Files (x86)\World of Warcraft Public Test
2016-07-15 17:06 - 2015-01-25 10:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2016-07-12 07:34 - 2010-11-21 06:37 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-07-12 07:34 - 2010-11-21 06:37 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-07-12 07:34 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-12 07:34 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-07 14:24 - 2016-04-30 16:45 - 00000000 ____D C:\Users\admin\Documents\My Games
2016-07-07 14:24 - 2015-01-31 15:18 - 00000000 ____D C:\Users\Todos os Usuários\Hi-Rez Studios
2016-07-07 14:24 - 2015-01-31 15:18 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-07-07 11:39 - 2015-01-25 09:30 - 00405360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-06 22:24 - 2015-01-25 09:45 - 00000000 ____D C:\Users\admin\AppData\Local\Deployment
2016-07-06 19:59 - 2015-01-25 09:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-06 19:01 - 2015-03-20 17:00 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-07-06 18:58 - 2015-10-12 15:31 - 00000000 ____D C:\Users\admin\Documents\LevelUp Data
2016-07-05 11:37 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-02 14:46 - 2015-10-07 10:53 - 00000000 ____D C:\Users\admin\Downloads\addon wow
2016-07-02 13:39 - 2015-02-20 10:50 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-07-02 13:21 - 2015-04-22 23:32 - 00000000 ___RD C:\meus jogos
2016-07-02 13:19 - 2015-01-25 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-07-02 13:13 - 2015-08-15 22:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-30 18:14 - 2016-02-28 15:49 - 735218609 _____ C:\Windows\MEMORY.DMP
2016-06-30 18:14 - 2015-04-07 11:58 - 00000000 ____D C:\Windows\Minidump
2016-06-27 12:52 - 2016-05-16 17:23 - 00000000 ____D C:\Program Files (x86)\CalendarTool

==================== Arquivos na raiz de alguns diretórios =======

2015-07-14 13:02 - 2015-09-29 20:36 - 0000020 _____ () C:\Users\admin\AppData\Roaming\appdataFr2.bin
2015-06-20 11:42 - 2015-08-11 14:20 - 0000024 _____ () C:\Users\admin\AppData\Roaming\appdataFr25.bin
2005-04-07 23:16 - 2005-04-07 23:16 - 0000015 ____H () C:\Users\admin\AppData\Roaming\logs.dat
2015-11-05 13:55 - 2015-11-05 13:55 - 0002048 _____ () C:\Users\admin\AppData\Roaming\ReBot.exe
2015-11-05 14:25 - 2015-11-06 22:27 - 3772782 _____ () C:\Users\admin\AppData\Roaming\SShot.jpg
2015-03-27 07:22 - 2015-03-27 07:22 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Alguns arquivos em TEMP:
====================
C:\Users\admin\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\admin\AppData\Local\Temp\Windows10Upgrade.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-17 09:21

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité