cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 20-07-2016
Executado por Sandro (administrador) em SANDRO-PC (22-07-2016 13:35:07)
Executando a partir de C:\Users\Sandro\Desktop
Perfis Carregados: Sandro (Perfis Disponíveis: Sandro & XD & Convidado)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe
(Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.7.0.76\ns.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\Program Files\WeatherTool\2.0.1.11170\WeatherService.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.7.0.76\ns.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files\WeatherTool\2.0.1.11170\weather.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATINYE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.7.0.76\conathst.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TARNNYE.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATINYE.EXE [262208 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 200.222.122.134 200.222.123.101
Tcpip\..\Interfaces\{1E887E0F-E5D1-472B-96FE-648CC8495890}: [DhcpNameServer] 200.222.145.86 200.165.132.148
Tcpip\..\Interfaces\{DC6EC263-B33C-420D-B937-79E30EAA2F67}: [DhcpNameServer] 200.222.122.134 200.222.123.101

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=cc09486c294afe50ce21cf432006428c
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=cc09486c294afe50ce21cf432006428c
HKU\S-1-5-21-4107552473-984687094-1905581623-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1392746195&from=cor&uid=ST3750640NS_5QD3ZL22XXXX5QD3ZL22&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4107552473-984687094-1905581623-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-4107552473-984687094-1905581623-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
SearchScopes: HKU\S-1-5-21-4107552473-984687094-1905581623-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-4107552473-984687094-1905581623-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=oem&geo=BR&ver=22&locale=pt_BR&gct=kwd&qsrc=2869
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-4107552473-984687094-1905581623-1000 -> Sem Nome - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Nenhum Arquivo
Toolbar: HKU\S-1-5-21-4107552473-984687094-1905581623-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sandro\AppData\Roaming\Mozilla\Firefox\Profiles\4qoxlfzs.default
FF Homepage: hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=cc09486c294afe50ce21cf432006428c
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-08-02] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin: @raidcall.br/RCplugin -> C:\Users\Sandro\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-02-19] (Raidcall)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4107552473-984687094-1905581623-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sandro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-06-19] (Unity Technologies ApS)
FF Extension: Video DownloadHelper - C:\Users\Sandro\AppData\Roaming\Mozilla\Firefox\Profiles\4qoxlfzs.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-06-19]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.6.0.142\coFFAddon [2016-07-08]
FF HKU\S-1-5-21-4107552473-984687094-1905581623-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => não encontrado (a)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Ask Search
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Battlefield Heroes) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-11-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-07-02]
CHR Extension: (Área de trabalho remota do Google Chrome) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-06-11]
CHR Extension: (CS Portatil) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjmmglgcgipmpfmablliiooebiiollim [2014-12-08]
CHR Extension: (Skype) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Ask Search) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmphonkbjeofadodnimkgdghlglkamol [2015-01-23]
CHR Extension: (Free Games Zone) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\oppjbdkgpfhhllancffaoaemplhkngoc [2015-01-23]
CHR Profile: C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Norton Security Toolbar) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-07-09]
CHR Extension: (Norton Identity Safe) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-07-09]
CHR Extension: (Skype) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-07-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-09]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.7.0.76\Exts\Chrome.crx [2016-05-31]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2015-06-04] (Intel Corporation)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [238376 2016-07-20] (EasyAntiCheat Ltd)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [595968 2016-06-03] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [382920 2015-04-22] ()
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1901576 2016-07-20] (LogMeIn Inc.)
S4 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [Arquivo não assinado]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [Arquivo não assinado]
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [274024 2015-06-04] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-07-20] (LogMeIn, Inc.)
R2 NS; C:\Program Files\Norton Security\Engine\22.7.0.76\NS.exe [289080 2016-06-17] (Symantec Corporation)
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1309936 2016-07-17] (Overwolf LTD)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [103368 2015-04-22] ()
R2 TheDesktopWeatherService; C:\Program Files\WeatherTool\2.0.1.11170\WeatherService.exe [142280 2015-12-14] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [382920 2015-04-22] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [60600 2013-10-31] (360.cn)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19608 2012-10-25] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R1 BHDrvx86; C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\BASHDefs\20160718.001\BHDrvx86.sys [1317624 2016-06-01] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-07-03] (BlueStack Systems)
R1 ccSet_NS; C:\Windows\system32\drivers\NS\1607000.04C\ccSetx86.sys [137456 2016-06-02] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [388848 2016-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [124144 2016-06-11] (Symantec Corporation)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2016-06-08] (LogMeIn, Inc.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [530752 2012-08-16] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24896 2012-08-16] (Intel Corporation)
R1 IDSVix86; C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20160721.001\IDSvix86.sys [667352 2016-07-07] (Symantec Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NS\1607000.04C\SRTSP.SYS [626424 2016-07-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NS\1607000.04C\SRTSPX.SYS [42744 2016-06-02] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NS\1607000.04C\SYMEFASI.SYS [1289944 2016-06-02] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [88312 2016-07-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NS\1607000.04C\Ironx86.SYS [230648 2016-06-02] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NS\1607000.04C\SYMNETS.SYS [423152 2016-06-02] (Symantec Corporation)
S3 BdApiUtil; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [X]
S3 BdCameraProtect; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys [X]
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; não ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\SDSDefs\20160707.023\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.6.0.142\Definitions\SDSDefs\20160707.023\NAVEX15.SYS [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-22 13:35 - 2016-07-22 13:35 - 00025404 _____ C:\Users\Sandro\Desktop\FRST.txt
2016-07-22 13:31 - 2016-07-22 13:35 - 00000000 ____D C:\FRST
2016-07-22 13:30 - 2016-07-22 13:30 - 01743872 _____ (Farbar) C:\Users\Sandro\Downloads\FRST.exe
2016-07-22 13:30 - 2016-07-22 13:30 - 01743872 _____ (Farbar) C:\Users\Sandro\Desktop\FRST.exe
2016-07-22 13:25 - 2013-07-30 12:04 - 00001003 _____ C:\Users\Sandro\Desktop\README.txt
2016-07-22 13:24 - 2016-07-22 13:24 - 00003187 _____ C:\Users\Sandro\Downloads\api-ms-win-crt-runtime-l1-1-0 (2).zip
2016-07-22 13:24 - 2016-07-22 13:24 - 00003187 _____ C:\Users\Sandro\Desktop\api-ms-win-crt-runtime-l1-1-0 (2).zip
2016-07-21 23:01 - 2016-04-18 15:00 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-21 22:35 - 2016-07-21 22:35 - 00000000 ____D C:\Windows\system32\SPReview
2016-07-21 22:27 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Users\Sandro\Desktop\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-21 22:26 - 2016-07-21 22:26 - 00013248 _____ C:\Users\Sandro\Downloads\api-ms-win-crt-runtime-l1-1-0 (1).zip
2016-07-21 22:10 - 2016-07-21 22:10 - 04950183 _____ C:\Users\Sandro\Downloads\Dll Fixe files crackeado O Deficiente.rar
2016-07-21 22:10 - 2016-07-21 22:10 - 04950183 _____ C:\Users\Sandro\Downloads\Dll Fixe files crackeado O Deficiente (1).rar
2016-07-21 21:57 - 2016-07-21 21:57 - 00000000 ____D C:\Windows\Sun
2016-07-21 21:53 - 2016-07-21 21:53 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\Sun
2016-07-21 21:53 - 2016-07-21 21:53 - 00000000 ____D C:\Users\Sandro\.oracle_jre_usage
2016-07-21 21:53 - 2016-07-21 21:53 - 00000000 ____D C:\Program Files\Common Files\Java
2016-07-21 21:45 - 2016-07-21 21:46 - 01034556 _____ C:\Users\Sandro\Downloads\Windows6.1-KB2999226-x64.msu
2016-07-21 21:34 - 2016-07-21 21:41 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\DFXCT
2016-07-21 21:34 - 2016-07-21 21:34 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\DLL-files.com
2016-07-21 21:34 - 2016-07-21 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2016-07-21 21:34 - 2016-07-21 21:34 - 00000000 ____D C:\Program Files\DLL-Files.com Client
2016-07-21 21:33 - 2016-07-21 21:33 - 00739904 _____ (Oracle Corporation) C:\Users\Sandro\Downloads\chromeinstall-8u101.exe
2016-07-21 21:28 - 2016-07-21 21:32 - 03785560 _____ (DLL-Files.com Client ) C:\Users\Sandro\Downloads\clientsetup_d-0.exe
2016-07-21 21:28 - 2016-07-21 21:28 - 00013248 _____ C:\Users\Sandro\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-07-21 20:21 - 2016-06-25 12:53 - 00037096 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-21 20:21 - 2016-06-25 12:46 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-21 20:21 - 2016-06-25 12:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-07-21 20:21 - 2016-06-22 10:05 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-21 20:21 - 2016-06-17 10:06 - 01288192 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-21 20:21 - 2016-06-17 10:06 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-21 20:21 - 2016-06-17 10:06 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-21 20:21 - 2016-06-17 10:06 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-21 20:21 - 2016-06-17 10:06 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-21 20:21 - 2016-06-17 10:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-21 20:21 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-07-21 20:21 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-21 17:37 - 2016-07-21 17:37 - 00054163 _____ C:\Users\Sandro\Downloads\Simples (1).pdf
2016-07-21 17:11 - 2016-07-21 17:04 - 00067144 _____ C:\Users\Sandro\Desktop\SJ (17).pdf
2016-07-21 17:09 - 2016-07-21 17:05 - 00054163 _____ C:\Users\Sandro\Desktop\Simples.pdf
2016-07-21 17:07 - 2016-07-21 17:07 - 00067144 _____ C:\Users\Sandro\Downloads\SJ (18).pdf
2016-07-21 17:05 - 2016-07-21 17:05 - 00054163 _____ C:\Users\Sandro\Downloads\Simples.pdf
2016-07-21 17:04 - 2016-07-21 17:04 - 00067144 _____ C:\Users\Sandro\Downloads\SJ (17).pdf
2016-07-20 22:19 - 2016-07-20 22:58 - 00238376 _____ (EasyAntiCheat Ltd) C:\Windows\system32\EasyAntiCheat.exe
2016-07-20 20:34 - 2016-07-20 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-20 20:34 - 2016-07-20 20:34 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2016-07-19 15:06 - 2016-07-20 23:29 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\LogMeIn Hamachi
2016-07-19 15:06 - 2016-07-20 23:29 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-19 15:06 - 2016-07-20 23:29 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-19 15:05 - 2016-07-20 20:34 - 00000856 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-07-16 11:52 - 2016-07-16 11:52 - 00075505 _____ C:\Users\Sandro\Desktop\anexo1_abert_pmce.pdf
2016-07-16 11:51 - 2016-07-16 11:51 - 00287460 _____ C:\Users\Sandro\Desktop\ed_abert_pmce2016.pdf
2016-07-14 13:12 - 2016-07-14 13:12 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-07-14 13:11 - 2016-07-21 19:13 - 00000000 ____D C:\Program Files\Overwolf
2016-07-14 13:11 - 2016-07-21 13:13 - 00000002 _____ C:\END
2016-07-14 13:11 - 2016-07-21 13:13 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2016-07-14 13:11 - 2016-07-14 13:40 - 00000000 ____D C:\Users\Todos os Usuários\Overwolf
2016-07-14 13:11 - 2016-07-14 13:40 - 00000000 ____D C:\ProgramData\Overwolf
2016-07-14 13:07 - 2016-07-19 17:27 - 00000000 ____D C:\Users\Sandro\AppData\Local\Overwolf
2016-07-14 13:05 - 2016-07-14 13:06 - 00914864 _____ (Overwolf Ltd.) C:\Users\Sandro\Downloads\OverwolfInstallerRobocraft.exe
2016-07-12 21:16 - 2016-07-12 21:16 - 00000000 ____D C:\Users\Sandro\AppData\LocalLow\Blizzard Entertainment
2016-07-12 16:19 - 2016-07-12 16:19 - 00178671 _____ C:\Users\Sandro\Desktop\nota 115 mpdf.pdf
2016-07-12 16:12 - 2016-07-12 16:12 - 00178651 _____ C:\Users\Sandro\Desktop\nota 110 mpdf.pdf
2016-07-12 16:11 - 2016-07-12 16:11 - 00178671 _____ C:\Users\Sandro\Desktop\nota 112.pdf
2016-07-12 16:11 - 2016-07-12 16:11 - 00178659 _____ C:\Users\Sandro\Desktop\nota 111 mpdf.pdf
2016-07-12 16:09 - 2016-07-12 16:09 - 00178640 _____ C:\Users\Sandro\Desktop\nota 114 mpdf.pdf
2016-07-12 16:07 - 2016-07-12 16:07 - 00178676 _____ C:\Users\Sandro\Desktop\nota 113 mpdf.pdf
2016-07-10 14:23 - 2016-07-10 14:23 - 00000000 ____D C:\Windows\pss
2016-07-09 18:53 - 2016-07-12 16:21 - 00000000 ____D C:\Users\Sandro\Desktop\bia moreira
2016-07-09 18:14 - 2016-07-09 18:14 - 00002273 _____ C:\Users\Sandro\Desktop\sandro - Chrome.lnk
2016-07-08 14:44 - 2016-07-08 14:44 - 00000000 ____D C:\Users\Todos os Usuários\Google
2016-07-08 14:44 - 2016-07-08 14:44 - 00000000 ____D C:\ProgramData\Google
2016-07-08 14:40 - 2016-07-08 14:41 - 10072064 _____ C:\Users\Sandro\Downloads\chromeremotedesktophost.msi
2016-07-08 14:34 - 2016-07-08 14:34 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2016-07-01 12:52 - 2016-07-01 12:52 - 08364032 _____ C:\Users\Sandro\Downloads\hamachi (1).msi
2016-07-01 12:10 - 2016-07-01 12:10 - 00000000 ____D C:\Users\Todos os Usuários\LogMeIn
2016-07-01 12:10 - 2016-07-01 12:10 - 00000000 ____D C:\ProgramData\LogMeIn
2016-06-27 13:33 - 2016-06-27 13:33 - 00067146 _____ C:\Users\Sandro\Downloads\SJ (16).pdf
2016-06-22 14:25 - 2016-06-22 14:25 - 00167684 _____ C:\Users\Sandro\Downloads\Resumo_Faturamento_-_11%2f2015.zip
2016-06-21 21:49 - 2016-06-21 21:49 - 00000000 ____D C:\Users\Sandro\Downloads\Nengo Vieira - Avivamente Ao Vivo (2011)
2016-06-21 21:32 - 2016-06-21 21:41 - 127400126 _____ C:\Users\Sandro\Downloads\Pantera_1992_Vulgar_Display_Of_Power.rar
2016-06-21 21:05 - 2016-06-21 21:05 - 00000000 ____D C:\Users\Sandro\Downloads\(2002) rodox - estreito
2016-06-21 20:59 - 2016-06-21 21:02 - 41042066 _____ C:\Users\Sandro\Downloads\(2002) rodox - estreito.rar
2016-06-21 20:52 - 2016-06-21 20:53 - 00000000 ____D C:\Users\Sandro\Downloads\Day of Fire - Cut & Move
2016-06-20 07:59 - 2016-06-20 07:59 - 00000973 _____ C:\Windows\system32\O estágio 3 ocorre nas mitocôndrias a partir da quebra oxidativa das moléculas nutritivas como grupamento acetil em acetil COA esta ligado a coenzima A por uma ligação de alta energia facil.lnk
2016-06-19 13:56 - 2016-06-19 13:58 - 09776118 _____ C:\Users\Sandro\Downloads\CraftLandiaMG.zip
2016-06-19 13:50 - 2016-06-19 13:52 - 09776118 _____ C:\Users\Sandro\Downloads\craftlandia152 (1).zip
2016-06-19 12:40 - 2016-06-19 12:40 - 09776118 _____ C:\Users\Sandro\Downloads\craftlandia.zip
2016-06-19 11:16 - 2016-06-19 14:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-15 18:26 - 2016-06-15 18:26 - 00000000 ____D C:\Users\Sandro\AppData\LocalLow\Hyper Hippo Productions Ltd_
2016-06-11 18:35 - 2016-07-08 12:45 - 00002186 _____ C:\Users\Public\Desktop\Norton Security.lnk
2016-06-11 18:35 - 2016-07-08 10:21 - 00088312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2016-06-11 18:35 - 2016-07-08 10:21 - 00008234 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2016-06-11 18:35 - 2016-06-12 13:39 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-06-11 18:27 - 2016-07-08 12:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2016-06-11 18:27 - 2016-07-08 12:45 - 00000000 ____D C:\Windows\system32\Drivers\NS
2016-06-11 18:27 - 2016-06-11 18:27 - 00000000 ____D C:\Program Files\Norton Security
2016-06-08 10:56 - 2016-06-08 10:56 - 00027040 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2016-06-04 17:46 - 2012-08-30 11:57 - 721924096 _____ C:\Users\Sandro\Desktop\F0m0s.H3r01s.DVDRip.Dublado.avi
2016-06-04 17:44 - 2012-08-30 11:57 - 721924096 _____ C:\Users\Sandro\Downloads\F0m0s.H3r01s.DVDRip.Dublado.avi
2016-06-04 10:17 - 2016-07-10 14:17 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\IDM
2016-06-04 10:17 - 2016-06-19 16:44 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-06-04 10:17 - 2016-06-19 12:28 - 00000000 ____D C:\Users\Sandro\Downloads\Compressed
2016-06-04 10:17 - 2016-06-19 09:16 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\DMCache
2016-06-04 10:17 - 2016-06-04 10:17 - 00000000 ____D C:\Users\Todos os Usuários\IDM
2016-06-04 10:17 - 2016-06-04 10:17 - 00000000 ____D C:\Users\Sandro\Downloads\Video
2016-06-04 10:17 - 2016-06-04 10:17 - 00000000 ____D C:\ProgramData\IDM
2016-06-04 10:16 - 2016-06-04 10:16 - 06849864 _____ (Tonec Inc.) C:\Users\Sandro\Downloads\idman625build20.exe
2016-06-04 09:44 - 2016-06-04 11:03 - 721924186 _____ C:\Users\Sandro\Downloads\F0m0s.H3r01s.DVDRip.Dublado.rar
2016-05-30 21:54 - 2016-07-13 18:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-30 21:54 - 2016-05-30 21:54 - 00000000 ____D C:\Program Files\Adobe
2016-05-29 17:43 - 2016-05-29 17:43 - 00067086 _____ C:\Users\Sandro\Downloads\SJ (15).pdf
2016-05-27 16:00 - 2016-07-12 16:44 - 00000000 ____D C:\Users\Sandro\AppData\Local\Warframe
2016-05-24 16:20 - 2016-05-24 16:44 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\WizardWars
2016-05-24 16:19 - 2016-05-24 16:19 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-24 16:19 - 2016-05-24 16:19 - 00000000 ____D C:\Program Files\AGEIA Technologies
2016-05-20 11:37 - 2016-05-20 11:37 - 00024335 _____ C:\Users\Sandro\Downloads\DAS-042016.pdf
2016-05-17 22:59 - 2016-05-17 22:59 - 00000000 ____D C:\Users\Sandro\AppData\LocalLow\Smartly Dressed Games
2016-05-14 19:10 - 2016-05-14 19:10 - 00000000 ____D C:\Users\Sandro\Desktop\Pos Encontro
2016-05-14 18:55 - 2016-05-14 18:55 - 00100428 _____ C:\Users\Sandro\Downloads\Pu00F3s-Encontro%20Instrumental (1).pdf
2016-05-14 18:49 - 2016-05-14 18:49 - 00089218 _____ C:\Users\Sandro\Downloads\L4%20Como%20Posso%20Deter%20Satanu00E1s (1).pdf
2016-05-14 18:45 - 2016-05-14 18:45 - 00100428 _____ C:\Users\Sandro\Downloads\Pu00F3s-Encontro%20Instrumental.pdf
2016-05-14 18:45 - 2016-05-14 18:45 - 00089218 _____ C:\Users\Sandro\Downloads\L4%20Como%20Posso%20Deter%20Satanu00E1s.pdf
2016-05-14 18:45 - 2016-05-14 18:45 - 00074401 _____ C:\Users\Sandro\Downloads\L1%20A%20Importancia%20do%20Pu00F3s-Encontro-1.pdf
2016-05-14 18:45 - 2016-05-14 18:45 - 00042250 _____ C:\Users\Sandro\Downloads\L3%20As%20u00C1reas%20de%20Contra-ataque.pdf
2016-05-12 19:41 - 2016-05-12 19:41 - 00000000 ____D C:\Users\Sandro\AppData\LocalLow\Freejam
2016-05-12 18:29 - 2016-05-12 18:29 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\com.freakinware.wormis
2016-05-10 18:46 - 2016-05-10 18:47 - 13624832 _____ C:\Users\Sandro\Downloads\Aula 09 - Tecido Epitelial.ppt
2016-05-04 15:32 - 2016-05-04 15:32 - 00000000 ____D C:\Users\Sandro\AppData\LocalLow\DefaultCompany
2016-05-04 15:31 - 2016-05-04 16:59 - 00000000 ____D C:\Users\Sandro\Documents\New Unity Project
2016-05-02 20:48 - 2016-05-04 15:32 - 00000000 ____D C:\Users\Todos os Usuários\Unity
2016-05-02 20:48 - 2016-05-04 15:32 - 00000000 ____D C:\ProgramData\Unity
2016-04-30 12:30 - 2016-04-30 12:30 - 00000000 ____D C:\Program Files\GtkSharp
2016-04-30 12:28 - 2016-04-30 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.4f1 (32-bit)
2016-04-30 11:56 - 2016-04-30 11:56 - 00668744 _____ C:\Users\Sandro\Downloads\UnityDownloadAssistant-5.3.4f1 (2).exe
2016-04-30 11:52 - 2016-04-30 11:52 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\MonoDevelop-Unity-2.8
2016-04-30 11:52 - 2016-04-30 11:52 - 00000000 ____D C:\Users\Sandro\AppData\Local\MonoDevelop-Unity-2.8
2016-04-30 11:50 - 2016-04-30 11:50 - 00668744 _____ C:\Users\Sandro\Downloads\UnityDownloadAssistant-5.3.4f1 (1).exe
2016-04-29 17:10 - 2016-04-29 17:10 - 00668744 _____ C:\Users\Sandro\Downloads\UnityDownloadAssistant-5.3.4f1.exe
2016-04-29 16:38 - 2016-04-29 17:08 - 00000000 ____D C:\Users\Todos os Usuários\PACE Anti-Piracy
2016-04-29 16:38 - 2016-04-29 17:08 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\PACE Anti-Piracy
2016-04-29 16:38 - 2016-04-29 17:08 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2016-04-29 16:38 - 2016-04-29 16:38 - 00000000 ____D C:\Users\Sandro\AppData\Local\PACE Anti-Piracy
2016-04-29 16:38 - 2016-04-29 16:38 - 00000000 ____D C:\Program Files\Common Files\PACE Anti-Piracy
2016-04-29 16:30 - 2016-04-30 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2016-04-29 16:30 - 2016-04-29 16:30 - 00000000 ____D C:\Users\Public\Documents\Unity Projects
2016-04-29 16:25 - 2016-04-30 12:29 - 00000000 ____D C:\Program Files\Unity
2016-04-29 14:42 - 2016-04-29 16:16 - 533266928 _____ (Unity Technologies ApS) C:\Users\Sandro\Downloads\UnitySetup-3.5.2.exe
2016-04-28 15:54 - 2016-04-28 15:54 - 00067146 _____ C:\Users\Sandro\Downloads\DAS 29042016 SJ (15).pdf
2016-04-23 12:09 - 2016-07-09 18:02 - 00000000 ____D C:\Users\Sandro\Desktop\tava na area de trabalho (1)
2016-04-23 12:07 - 2013-09-30 20:45 - 00001613 _____ C:\Users\Sandro\Desktop\Play League of Legends.lnk

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-22 13:28 - 2013-08-01 11:49 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-22 13:24 - 2014-06-30 18:15 - 00000000 ____D C:\Users\Sandro\Desktop\sandro
2016-07-22 13:17 - 2015-10-13 18:17 - 00000919 _____ C:\Windows\Tasks\EPSON L365 Series Update {DA0833F8-5449-49F2-9DD8-9A877CB923C1}.job
2016-07-22 13:11 - 2014-07-22 19:56 - 00000000 ____D C:\Program Files\BlueStacks
2016-07-22 12:36 - 2013-08-01 18:02 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-22 11:29 - 2015-12-29 19:49 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\WeatherTool
2016-07-22 10:28 - 2013-08-01 11:49 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-22 09:55 - 2009-07-14 01:34 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-22 09:55 - 2009-07-14 01:34 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-22 09:45 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\AppCompat
2016-07-22 09:42 - 2015-07-26 22:44 - 00000000 __SHD C:\Users\Sandro\IntelGraphicsProfiles
2016-07-22 09:42 - 2015-07-18 22:37 - 00000000 ____D C:\Program Files\Steam
2016-07-22 09:42 - 2013-10-30 21:07 - 00000000 ____D C:\Users\Sandro\AppData\Local\LogMeIn Hamachi
2016-07-22 09:41 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-21 22:47 - 2015-10-13 18:03 - 00000000 ____D C:\Program Files\epson
2016-07-21 21:54 - 2014-08-26 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-21 21:54 - 2013-08-07 15:38 - 00000000 ____D C:\Program Files\Java
2016-07-21 21:53 - 2013-08-01 11:45 - 00000000 ____D C:\Users\Sandro
2016-07-21 21:52 - 2014-08-31 18:44 - 00269888 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-07-21 21:52 - 2014-08-31 18:44 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-07-21 21:11 - 2014-12-10 10:22 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-21 21:11 - 2014-07-09 00:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-07-21 20:51 - 2013-08-13 23:04 - 00000000 ____D C:\Windows\system32\MRT
2016-07-21 20:37 - 2015-07-18 23:11 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-21 20:22 - 2013-08-05 11:52 - 141983760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-21 19:47 - 2015-05-20 20:08 - 00000000 ____D C:\Program Files\Heroes of the Storm
2016-07-21 19:47 - 2014-03-05 19:01 - 00000000 ____D C:\Program Files\Battle.net
2016-07-21 19:46 - 2015-07-26 12:10 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-21 19:46 - 2015-07-26 12:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-21 19:45 - 2014-03-05 19:01 - 00000000 ____D C:\Users\Sandro\AppData\Local\Battle.net
2016-07-20 18:46 - 2015-01-03 14:06 - 00000151 _____ C:\Windows\PhotoSnapViewer.INI
2016-07-20 12:08 - 2013-12-06 16:34 - 00027040 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-07-19 15:16 - 2015-07-26 10:45 - 00000000 ____D C:\Program Files\World of Warcraft
2016-07-18 21:11 - 2014-03-05 19:34 - 00000000 ____D C:\Program Files\Hearthstone
2016-07-17 10:19 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-07-15 11:36 - 2013-08-01 18:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-07-15 11:36 - 2013-08-01 18:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-07-12 22:30 - 2013-08-01 11:49 - 00000000 ____D C:\Program Files\Google
2016-07-12 20:36 - 2013-08-01 18:02 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 12:28 - 2015-09-10 10:33 - 00000000 ____D C:\Users\Sandro\Desktop\documentos de baixaempresa wesley
2016-07-10 14:17 - 2015-04-12 21:05 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\uTorrent
2016-07-10 14:17 - 2014-07-21 20:37 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\Media Player Classic
2016-07-10 14:17 - 2013-08-05 12:15 - 00000000 ____D C:\Users\Sandro\AppData\Local\CrashDumps
2016-07-10 10:09 - 2015-07-17 20:15 - 00000000 ____D C:\Users\Sandro\AppData\Roaming\Curse Client
2016-07-09 20:56 - 2014-03-09 14:51 - 13414400 ___SH C:\Users\Sandro\Desktop\Thumbs.db
2016-07-09 17:56 - 2014-06-16 11:30 - 00000000 ____D C:\Users\Sandro\Desktop\notas da normatel
2016-07-08 13:58 - 2013-09-18 09:36 - 00000000 ____D C:\Users\Sandro\Desktop\sandra
2016-07-06 13:18 - 2015-10-13 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-07-06 10:07 - 2014-01-27 20:42 - 00000000 ____D C:\Users\Sandro\AppData\Local\ElevatedDiagnostics
2016-07-06 10:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-07-04 12:03 - 2015-07-18 22:37 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-07-02 14:32 - 2016-03-23 16:15 - 00000097 _____ C:\Users\Sandro\AppData\Roaming\LauncherSettings_live.cfg

==================== Arquivos na raiz de alguns diretórios =======

2016-03-23 16:15 - 2016-07-02 14:32 - 0000097 _____ () C:\Users\Sandro\AppData\Roaming\LauncherSettings_live.cfg
2016-03-23 13:35 - 2016-03-23 13:35 - 0000039 _____ () C:\Users\Sandro\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-01-27 19:19 - 2014-01-27 19:24 - 0011264 ___SH () C:\Users\Sandro\AppData\Roaming\Thumbs.db
2014-02-18 14:57 - 2014-03-01 11:09 - 0000092 _____ () C:\Users\Sandro\AppData\Roaming\WB.CFG
2013-08-30 20:40 - 2013-09-24 06:49 - 0000119 _____ () C:\Users\Sandro\AppData\Local\ap_UA-24552437-1.txt
2013-08-31 15:11 - 2013-09-23 23:28 - 0000118 _____ () C:\Users\Sandro\AppData\Local\ap_UA-24552437-8.txt
2013-08-01 11:52 - 2013-08-01 11:52 - 0000017 _____ () C:\Users\Sandro\AppData\Local\resmon.resmoncfg
2013-08-01 15:09 - 2013-08-01 15:09 - 0000057 ____N () C:\ProgramData\Ament.ini
2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\FileSplitUpLoad.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-13 17:51

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité