Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-07-2016 02
Executado por Usuario (administrador) em USUARIO-PC (14-07-2016 16:29:49)
Executando a partir de C:\Users\Usuario\Downloads
Perfis Carregados: Usuario (Perfis Disponíveis: Usuario)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Spotify Ltd) C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.23\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.63\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.206\deploy\LolClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [fst_br_187] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\Run: [Spotify Web Helper] => C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-08] (Spotify Ltd)
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-16] (BitTorrent Inc.)
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: {2b393524-3155-11e4-9905-902b34f29346} - E:\setup.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: {3f9a8d34-a639-11e5-b3c9-00e04c4fa03e} - F:\setup.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: {77987708-8d0d-11e2-9565-902b34f29346} - E:\iLinker.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: {8575d444-fd78-11e4-adbc-00e04c4fa03e} - G:\Install_RADStudio.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: {958813fd-23d5-11e6-bdc9-00e04c4fa03e} - G:\setup.exe
HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\MountPoints2: {e1713944-1a8e-11e5-bede-00e04c4fa03e} - G:\setup.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4056CDDC-FF26-47EB-8964-15F4F44A3FFD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55AB0A11-3F85-4D9A-BAB9-7DE8938A3FCF}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_27_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtBzytAyEyC0A0DyByDtN0D0Tzu0SzytCtAtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyEzzyEtAtC0ByCtG0AtA0DyDtG0DyByCtAtGyE0CtBzytGtC0F0CyCyDtB0D0C0Bzz0Fzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDtAyE0Dzz0AtGyByB0FtDtGyEzzzy0BtGtB0E0D0CtGtAyC0D0ByDyD0EtC0C0BtAzy2Q&cr=1417601477&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_27_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtBzytAyEyC0A0DyByDtN0D0Tzu0SzytCtAtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyEzzyEtAtC0ByCtG0AtA0DyDtG0DyByCtAtGyE0CtBzytGtC0F0CyCyDtB0D0C0Bzz0Fzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDtAyE0Dzz0AtGyByB0FtDtGyEzzzy0BtGtB0E0D0CtGtAyC0D0ByDyD0EtC0C0BtAzy2Q&cr=1417601477&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_27_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtBzytAyEyC0A0DyByDtN0D0Tzu0SzytCtAtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyEzzyEtAtC0ByCtG0AtA0DyDtG0DyByCtAtGyE0CtBzytGtC0F0CyCyDtB0D0C0Bzz0Fzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDtAyE0Dzz0AtGyByB0FtDtGyEzzzy0BtGtB0E0D0CtGtAyC0D0ByDyD0EtC0C0BtAzy2Q&cr=1417601477&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_27_ch&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyE0FtBzytAyEyC0A0DyByDtN0D0Tzu0SzytCtAtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyEzzyEtAtC0ByCtG0AtA0DyDtG0DyByCtAtGyE0CtBzytGtC0F0CyCyDtB0D0C0Bzz0Fzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyCyDtAyE0Dzz0AtGyByB0FtDtGyEzzzy0BtGtB0E0D0CtGtAyC0D0ByDyD0EtC0C0BtAzy2Q&cr=1417601477&ir=
SearchScopes: HKU\S-1-5-21-411221051-3532416726-1368279612-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-11-17] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-11-17] (Oracle Corporation)
BHO: Sem Nome -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Nenhum Arquivo
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-11] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-11] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Nenhum Arquivo
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-09] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2015-11-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-11-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-30] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [Nenhum Arquivo]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [Nenhum Arquivo]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [Nenhum Arquivo]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-29] [não assinado]
FF HKU\S-1-5-21-411221051-3532416726-1368279612-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => Nenhum Arquivo
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => Nenhum Arquivo
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll => Nenhum Arquivo
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => Nenhum Arquivo
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR HKLM\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-411221051-3532416726-1368279612-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-411221051-3532416726-1368279612-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - C:\Users\Usuario\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [hacnainihjioklmpbekefnmgolokjlfp] - C:\Program Files (x86)\Windows Service\hacnainihjioklmpbekefnmgolokjlfp.crx <não encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - C:\Users\Usuario\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx <não encontrado (a)>

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [610688 2014-11-05] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.) [Arquivo não assinado]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.) [Arquivo não assinado]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Arquivo não assinado]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4762272 2013-09-01] (INCA Internet Co., Ltd.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Arquivo não assinado]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-01] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2011-03-26] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S4 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2015-07-30] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Stereo Service; "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [X]
S2 Update ToggleMark; "C:\Program Files (x86)\ToggleMark\updateToggleMark.exe" [X]
S2 Util ToggleMark; "C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-16] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-31] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
R1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64; C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gw64.sys [61120 2014-06-09] (StdLib)
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
S3 SNP2STD; system32\DRIVERS\snp2sxp.sys [X]
S3 Spring; \??\C:\Program Files (x86)\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Spring64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va026; \??\C:\Windows\SysWOW64\Drivers\X6va026 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-14 16:29 - 2016-07-14 16:30 - 00021895 _____ C:\Users\Usuario\Downloads\FRST.txt
2016-07-14 16:28 - 2016-07-14 16:29 - 00000000 ____D C:\FRST
2016-07-14 16:28 - 2016-07-14 16:28 - 02390528 _____ (Farbar) C:\Users\Usuario\Downloads\FRST64.exe
2016-07-14 15:57 - 2016-07-14 15:57 - 00313366 _____ C:\Users\Usuario\Downloads\WindowsUpdateDiagnostic.diagcab
2016-07-14 15:57 - 2016-07-14 15:57 - 00000000 ____D C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
2016-07-14 15:54 - 2016-07-14 15:54 - 01034556 _____ C:\Users\Usuario\Downloads\Windows6.1-KB2999226-x64.msu
2016-07-14 15:45 - 2016-07-14 15:46 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-07-14 15:45 - 2016-07-14 15:45 - 00001939 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-07-14 15:45 - 2016-07-14 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-07-14 15:40 - 2016-07-14 15:40 - 17837152 _____ C:\Users\Usuario\Downloads\pcsx21-4-0.exe
2016-07-09 23:40 - 2016-07-09 23:41 - 17837152 _____ C:\Users\Usuario\Downloads\pcsx2-1.4.0-setup.exe
2016-07-09 01:32 - 2016-07-09 01:32 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\Battle.net
2016-07-08 22:58 - 2014-12-11 03:26 - 00006347 _____ C:\Users\Usuario\Downloads\FF13U3.bat
2016-07-08 22:58 - 2014-12-10 23:29 - 00000000 ____D C:\Users\Usuario\Downloads\white_data
2016-07-08 22:58 - 2014-12-10 23:19 - 01693184 _____ (SQUARE ENIX) C:\Users\Usuario\Downloads\Launcher.exe
2016-07-08 22:58 - 2014-12-10 23:19 - 00007680 _____ C:\Users\Usuario\Downloads\FFXiiiSteam.dll
2016-07-08 22:58 - 2014-12-10 23:19 - 00000408 _____ C:\Users\Usuario\Downloads\setup.xml
2016-07-08 22:58 - 2014-11-11 11:56 - 00707584 _____ (Valve Corporation) C:\Users\Usuario\Downloads\steam_api.dll
2016-07-08 22:58 - 2014-10-11 07:24 - 00222525 _____ C:\Users\Usuario\Downloads\Launcher-Windowed.exe
2016-07-08 22:58 - 2014-10-11 05:08 - 00000340 _____ C:\Users\Usuario\Downloads\ALI213.ini
2016-07-08 22:58 - 2013-11-06 09:28 - 00000732 _____ C:\Users\Usuario\Downloads\visit-www.nosteam.ro.html
2016-07-08 18:23 - 2016-07-08 22:55 - 1207757916 _____ C:\Users\Usuario\Downloads\FinalFantasy13_patch-3-FIX.exe
2016-07-08 18:10 - 2016-07-08 18:12 - 06426028 _____ C:\Users\Usuario\Downloads\Não confirmado 968379.crdownload
2016-07-07 11:57 - 2016-07-07 11:57 - 00001682 _____ C:\Users\Usuario\Desktop\Play FINAL FANTASY XIII.lnk
2016-07-07 11:33 - 2016-07-07 11:57 - 00000000 ____D C:\Games
2016-07-05 23:24 - 2016-07-14 16:28 - 00000000 ____D C:\Users\Usuario\BrawlhallaReplays
2016-07-05 23:14 - 2016-07-05 23:14 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\BrawlhallaAir
2016-07-05 23:00 - 2016-07-05 23:00 - 00000222 _____ C:\Users\Usuario\Desktop\Brawlhalla.url
2016-07-04 16:19 - 2016-07-04 16:27 - 53662987 _____ C:\Users\Usuario\Downloads\FinalFantas13.exe
2016-07-03 20:44 - 2016-07-03 20:44 - 00000002 _____ C:\END
2016-07-03 20:42 - 2016-07-03 20:42 - 01028976 _____ (Overwolf Ltd.) C:\Users\Usuario\Downloads\Replay HUD-OverwolfInstaller.exe
2016-07-03 20:42 - 2016-07-03 20:42 - 01028928 _____ (Overwolf Ltd.) C:\Users\Usuario\Downloads\OverwolfInstaller.exe
2016-06-30 17:02 - 2016-06-30 17:08 - 182962131 _____ C:\Users\Usuario\Downloads\PRO64_95_2.zip
2016-06-30 15:25 - 2016-06-30 15:25 - 00740352 _____ C:\Users\Usuario\Downloads\AtualizacaoFlash_Plyer16.4.103.1.exe
2016-06-28 15:21 - 2016-06-28 15:21 - 00007757 _____ C:\Users\Usuario\Downloads\Arduino-Nano.odt
2016-06-28 14:58 - 2016-06-28 14:59 - 07286648 _____ C:\Users\Usuario\Downloads\Arduino-Nano.pptx
2016-06-26 21:01 - 2016-06-26 21:01 - 00009692 _____ C:\Users\Usuario\Downloads\Notas Primeiro Semestre 3.3n.xlt.xlsx
2016-06-26 20:27 - 2016-06-26 20:27 - 00009801 _____ C:\Users\Usuario\Downloads\Notas Primeiro Semestre 3.2N.xlsx
2016-06-26 19:32 - 2016-06-26 19:32 - 03514728 _____ C:\Users\Usuario\Downloads\IDEOLOGIA.pdf
2016-06-21 21:06 - 2016-06-21 21:06 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\WizardWars
2016-06-19 19:42 - 2016-06-19 19:42 - 00002089 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PXG Client.lnk
2016-06-16 15:43 - 2016-06-16 15:43 - 00862488 _____ C:\Users\Usuario\Downloads\TUBOS.ppsx
2016-06-16 15:42 - 2016-06-16 15:42 - 00775525 _____ C:\Users\Usuario\Downloads\longos.ppsx
2016-06-16 15:37 - 2016-06-16 15:37 - 00435310 _____ C:\Users\Usuario\Downloads\wesllei.pdf
2016-06-12 12:58 - 2016-06-12 12:58 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\IsolatedStorage
2016-06-12 12:58 - 2016-06-12 12:58 - 00000000 ____D C:\Users\Usuario\AppData\Local\FileViewPro
2016-06-12 12:58 - 2016-06-12 12:58 - 00000000 ____D C:\Users\Todos os Usuários\IsolatedStorage
2016-06-12 12:58 - 2016-06-12 12:58 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-06-12 12:57 - 2016-06-12 12:57 - 02173104 _____ C:\Users\Usuario\Downloads\Setup_FileViewPro_2016.exe
2016-06-06 18:21 - 2016-06-06 18:21 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\.mono
2016-06-06 18:21 - 2016-06-06 18:21 - 00000000 ____D C:\Users\Todos os Usuários\.mono
2016-06-06 18:21 - 2016-06-06 18:21 - 00000000 ____D C:\ProgramData\.mono
2016-06-06 02:36 - 2016-06-06 02:36 - 03204592 _____ (Blizzard Entertainment) C:\Users\Usuario\Downloads\Hearthstone-Setup.exe
2016-06-04 23:04 - 2016-06-04 23:05 - 04038173 _____ C:\Users\Usuario\Downloads\Fenrir the Frost Wolf-32813-1-4.rar
2016-06-04 23:03 - 2016-06-04 23:03 - 00085205 _____ C:\Users\Usuario\Downloads\Bat Travel-21689-2-2.zip
2016-06-03 15:09 - 2016-06-03 15:28 - 17358848 _____ C:\Users\Usuario\Downloads\pxgnew.exe
2016-05-29 23:25 - 2016-05-29 23:25 - 00025003 _____ C:\Users\Usuario\Downloads\Immersive Spells v1_0 ALL DLC-39759-1-0.7z
2016-05-29 00:04 - 2016-05-29 02:11 - 379800163 _____ C:\Users\Usuario\Downloads\ApachiiSkyHairFemale_v_1_5-10168-1-5.7z
2016-05-28 21:29 - 2016-05-28 21:30 - 01346875 _____ C:\Users\Usuario\Downloads\SkyUI_5_1-3863-5-1.7z
2016-05-28 21:16 - 2016-05-28 21:16 - 01424328 _____ (Microsoft Corporation) C:\Users\Usuario\Downloads\NDP461-KB3102438-Web (2).exe
2016-05-28 21:15 - 2016-05-28 21:15 - 01424328 _____ (Microsoft Corporation) C:\Users\Usuario\Downloads\NDP461-KB3102438-Web.exe
2016-05-28 21:15 - 2016-05-28 21:15 - 01424328 _____ (Microsoft Corporation) C:\Users\Usuario\Downloads\NDP461-KB3102438-Web (1).exe
2016-05-28 21:14 - 2016-05-28 21:14 - 00002493 _____ C:\Users\Usuario\Desktop\Skyrim (SKSE).lnk
2016-05-28 21:13 - 2016-05-28 21:14 - 06359496 _____ (Black Tree Gaming ) C:\Users\Usuario\Downloads\Nexus Mod Manager-0.61.23.exe
2016-05-28 21:13 - 2016-05-28 21:14 - 00362812 _____ C:\Users\Usuario\Downloads\skse_1_07_03_installer.exe
2016-05-28 19:39 - 2016-05-28 19:39 - 00000000 ____D C:\Users\Usuario\AppData\Local\Skyrim
2016-05-28 19:34 - 2016-05-28 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2016-05-28 18:55 - 2016-05-28 18:55 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2016-05-28 05:28 - 2016-05-28 05:28 - 00123138 _____ C:\Users\Usuario\Downloads\the.elder.scrolls.v.skyrim.legendary.edition.multi8.prophet.torrent
2016-05-26 18:52 - 2016-05-26 18:52 - 00047521 _____ C:\Users\Usuario\Downloads\kingdoms-of-amalur-reckoning-collection-multi5pcdvdprophet.torrent
2016-05-09 15:33 - 2016-05-09 15:33 - 00000000 ____D C:\Users\Usuario\AppData\LocalLow\SKS
2016-05-09 14:35 - 2016-05-09 14:35 - 00301512 _____ C:\Users\Usuario\Downloads\The.Forest.Steamworks.Fix.V5-RVTFiX (2).rar
2016-05-09 13:54 - 2016-05-09 13:54 - 00301512 _____ C:\Users\Usuario\Downloads\The.Forest.Steamworks.Fix.V5-RVTFiX (1).rar
2016-05-09 13:51 - 2016-05-09 13:51 - 00301512 _____ C:\Users\Usuario\Downloads\The.Forest.Steamworks.Fix.V5-RVTFiX.rar
2016-04-30 23:30 - 2016-04-30 23:31 - 05648516 _____ C:\Users\Usuario\Downloads\AMR_SR_FIX.rar
2016-04-30 23:24 - 2016-04-30 23:27 - 07360963 _____ C:\Users\Usuario\Downloads\Alice._Madness._Returns_crack.zip
2016-04-30 22:44 - 2016-04-30 22:44 - 00001966 _____ C:\Users\Public\Desktop\Alice Madness Returns - The Complete Collection.lnk
2016-04-27 14:22 - 2016-04-27 14:22 - 00012117 _____ C:\Users\Usuario\Downloads\site1.zip
2016-04-27 14:08 - 2016-04-27 14:08 - 00011861 _____ C:\Users\Usuario\Downloads\site.rar
2016-04-27 14:07 - 2016-04-27 14:07 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\Brackets
2016-04-27 14:03 - 2016-04-27 14:05 - 40275968 _____ C:\Users\Usuario\Downloads\Brackets.1.6.Extract.msi
2016-04-26 21:54 - 2016-04-26 21:54 - 00423334 _____ C:\Users\Usuario\Downloads\andressa_abril_2016 - atualizado.pdf
2016-04-26 15:12 - 2016-04-26 15:12 - 00128279 _____ C:\Users\Usuario\Downloads\2Cheat Eternal v3.3.rar
2016-04-26 15:12 - 2016-04-26 15:12 - 00043520 _____ C:\Users\Usuario\AppData\Roaming\C8N4WQWY.dll
2016-04-23 17:08 - 2016-04-23 17:08 - 00124611 _____ C:\Users\Usuario\Downloads\2Cheat Eternal v3.2.rar
2016-04-23 17:04 - 2016-04-23 17:04 - 01025517 _____ C:\Users\Usuario\Downloads\2Cheat Eternal v2.5.rar
2016-04-23 17:02 - 2016-04-23 17:03 - 07186992 _____ (Microsoft Corporation) C:\Users\Usuario\Downloads\vcredist_x64.exe
2016-04-23 15:23 - 2016-06-05 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-04-23 15:09 - 2016-06-05 00:07 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-04-23 00:58 - 2016-04-23 00:58 - 00020708 _____ C:\Users\Usuario\Downloads\Alice.Madness.Returns.The.Complete.Collection-PROPHET.torrent
2016-04-22 15:43 - 2016-05-08 14:03 - 00074752 _____ () C:\SiKernel.dll
2016-04-22 15:43 - 2016-05-08 14:03 - 00028672 _____ () C:\SiInterpreteour.dll
2016-04-22 15:43 - 2016-04-22 15:43 - 01600000 _____ C:\L32ch.dll
2016-04-22 15:43 - 2016-04-22 15:43 - 00054784 _____ C:\LBridge.dll
2016-04-22 00:36 - 2016-04-22 04:03 - 3830721419 _____ C:\Users\Usuario\Downloads\setup_v07042016 (1).rar
2016-04-21 16:53 - 2016-04-21 17:41 - 137163212 _____ C:\Users\Usuario\Downloads\setup_v07042016.rar
2016-04-21 14:01 - 2016-04-21 14:02 - 08818688 _____ C:\Users\Usuario\Downloads\hamachi (2).msi

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-14 16:27 - 2013-01-08 14:05 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\Skype
2016-07-14 16:14 - 2014-07-01 14:13 - 00000300 _____ C:\Windows\Tasks\AppCloudUpdater.job
2016-07-14 16:04 - 2013-01-08 09:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-14 15:47 - 2013-01-08 09:50 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-14 15:46 - 2013-04-01 20:29 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-07-14 14:49 - 2013-02-28 17:21 - 00000392 _____ C:\Windows\Tasks\update-sys.job
2016-07-14 14:18 - 2013-11-01 17:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-14 14:16 - 2015-04-15 13:53 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\Spotify
2016-07-14 14:11 - 2015-04-15 13:55 - 00000000 ____D C:\Users\Usuario\AppData\Local\Spotify
2016-07-14 14:04 - 2013-01-08 09:52 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-14 13:49 - 2013-01-08 18:35 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2016-07-14 13:49 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\tracing
2016-07-14 13:48 - 2014-06-28 11:44 - 00000352 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-07-14 13:46 - 2013-09-29 14:56 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-14 13:46 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-13 21:29 - 2013-02-28 17:21 - 00000392 _____ C:\Windows\Tasks\update-S-1-5-21-411221051-3532416726-1368279612-1000.job
2016-07-13 17:56 - 2014-04-02 15:27 - 00000000 ____D C:\Rick
2016-07-10 00:33 - 2009-07-14 01:45 - 00040176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-10 00:33 - 2009-07-14 01:45 - 00040176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-09 23:46 - 2013-04-01 20:13 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-07-09 23:43 - 2016-01-29 10:42 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-09 23:43 - 2016-01-29 10:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-09 01:40 - 2014-06-04 07:12 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-09 01:39 - 2013-01-08 08:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-09 01:38 - 2013-01-08 18:38 - 00000000 ____D C:\Users\Usuario\AppData\Roaming\Mozilla
2016-07-09 01:37 - 2014-03-29 23:08 - 00000000 ____D C:\Users\Todos os Usuários\Hi-Rez Studios
2016-07-09 01:37 - 2014-03-29 23:08 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-07-09 01:24 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-09 01:24 - 2009-07-13 23:34 - 00000838 _____ C:\Windows\win.ini
2016-07-08 22:59 - 2015-05-18 15:06 - 00000000 ____D C:\Users\Usuario\AppData\Local\SKIDROW
2016-07-05 23:24 - 2013-01-08 08:39 - 00000000 ____D C:\Users\Usuario
2016-06-30 15:24 - 2013-12-18 23:14 - 00000262 _____ C:\Users\Usuario\AppData\Roaming\WB.CFG
2016-06-20 15:24 - 2013-04-23 16:57 - 00000000 ____D C:\Guto
2016-06-19 19:42 - 2014-11-02 16:19 - 00002103 _____ C:\Users\Usuario\Desktop\PXG Client.lnk
2016-06-19 15:05 - 2009-07-29 13:08 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-06-19 15:05 - 2009-07-29 13:08 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-06-19 15:05 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Arquivos na raiz de alguns diretórios =======

2013-01-25 19:04 - 2013-01-25 20:06 - 26209639 _____ () C:\Users\Usuario\AppData\Roaming\.minecraft.rar
2016-04-26 15:12 - 2016-04-26 15:12 - 0043520 _____ () C:\Users\Usuario\AppData\Roaming\C8N4WQWY.dll
2013-06-15 16:47 - 2013-06-15 16:47 - 0000132 _____ () C:\Users\Usuario\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2013-12-18 23:14 - 2016-06-30 15:24 - 0000262 _____ () C:\Users\Usuario\AppData\Roaming\WB.CFG
2013-11-19 12:46 - 2014-07-01 16:07 - 0005632 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-14 15:41 - 2014-12-14 15:41 - 9015204 _____ () C:\Users\Usuario\AppData\Local\package.nw.new
2013-02-28 17:21 - 2013-02-28 17:21 - 0000003 _____ () C:\Users\Usuario\AppData\Local\updater.log
2013-02-28 17:21 - 2015-10-02 13:04 - 0000424 _____ () C:\Users\Usuario\AppData\Local\UserProducts.xml
2013-11-22 08:40 - 2013-11-22 08:40 - 0170344 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
2013-01-13 20:01 - 2014-09-07 12:55 - 0004121 _____ () C:\ProgramData\hpzinstall.log

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\FileSplitUpLoad.dll


Alguns arquivos em TEMP:
====================
C:\Users\Usuario\AppData\Local\Temp\13daf2c06d5b9e95e2e333b398e8b7ee.dll
C:\Users\Usuario\AppData\Local\Temp\2676071def0b11867551d5d03dcee0cc.dll
C:\Users\Usuario\AppData\Local\Temp\31d6e07d87ca5eaf6b2447c07a6c1365.dll
C:\Users\Usuario\AppData\Local\Temp\466cf9b9039d8073e44a3f1b0669574c.dll
C:\Users\Usuario\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Usuario\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Usuario\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe
C:\Users\Usuario\AppData\Local\Temp\bdfilters.dll
C:\Users\Usuario\AppData\Local\Temp\bedeccjddg.exe
C:\Users\Usuario\AppData\Local\Temp\binkw32.dll
C:\Users\Usuario\AppData\Local\Temp\bitool.dll
C:\Users\Usuario\AppData\Local\Temp\borlndlm.dll
C:\Users\Usuario\AppData\Local\Temp\d2l_Install.exe
C:\Users\Usuario\AppData\Local\Temp\DeltaTB.exe
C:\Users\Usuario\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Usuario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptnjow_.dll
C:\Users\Usuario\AppData\Local\Temp\GURD133.exe
C:\Users\Usuario\AppData\Local\Temp\hcuninstaller_20130630_155009_2320.exe
C:\Users\Usuario\AppData\Local\Temp\hcuninstaller_20140511_000220_2408.exe
C:\Users\Usuario\AppData\Local\Temp\i4jdel0.exe
C:\Users\Usuario\AppData\Local\Temp\i4jdel1.exe
C:\Users\Usuario\AppData\Local\Temp\ICReinstall_CR_Downloader_para_castlevania---symphony-of-the-night.exe
C:\Users\Usuario\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Usuario\AppData\Local\Temp\NGM.exe
C:\Users\Usuario\AppData\Local\Temp\NGMDll.dll
C:\Users\Usuario\AppData\Local\Temp\NGMResource.dll
C:\Users\Usuario\AppData\Local\Temp\NGMSetup.exe
C:\Users\Usuario\AppData\Local\Temp\Protect4a647d98.dll
C:\Users\Usuario\AppData\Local\Temp\Setup(1).exe
C:\Users\Usuario\AppData\Local\Temp\Setup_lightshot-5.1.4.15.exe
C:\Users\Usuario\AppData\Local\Temp\Setup_lightshot-5.2.0.8.exe
C:\Users\Usuario\AppData\Local\Temp\SIntf16.dll
C:\Users\Usuario\AppData\Local\Temp\SIntf32.dll
C:\Users\Usuario\AppData\Local\Temp\SIntfNT.dll
C:\Users\Usuario\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Usuario\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Usuario\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Usuario\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Usuario\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Usuario\AppData\Local\Temp\tbedrs.dll
C:\Users\Usuario\AppData\Local\Temp\tbuTo0.dll
C:\Users\Usuario\AppData\Local\Temp\Tsu87F3F514.dll
C:\Users\Usuario\AppData\Local\Temp\TsuBF66C9F2.dll
C:\Users\Usuario\AppData\Local\Temp\unicows.dll
C:\Users\Usuario\AppData\Local\Temp\uninst1.exe
C:\Users\Usuario\AppData\Local\Temp\Uninstall.exe
C:\Users\Usuario\AppData\Local\Temp\utils.dll
C:\Users\Usuario\AppData\Local\Temp\_is2EF4.exe
C:\Users\Usuario\AppData\Local\Temp\_is9371.exe
C:\Users\Usuario\AppData\Local\Temp\_isA9A6.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:38] - [2015-11-08 14:38] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2009-07-13 20:24] - [2015-11-08 14:38] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-07 01:01

==================== Fim de FRST.txt ============================